merge back changes from 1.2.2

pom.xml

@@ -142,6 +142,35 @@
   </reporting>
 
   <profiles>
+    <profile>
+      <id>copy-jar</id>
+      <activation>
+        <property>
+            <name>copyTo</name>
+        </property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>maven-antrun-plugin</artifactId>
+            <executions>
+              <execution>
+                <phase>install</phase>
+                <goals>
+                  <goal>run</goal>
+                </goals>
+                <configuration>
+                  <tasks>
+                    <copy file="${build.directory}/${build.finalName}.${project.packaging}" todir="${copyTo}" />
+                  </tasks>
+                </configuration>
+              </execution>
+            </executions>
+          </plugin>        
+        </plugins>
+      </build>
+    </profile>
+
     <profile>
       <id>release-sign-artifacts</id>
       <activation>

signpost-commonshttp4/pom.xml

@@ -12,7 +12,7 @@
     <dependency>
       <groupId>oauth.signpost</groupId>
       <artifactId>signpost-core</artifactId>
-      <version>1.2.1.1</version>
+      <version>${project.version}</version>
       <scope>compile</scope>
     </dependency>
     <dependency>
@@ -30,10 +30,18 @@
     <dependency>
       <groupId>oauth.signpost</groupId>
       <artifactId>signpost-core</artifactId>
-      <version>1.2.1.1</version>
+      <version>${project.version}</version>
       <type>test-jar</type>
       <scope>test</scope>
     </dependency>    
   </dependencies>
 
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-antrun-plugin</artifactId>
+      </plugin>    
+    </plugins>
+  </build>
+
 </project>

signpost-core/pom.xml

@@ -18,4 +18,11 @@
     </dependency>
   </dependencies>
 
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-antrun-plugin</artifactId>
+      </plugin>    
+    </plugins>
+  </build>
 </project>

signpost-core/src/main/java/oauth/signpost/AbstractOAuthProvider.java

@@ -57,16 +57,21 @@ public AbstractOAuthProvider(String requestTokenEndpointUrl, String accessTokenE
         this.defaultHeaders = new HashMap<String, String>();
     }
 
-    public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException {
+    public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException {
 
         // invalidate current credentials, if any
         consumer.setTokenWithSecret(null, null);
 
         // 1.0a expects the callback to be sent while getting the request token.
         // 1.0 service providers would simply ignore this parameter.
-        retrieveToken(consumer, requestTokenEndpointUrl, OAuth.OAUTH_CALLBACK, callbackUrl);
+        HttpParameters params = new HttpParameters();
+        params.putAll(customOAuthParams, true);
+        params.put(OAuth.OAUTH_CALLBACK, callbackUrl, true);
+
+        retrieveToken(consumer, requestTokenEndpointUrl, params);
 
         String callbackConfirmed = responseParameters.getFirst(OAuth.OAUTH_CALLBACK_CONFIRMED);
         responseParameters.remove(OAuth.OAUTH_CALLBACK_CONFIRMED);
@@ -83,21 +88,24 @@ public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
         }
     }
 
-    public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException {
+    public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException {
 
         if (consumer.getToken() == null || consumer.getTokenSecret() == null) {
             throw new OAuthExpectationFailedException(
                     "Authorized request token or token secret not set. "
                             + "Did you retrieve an authorized request token before?");
         }
 
+        HttpParameters params = new HttpParameters();
+        params.putAll(customOAuthParams, true);
+
         if (isOAuth10a && oauthVerifier != null) {
-            retrieveToken(consumer, accessTokenEndpointUrl, OAuth.OAUTH_VERIFIER, oauthVerifier);
-        } else {
-            retrieveToken(consumer, accessTokenEndpointUrl);
+            params.put(OAuth.OAUTH_VERIFIER, oauthVerifier, true);
         }
+        retrieveToken(consumer, accessTokenEndpointUrl, params);
     }
 
     /**
@@ -125,12 +133,10 @@ public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
      * @param endpointUrl
      *        the URL at which the service provider serves the OAuth token that
      *        is to be fetched
-     * @param additionalParameters
-     *        you can pass parameters here (typically OAuth parameters such as
-     *        oauth_callback or oauth_verifier) which will go directly into the
-     *        signer, i.e. you don't have to put them into the request first,
-     *        just so the consumer pull them out again. Pass them sequentially
-     *        in key/value order.
+     * @param customOAuthParams
+     *        you can pass custom OAuth parameters here (such as oauth_callback
+     *        or oauth_verifier) which will go directly into the signer, i.e.
+     *        you don't have to put them into the request first.
      * @throws OAuthMessageSignerException
      *         if signing the token request fails
      * @throws OAuthCommunicationException
@@ -142,7 +148,7 @@ public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
      *         reply in the expected format
      */
     protected void retrieveToken(OAuthConsumer consumer, String endpointUrl,
-            String... additionalParameters) throws OAuthMessageSignerException,
+            HttpParameters customOAuthParams) throws OAuthMessageSignerException,
             OAuthCommunicationException, OAuthNotAuthorizedException,
             OAuthExpectationFailedException {
         Map<String, String> defaultHeaders = getRequestHeaders();
@@ -158,10 +164,8 @@ protected void retrieveToken(OAuthConsumer consumer, String endpointUrl,
             for (String header : defaultHeaders.keySet()) {
                 request.setHeader(header, defaultHeaders.get(header));
             }
-            if (additionalParameters != null) {
-                HttpParameters httpParams = new HttpParameters();
-                httpParams.putAll(additionalParameters, true);
-                consumer.setAdditionalParameters(httpParams);
+            if (customOAuthParams != null && !customOAuthParams.isEmpty()) {
+                consumer.setAdditionalParameters(customOAuthParams);
             }
 
             if (this.listener != null) {

signpost-core/src/main/java/oauth/signpost/OAuth.java

@@ -238,6 +238,13 @@ public static String addQueryParameters(String url, Map<String, String> params)
         return addQueryParameters(url, kvPairs);
     }
 
+    public static String addQueryString(String url, String queryString) {
+        String queryDelim = url.contains("?") ? "&" : "?";
+        StringBuilder sb = new StringBuilder(url + queryDelim);
+        sb.append(queryString);
+        return sb.toString();
+    }
+
     /**
      * Builds an OAuth header from the given list of header fields. All
      * parameters starting in 'oauth_*' will be percent encoded.
@@ -249,7 +256,7 @@ public static String addQueryParameters(String url, Map<String, String> params)
      * which yields:
      * 
      * <pre>
-     * OAuth realm="http://example.com", oauth_token="x%25y"
+     * OAuth realm=&quot;http://example.com&quot;, oauth_token=&quot;x%25y&quot;
      * </pre>
      * 
      * @param kvPairs
@@ -263,8 +270,9 @@ public static String prepareOAuthHeader(String... kvPairs) {
             if (i > 0) {
                 sb.append(", ");
             }
-            String value = kvPairs[i].startsWith("oauth_") ? OAuth
-                .percentEncode(kvPairs[i + 1]) : kvPairs[i + 1];
+            boolean isOAuthElem = kvPairs[i].startsWith("oauth_")
+                    || kvPairs[i].startsWith("x_oauth_");
+            String value = isOAuthElem ? OAuth.percentEncode(kvPairs[i + 1]) : kvPairs[i + 1];
             sb.append(OAuth.percentEncode(kvPairs[i]) + "=\"" + value + "\"");
         }
         return sb.toString();

signpost-core/src/main/java/oauth/signpost/OAuthConsumer.java

@@ -73,9 +73,11 @@ public interface OAuthConsumer extends Serializable {
      * oauth_callback or oauth_verifier) which will go directly into the signer,
      * i.e. you don't have to put them into the request first. The consumer's
      * {@link SigningStrategy} will then take care of writing them to the
-     * correct part of the request before it is sent. Note that these parameters
-     * are expected to already be percent encoded -- they will be simply merged
-     * as-is.
+     * correct part of the request before it is sent. This is useful if you want
+     * to pre-set custom OAuth parameters. Note that these parameters are
+     * expected to already be percent encoded -- they will be simply merged
+     * as-is. <b>BE CAREFUL WITH THIS METHOD! Your service provider may decide
+     * to ignore any non-standard OAuth params when computing the signature.</b>
      * 
      * @param additionalParameters
      *        the parameters

signpost-core/src/main/java/oauth/signpost/OAuthProvider.java

@@ -107,6 +107,11 @@ public interface OAuthProvider extends Serializable {
      *        will fail authorization if you pass a callback URL but register
      *        your application as a desktop app (which would only be able to
      *        handle OOB requests).
+     * @param customOAuthParams
+     *        you can pass custom OAuth parameters here which will go directly
+     *        into the signer, i.e. you don't have to put them into the request
+     *        first. This is useful for pre-setting OAuth params for signing.
+     *        Pass them sequentially in key/value order.
      * @return The URL to which the user must be sent in order to authorize the
      *         consumer. It includes the unauthorized request token (and in the
      *         case of OAuth 1.0, the callback URL -- 1.0a clients send along
@@ -121,9 +126,10 @@ public interface OAuthProvider extends Serializable {
      * @throws OAuthCommunicationException
      *         if server communication failed
      */
-    public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException;
+    public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException;
 
     /**
      * Queries the service provider for an access token.
@@ -148,6 +154,11 @@ public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
      *        {@link OAuth.OUT_OF_BAND}, then you must ask the user for this
      *        value. If your app has received a callback, the verfication code
      *        was passed as part of that request instead.
+     * @param customOAuthParams
+     *        you can pass custom OAuth parameters here which will go directly
+     *        into the signer, i.e. you don't have to put them into the request
+     *        first. This is useful for pre-setting OAuth params for signing.
+     *        Pass them sequentially in key/value order.
      * @throws OAuthMessageSignerException
      *         if signing the request failed
      * @throws OAuthNotAuthorizedException
@@ -158,9 +169,10 @@ public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
      * @throws OAuthCommunicationException
      *         if server communication failed
      */
-    public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException;
+    public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException;
 
     /**
      * Any additional non-OAuth parameters returned in the response body of a

signpost-core/src/main/java/oauth/signpost/http/HttpParameters.java

@@ -286,7 +286,20 @@ public Collection<SortedSet<String>> values() {
         return wrappedMap.values();
     }
 
-    public Set<java.util.Map.Entry<String, SortedSet<String>>> entrySet() {
+    public Set<Entry<String, SortedSet<String>>> entrySet() {
         return wrappedMap.entrySet();
     }
+
+    public HttpParameters getOAuthParameters() {
+        HttpParameters oauthParams = new HttpParameters();
+
+        for (Entry<String, SortedSet<String>> param : this.entrySet()) {
+            String key = param.getKey();
+            if (key.startsWith("oauth_") || key.startsWith("x_oauth_")) {
+                oauthParams.put(key, param.getValue());
+            }
+        }
+
+        return oauthParams;
+    }
 }

signpost-core/src/main/java/oauth/signpost/signature/AuthorizationHeaderSigningStrategy.java

@@ -1,5 +1,7 @@
 package oauth.signpost.signature;
 
+import java.util.Iterator;
+
 import oauth.signpost.OAuth;
 import oauth.signpost.http.HttpParameters;
 import oauth.signpost.http.HttpRequest;
@@ -18,33 +20,25 @@ public String writeSignature(String signature, HttpRequest request,
         StringBuilder sb = new StringBuilder();
 
         sb.append("OAuth ");
+
+        // add the realm parameter, if any
         if (requestParameters.containsKey("realm")) {
             sb.append(requestParameters.getAsHeaderElement("realm"));
             sb.append(", ");
         }
-        if (requestParameters.containsKey(OAuth.OAUTH_TOKEN)) {
-            sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_TOKEN));
-            sb.append(", ");
-        }
-        if (requestParameters.containsKey(OAuth.OAUTH_CALLBACK)) {
-            sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_CALLBACK));
-            sb.append(", ");
-        }
-        if (requestParameters.containsKey(OAuth.OAUTH_VERIFIER)) {
-            sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_VERIFIER));
-            sb.append(", ");
+
+        // add all (x_)oauth parameters
+        HttpParameters oauthParams = requestParameters.getOAuthParameters();
+        oauthParams.put(OAuth.OAUTH_SIGNATURE, signature, true);
+
+        Iterator<String> iter = oauthParams.keySet().iterator();
+        while (iter.hasNext()) {
+            String key = iter.next();
+            sb.append(oauthParams.getAsHeaderElement(key));
+            if (iter.hasNext()) {
+                sb.append(", ");
+            }
         }
-        sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_CONSUMER_KEY));
-        sb.append(", ");
-        sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_VERSION));
-        sb.append(", ");
-        sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_SIGNATURE_METHOD));
-        sb.append(", ");
-        sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_TIMESTAMP));
-        sb.append(", ");
-        sb.append(requestParameters.getAsHeaderElement(OAuth.OAUTH_NONCE));
-        sb.append(", ");
-        sb.append(OAuth.toHeaderElement(OAuth.OAUTH_SIGNATURE, signature));
 
         String header = sb.toString();
         request.setHeader(OAuth.HTTP_AUTHORIZATION_HEADER, header);