merge back changes from 1.2.1.2

.gitignore

@@ -1,4 +1,5 @@
 target
 /signpost-commonshttp3/.settings/
 /signpost-commonshttp4/.settings/
-/signpost-core/.settings/
+/signpost-core/.settings/
+.DS_Store

pom.xml

@@ -3,7 +3,7 @@
   <groupId>oauth.signpost</groupId>
   <artifactId>oauth-signpost</artifactId>
   <packaging>pom</packaging>
-  <version>1.2.1.1</version>
+  <version>1.2.1.2</version>
   <name>oauth-signpost</name>
   <description>
     A simple, light-weight, and modular OAuth client library for the
@@ -63,7 +63,7 @@
     <dependency>
       <groupId>org.mockito</groupId>
       <artifactId>mockito-core</artifactId>
-      <version>1.7</version>
+      <version>1.9.0</version>
       <scope>test</scope>
     </dependency>
   </dependencies>
@@ -145,6 +145,37 @@
   </reporting>
 
   <profiles>
+    <profile>
+      <id>copy-jar</id>
+      <activation>
+        <property>
+            <name>copyTo</name>
+        </property>
+      </activation>
+      <build>
+        <pluginManagement>
+          <plugins>
+            <plugin>
+              <artifactId>maven-antrun-plugin</artifactId>
+              <executions>
+                <execution>
+                  <phase>install</phase>
+                  <goals>
+                    <goal>run</goal>
+                  </goals>
+                  <configuration>
+                    <tasks>
+                      <copy file="${build.directory}/${build.finalName}.${project.packaging}" todir="${copyTo}" />
+                    </tasks>
+                  </configuration>
+                </execution>
+              </executions>
+            </plugin>        
+          </plugins>
+        </pluginManagement>
+      </build>
+    </profile>
+
     <profile>
       <id>release-sign-artifacts</id>
       <activation>

signpost-commonshttp4/pom.xml

@@ -2,7 +2,7 @@
   <parent>
     <artifactId>oauth-signpost</artifactId>
     <groupId>oauth.signpost</groupId>
-    <version>1.2.1.1</version>
+    <version>1.2.1.2</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
   <artifactId>signpost-commonshttp4</artifactId>
@@ -12,7 +12,7 @@
     <dependency>
       <groupId>oauth.signpost</groupId>
       <artifactId>signpost-core</artifactId>
-      <version>1.2.1.1</version>
+      <version>${project.version}</version>
       <scope>compile</scope>
     </dependency>
     <dependency>
@@ -30,10 +30,18 @@
     <dependency>
       <groupId>oauth.signpost</groupId>
       <artifactId>signpost-core</artifactId>
-      <version>1.2.1.1</version>
+      <version>${project.version}</version>
       <type>test-jar</type>
       <scope>test</scope>
     </dependency>    
   </dependencies>
 
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-antrun-plugin</artifactId>
+      </plugin>    
+    </plugins>
+  </build>
+
 </project>

signpost-commonshttp4/src/main/java/oauth/signpost/commonshttp/HttpRequestAdapter.java

@@ -16,7 +16,7 @@ public class HttpRequestAdapter implements oauth.signpost.http.HttpRequest {
 
     private HttpEntity entity;
 
-    public HttpRequestAdapter(HttpUriRequest request) {
+    public HttpRequestAdapter(org.apache.http.client.methods.HttpUriRequest request) {
         this.request = request;
         if (request instanceof HttpEntityEnclosingRequest) {
             entity = ((HttpEntityEnclosingRequest) request).getEntity();

signpost-commonshttp4/src/main/java/oauth/signpost/commonshttp/HttpResponseAdapter.java

@@ -3,9 +3,8 @@
 import java.io.IOException;
 import java.io.InputStream;
 
-import oauth.signpost.http.HttpResponse;
 
-public class HttpResponseAdapter implements HttpResponse {
+public class HttpResponseAdapter implements oauth.signpost.http.HttpResponse {
 
     private org.apache.http.HttpResponse response;
 

signpost-core/pom.xml

@@ -2,7 +2,7 @@
   <parent>
     <artifactId>oauth-signpost</artifactId>
     <groupId>oauth.signpost</groupId>
-    <version>1.2.1.1</version>
+    <version>1.2.1.2</version>
   </parent>
   <modelVersion>4.0.0</modelVersion>
   <artifactId>signpost-core</artifactId>
@@ -18,4 +18,11 @@
     </dependency>
   </dependencies>
 
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-antrun-plugin</artifactId>
+      </plugin>    
+    </plugins>
+  </build>
 </project>

signpost-core/src/main/java/oauth/signpost/AbstractOAuthConsumer.java

@@ -33,7 +33,7 @@
 /**
  * ABC for consumer implementations. If you're developing a custom consumer you
  * will probably inherit from this class to save you a lot of work.
- * 
+ *
  * @author Matthias Kaeppler
  */
 public abstract class AbstractOAuthConsumer implements OAuthConsumer {
@@ -54,8 +54,10 @@ public abstract class AbstractOAuthConsumer implements OAuthConsumer {
 
     // these are the params which will be passed to the message signer
     private HttpParameters requestParameters;
-
+    
     private boolean sendEmptyTokens;
+
+    final private Random random = new Random(System.nanoTime());
 
     public AbstractOAuthConsumer(String consumerKey, String consumerSecret) {
         this.consumerKey = consumerKey;
@@ -77,7 +79,7 @@ public void setAdditionalParameters(HttpParameters additionalParameters) {
         this.additionalParameters = additionalParameters;
     }
 
-    public HttpRequest sign(HttpRequest request) throws OAuthMessageSignerException,
+    public synchronized HttpRequest sign(HttpRequest request) throws OAuthMessageSignerException,
             OAuthExpectationFailedException, OAuthCommunicationException {
         if (consumerKey == null) {
             throw new OAuthExpectationFailedException("consumer key not set");
@@ -108,18 +110,17 @@ public HttpRequest sign(HttpRequest request) throws OAuthMessageSignerException,
         OAuth.debugOut("signature", signature);
 
         signingStrategy.writeSignature(signature, request, requestParameters);
-        OAuth.debugOut("Auth header", request.getHeader("Authorization"));
         OAuth.debugOut("Request URL", request.getRequestUrl());
 
         return request;
     }
 
-    public HttpRequest sign(Object request) throws OAuthMessageSignerException,
+    public synchronized HttpRequest sign(Object request) throws OAuthMessageSignerException,
             OAuthExpectationFailedException, OAuthCommunicationException {
         return sign(wrap(request));
     }
 
-    public String sign(String url) throws OAuthMessageSignerException,
+    public synchronized String sign(String url) throws OAuthMessageSignerException,
             OAuthExpectationFailedException, OAuthCommunicationException {
         HttpRequest request = new UrlStringRequestAdapter(url);
 
@@ -138,7 +139,7 @@ public String sign(String url) throws OAuthMessageSignerException,
     /**
      * Adapts the given request object to a Signpost {@link HttpRequest}. How
      * this is done depends on the consumer implementation.
-     * 
+     *
      * @param request
      *        the native HTTP request instance
      * @return the adapted request
@@ -178,7 +179,7 @@ public String getConsumerSecret() {
      * to generate different nonces or timestamps, override
      * {@link #generateNonce()} or {@link #generateTimestamp()} instead.
      * </p>
-     * 
+     *
      * @param out
      *        the request parameter which should be completed
      */
@@ -256,6 +257,6 @@ protected String generateTimestamp() {
     }
 
     protected String generateNonce() {
-        return Long.toString(new Random().nextLong());
+        return Long.toString(random.nextLong());
     }
 }

signpost-core/src/main/java/oauth/signpost/AbstractOAuthProvider.java

@@ -57,16 +57,21 @@ public AbstractOAuthProvider(String requestTokenEndpointUrl, String accessTokenE
         this.defaultHeaders = new HashMap<String, String>();
     }
 
-    public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException {
+    public synchronized String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException {
 
         // invalidate current credentials, if any
         consumer.setTokenWithSecret(null, null);
 
         // 1.0a expects the callback to be sent while getting the request token.
         // 1.0 service providers would simply ignore this parameter.
-        retrieveToken(consumer, requestTokenEndpointUrl, OAuth.OAUTH_CALLBACK, callbackUrl);
+        HttpParameters params = new HttpParameters();
+        params.putAll(customOAuthParams, true);
+        params.put(OAuth.OAUTH_CALLBACK, callbackUrl, true);
+
+        retrieveToken(consumer, requestTokenEndpointUrl, params);
 
         String callbackConfirmed = responseParameters.getFirst(OAuth.OAUTH_CALLBACK_CONFIRMED);
         responseParameters.remove(OAuth.OAUTH_CALLBACK_CONFIRMED);
@@ -83,21 +88,24 @@ public String retrieveRequestToken(OAuthConsumer consumer, String callbackUrl)
         }
     }
 
-    public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
-            throws OAuthMessageSignerException, OAuthNotAuthorizedException,
-            OAuthExpectationFailedException, OAuthCommunicationException {
+    public synchronized void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier,
+            String... customOAuthParams) throws OAuthMessageSignerException,
+            OAuthNotAuthorizedException, OAuthExpectationFailedException,
+            OAuthCommunicationException {
 
         if (consumer.getToken() == null || consumer.getTokenSecret() == null) {
             throw new OAuthExpectationFailedException(
                     "Authorized request token or token secret not set. "
                             + "Did you retrieve an authorized request token before?");
         }
 
+        HttpParameters params = new HttpParameters();
+        params.putAll(customOAuthParams, true);
+
         if (isOAuth10a && oauthVerifier != null) {
-            retrieveToken(consumer, accessTokenEndpointUrl, OAuth.OAUTH_VERIFIER, oauthVerifier);
-        } else {
-            retrieveToken(consumer, accessTokenEndpointUrl);
+            params.put(OAuth.OAUTH_VERIFIER, oauthVerifier, true);
         }
+        retrieveToken(consumer, accessTokenEndpointUrl, params);
     }
 
     /**
@@ -125,12 +133,10 @@ public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
      * @param endpointUrl
      *        the URL at which the service provider serves the OAuth token that
      *        is to be fetched
-     * @param additionalParameters
-     *        you can pass parameters here (typically OAuth parameters such as
-     *        oauth_callback or oauth_verifier) which will go directly into the
-     *        signer, i.e. you don't have to put them into the request first,
-     *        just so the consumer pull them out again. Pass them sequentially
-     *        in key/value order.
+     * @param customOAuthParams
+     *        you can pass custom OAuth parameters here (such as oauth_callback
+     *        or oauth_verifier) which will go directly into the signer, i.e.
+     *        you don't have to put them into the request first.
      * @throws OAuthMessageSignerException
      *         if signing the token request fails
      * @throws OAuthCommunicationException
@@ -142,7 +148,7 @@ public void retrieveAccessToken(OAuthConsumer consumer, String oauthVerifier)
      *         reply in the expected format
      */
     protected void retrieveToken(OAuthConsumer consumer, String endpointUrl,
-            String... additionalParameters) throws OAuthMessageSignerException,
+            HttpParameters customOAuthParams) throws OAuthMessageSignerException,
             OAuthCommunicationException, OAuthNotAuthorizedException,
             OAuthExpectationFailedException {
         Map<String, String> defaultHeaders = getRequestHeaders();
@@ -158,18 +164,16 @@ protected void retrieveToken(OAuthConsumer consumer, String endpointUrl,
             for (String header : defaultHeaders.keySet()) {
                 request.setHeader(header, defaultHeaders.get(header));
             }
-            if (additionalParameters != null) {
-                HttpParameters httpParams = new HttpParameters();
-                httpParams.putAll(additionalParameters, true);
-                consumer.setAdditionalParameters(httpParams);
+            if (customOAuthParams != null && !customOAuthParams.isEmpty()) {
+                consumer.setAdditionalParameters(customOAuthParams);
             }
-
+            
             if (this.listener != null) {
                 this.listener.prepareRequest(request);
             }
 
             consumer.sign(request);
-
+            
             if (this.listener != null) {
                 this.listener.prepareSubmission(request);
             }

signpost-core/src/main/java/oauth/signpost/OAuth.java

@@ -238,6 +238,13 @@ public static String addQueryParameters(String url, Map<String, String> params)
         return addQueryParameters(url, kvPairs);
     }
 
+    public static String addQueryString(String url, String queryString) {
+        String queryDelim = url.contains("?") ? "&" : "?";
+        StringBuilder sb = new StringBuilder(url + queryDelim);
+        sb.append(queryString);
+        return sb.toString();
+    }
+
     /**
      * Builds an OAuth header from the given list of header fields. All
      * parameters starting in 'oauth_*' will be percent encoded.
@@ -249,7 +256,7 @@ public static String addQueryParameters(String url, Map<String, String> params)
      * which yields:
      * 
      * <pre>
-     * OAuth realm="http://example.com", oauth_token="x%25y"
+     * OAuth realm=&quot;http://example.com&quot;, oauth_token=&quot;x%25y&quot;
      * </pre>
      * 
      * @param kvPairs
@@ -263,8 +270,9 @@ public static String prepareOAuthHeader(String... kvPairs) {
             if (i > 0) {
                 sb.append(", ");
             }
-            String value = kvPairs[i].startsWith("oauth_") ? OAuth
-                .percentEncode(kvPairs[i + 1]) : kvPairs[i + 1];
+            boolean isOAuthElem = kvPairs[i].startsWith("oauth_")
+                    || kvPairs[i].startsWith("x_oauth_");
+            String value = isOAuthElem ? OAuth.percentEncode(kvPairs[i + 1]) : kvPairs[i + 1];
             sb.append(OAuth.percentEncode(kvPairs[i]) + "=\"" + value + "\"");
         }
         return sb.toString();

signpost-core/src/main/java/oauth/signpost/OAuthConsumer.java

@@ -73,9 +73,11 @@ public interface OAuthConsumer extends Serializable {
      * oauth_callback or oauth_verifier) which will go directly into the signer,
      * i.e. you don't have to put them into the request first. The consumer's
      * {@link SigningStrategy} will then take care of writing them to the
-     * correct part of the request before it is sent. Note that these parameters
-     * are expected to already be percent encoded -- they will be simply merged
-     * as-is.
+     * correct part of the request before it is sent. This is useful if you want
+     * to pre-set custom OAuth parameters. Note that these parameters are
+     * expected to already be percent encoded -- they will be simply merged
+     * as-is. <b>BE CAREFUL WITH THIS METHOD! Your service provider may decide
+     * to ignore any non-standard OAuth params when computing the signature.</b>
      * 
      * @param additionalParameters
      *        the parameters