Eric Bidelman's patches for the OAuth library.

Reviewed at http://codereview.chromium.org/651081.

TBR=ericbidelman
TEST=none
BUG=none

Review URL: http://codereview.chromium.org/661168

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@40102 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 52 insertions, 33 deletions

diff --git a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/README b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/README
index 840e200..9c0393b 100644
--- a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/README
+++ b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/README
@@ -42,8 +42,8 @@ either case, the callback will be called with the resulting token and secret.
       
 There is no need to store the token and secret, as this library already stores
 these values in localStorage.  Once the callback you specified is called, you
-can call the makeSignedRequest function to send OAuth-signed requests to the
-API.  The makeSignedRequest call takes an url to fetch, a callback function,
+can call the sendSignedRequest function to send OAuth-signed requests to the
+API.  The sendSignedRequest call takes an url to fetch, a callback function,
 and an optional parameter object as its arguments.  The callback is passed
 the response text as well as the XMLHttpRequest object which was used to 
 make the request as its arguments.
@@ -60,7 +60,7 @@ make the request as its arguments.
              <Any request parameters as key : value pairs>
           }
         }
-        oauth.makeSignedRequest(url, callback, request);
+        oauth.sendSignedRequest(url, callback, request);
       };
       oauth.authorize(onAuthorized);
       
diff --git a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauth.js b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauth.js
index d266644..94be89b 100644
--- a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauth.js
+++ b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauth.js
@@ -1,5 +1,5 @@
 /**
- * Copyright (c) 2009 The Chromium Authors. All rights reserved.  Use of this
+ * Copyright (c) 2010 The Chromium Authors. All rights reserved.  Use of this
  * source code is governed by a BSD-style license that can be found in the
  * LICENSE file.
  */
@@ -56,11 +56,14 @@ function ChromeExOAuth(url_request_token, url_auth_token, url_access_token,
 ChromeExOAuth.initBackgroundPage = function(oauth_config) {
   window.chromeExOAuthConfig = oauth_config;
   window.chromeExOAuth = ChromeExOAuth.fromConfig(oauth_config);
+  window.chromeExOAuthRedirectStarted = false;
 
   var url_match = chrome.extension.getURL(window.chromeExOAuth.callback_page);
   chrome.tabs.onUpdated.addListener(function(tabId, changeInfo, tab) {
     if (changeInfo.url &&
-        changeInfo.url.substr(0, url_match.length) === url_match) {
+        changeInfo.url.substr(0, url_match.length) === url_match &&
+        !window.chromeExOAuthRedirectStarted) {
+      window.chromeExOAuthRedirectStarted = true;
       chrome.tabs.create({ 'url' : changeInfo.url }, function() {
         chrome.tabs.remove(tabId);
       });
@@ -72,7 +75,7 @@ ChromeExOAuth.initBackgroundPage = function(oauth_config) {
 
 /**
  * Authorizes the current user with the configued API.  You must call this
- * before calling makeSignedRequest.
+ * before calling sendSignedRequest.
  * @param {Function} callback A function to call once an access token has
  *     been obtained.  This callback will be passed the following arguments:
  *         token {String} The OAuth access token.
@@ -114,8 +117,7 @@ ChromeExOAuth.prototype.hasToken = function() {
  *     should be omitted.
  * @param {Function} callback A function to be called once the request is
  *     completed.  This callback will be passed the following arguments:
- *         responseText {String} The text response, if a 200 HTTP code is
- *             returned.
+ *         responseText {String} The text response.
  *         xhr {XMLHttpRequest} The XMLHttpRequest object which was used to
  *             send the request.  Useful if you need to check response status
  *             code, etc.
@@ -124,48 +126,65 @@ ChromeExOAuth.prototype.hasToken = function() {
  *         "method" {String} The HTTP method to use.  Defaults to "GET".
  *         "body" {String} A request body to send.  Defaults to null.
  *         "parameters" {Object} Query parameters to include in the request.
+ *         "headers" {Object} Additional headers to include in the request.
  */
 ChromeExOAuth.prototype.sendSignedRequest = function(url, callback,
                                                      opt_params) {
+  var method = opt_params && opt_params['method'] || 'GET';
+  var body = opt_params && opt_params['body'] || null;
+  var params = opt_params && opt_params['parameters'] || {};
+  var headers = opt_params && opt_params['headers'] || {};
+
+  var signedUrl = this.signURL(url, method, params);
+
+  ChromeExOAuth.sendRequest(method, signedUrl, headers, body, function (xhr) {
+    if (xhr.readyState == 4) {
+      callback(xhr.responseText, xhr);
+    }
+  });
+};
+
+/**
+ * Adds the required OAuth parameters to the given url and returns the
+ * result.  Useful if you need a signed url but don't want to make an XHR
+ * request.
+ * @param {String} method The http method to use.
+ * @param {String} url The base url of the resource you are querying.
+ * @param {Object} opt_params Query parameters to include in the request.
+ * @return {String} The base url plus any query params plus any OAuth params.
+ */
+ChromeExOAuth.prototype.signURL = function(url, method, opt_params) {
   var token = this.getToken();
   var secret = this.getTokenSecret();
   if (!token || !secret) {
     throw new Error("No oauth token or token secret");
   }
 
-  var method = opt_params && opt_params['method'] || 'GET';
-  var body = opt_params && opt_params['body'] || null;
-  var params = opt_params && opt_params['parameters'] || {};
-  params["oauth_token"] = token;
+  var params = opt_params || {};
 
   var result = OAuthSimple().sign({
+    action : method,
     path : url,
     parameters : params,
     signatures: {
       consumer_key : this.consumer_key,
       shared_secret : this.consumer_secret,
-      oauth_secret : secret
+      oauth_secret : secret,
+      oauth_token: token
     }
   });
-  var signed_url = result.signed_url;
 
-  ChromeExOAuth.sendRequest(method, signed_url, null, body, function (xhr) {
-    if (xhr.readyState == 4) {
-      var responseText = (xhr.status == 200) ? xhr.responseText : null;
-      callback(responseText, xhr);
-    }
-  });
+  return result.signed_url;
 };
 
 /**
- * Adds the required OAuth parameters to the given url and returns the
- * result.  Useful if you need a signed url but don't want to make an XHR
- * request.
+ * Generates the Authorization header based on the oauth parameters.
  * @param {String} url The base url of the resource you are querying.
  * @param {Object} opt_params Query parameters to include in the request.
- * @return {String} The base url plus any query params plus any OAuth params.
+ * @return {String} An Authorization header containing the oauth_* params.
  */
-ChromeExOAuth.prototype.signURL = function(url, opt_params) {
+ChromeExOAuth.prototype.getAuthorizationHeader = function(url, method,
+                                                          opt_params) {
   var token = this.getToken();
   var secret = this.getTokenSecret();
   if (!token || !secret) {
@@ -173,19 +192,18 @@ ChromeExOAuth.prototype.signURL = function(url, opt_params) {
   }
 
   var params = opt_params || {};
-  params["oauth_token"] = token;
 
-  var result = OAuthSimple().sign({
+  return OAuthSimple().getHeaderString({
+    action: method,
     path : url,
     parameters : params,
     signatures: {
       consumer_key : this.consumer_key,
       shared_secret : this.consumer_secret,
-      oauth_secret : secret
+      oauth_secret : secret,
+      oauth_token: token
     }
   });
-
-  return result.signed_url;
 };
 
 /*******************************************************************************
@@ -231,6 +249,7 @@ ChromeExOAuth.initCallbackPage = function() {
   oauth.initOAuthFlow(function (token, secret) {
     var background_page = chrome.extension.getBackgroundPage();
     background_page.chromeExOAuthOnAuthorize(token, secret);
+    background_page.chromeExOAuthRedirectStarted = false;
     window.close();
   });
 };
diff --git a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauthsimple.js b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauthsimple.js
index b096623..af0fe8a 100644
--- a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauthsimple.js
+++ b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/chrome_ex_oauthsimple.js
@@ -85,7 +85,7 @@ if (OAuthSimple === undefined)
         if (shared_secret == undefined)
             throw("Missing argument: shared_secret (shared secret) for OAuthSimple. This is usually provided by the hosting site.");
 */      this._secrets={};
-
+        this._parameters={};
 
         // General configuration options.
         if (consumer_key !== undefined) {
@@ -284,7 +284,7 @@ if (OAuthSimple === undefined)
             var result = 'OAuth ';
             for (var pName in this._parameters)
             {
-                if (pName.match(/^oauth/) === undefined) {
+                if (!pName.match(/^oauth/)) {
                     continue;
                     }
                 if ((this._parameters[pName]) instanceof Array)
diff --git a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/manifest.json b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/manifest.json
index 6b49549..69cda2b 100644
--- a/chrome/common/extensions/docs/examples/extensions/oauth_contacts/manifest.json
+++ b/chrome/common/extensions/docs/examples/extensions/oauth_contacts/manifest.json
@@ -1,6 +1,6 @@
 {
   "name": "Sample - OAuth Contacts",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "icons": { "48": "img/icon-48.png",
             "128": "img/icon-128.png" },
   "description": "Uses OAuth to connect to Google's contacts service and display a list of your contacts.",