token request should follow redirects

technoweenie · Apr 17, 2011 · dd3ffdf · dd3ffdf
1 parent 32e733d
commit dd3ffdf
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/lib/oauth/consumer.rb b/lib/oauth/consumer.rb
@@ -212,7 +212,9 @@ def token_request(http_method, path, token = nil, request_options = {}, *argumen
         end
       when (300..399)
         # this is a redirect
-        response.error!
+        uri = URI.parse(response.header['location'])
+        response.error! if uri.path == path # careful of those infinite redirects
+        self.token_request(http_method, uri.path, token, request_options, arguments)
       when (400..499)
         raise OAuth::Unauthorized, response
       else

diff --git a/test/test_consumer.rb b/test/test_consumer.rb
@@ -101,6 +101,18 @@ def test_can_provided_a_block_to_interpret_token_response
     assert_equal 'secret', hash[:oauth_token_secret]
   end
 
+  def test_token_request_follows_redirect
+    redirect_url = @request_uri.clone
+    redirect_url.path = "/oauth/example/request_token_redirect.php"
+    stub_request(:get, /.*#{@request_uri.path}/).to_return(:status => 301, :headers => {'Location' => redirect_url.to_s})
+    stub_request(:get, /.*#{redirect_url.path}/).to_return(:body => "oauth_token=token&oauth_token_secret=secret")
+
+    hash = @consumer.token_request(:get, @request_uri.path) {{ :oauth_token => 'token', :oauth_token_secret => 'secret' }}
+
+    assert_equal 'token', hash[:oauth_token]
+    assert_equal 'secret', hash[:oauth_token_secret]
+  end
+
   def test_that_can_provide_a_block_to_interpret_a_request_token_response
     @consumer.expects(:request).returns(create_stub_http_response)