+ ##
+ # return request header for HTTP Basic Authorization
+ def basic_authorization_header(user, pass)
+ { "Authorization" => format("Basic %<auth>s", :auth => Base64.encode64("#{user}:#{pass}")) }
+ end
+
+ ##
+ # return request header for HTTP Bearer Authorization
+ def bearer_authorization_header(token)
+ { "Authorization" => "Bearer #{token}" }
+ end
+
+ ##
+ # make an OAuth signed request
+ def signed_request(method, uri, options = {})
+ uri = URI.parse(uri)
+ uri.scheme ||= "http"
+ uri.host ||= "www.example.com"
+
+ oauth = options.delete(:oauth)
+ params = options.fetch(:params, {}).transform_keys(&:to_s)
+
+ oauth[:consumer] ||= oauth[:token].client_application
+
+ helper = OAuth::Client::Helper.new(nil, oauth)
+
+ request = OAuth::RequestProxy.proxy(
+ "method" => method.to_s.upcase,
+ "uri" => uri,
+ "parameters" => params.merge(helper.oauth_parameters)
+ )
+
+ request.sign!(oauth)
+
+ method(method).call(request.signed_uri, **options)
+ end
+
+ ##
+ # make an OAuth signed GET request
+ def signed_get(uri, options = {})
+ signed_request(:get, uri, options)
+ end
+
+ ##
+ # make an OAuth signed POST request
+ def signed_post(uri, options = {})
+ signed_request(:post, uri, options)
+ end
+
+ ##
+ # return request header for HTTP Accept
+ def accept_format_header(format)
+ { "Accept" => format }
+ end
+
+ ##
+ # return request header to ask for a particular error format
+ def error_format_header(f)
+ { "X-Error-Format" => f }
+ end
+
+ ##
+ # Used to check that the error header and the forbidden responses are given
+ # when the owner of the changeset has their data not marked as public
+ def assert_require_public_data(msg = "Shouldn't be able to use API when the user's data is not public")
+ assert_response :forbidden, msg
+ assert_equal("You must make your edits public to upload new data", @response.headers["Error"], "Wrong error message")
+ end
+
+ ##
+ # Not sure this is the best response we could give
+ def assert_inactive_user(msg = "an inactive user shouldn't be able to access the API")
+ assert_response :unauthorized, msg
+ # assert_equal @response.headers['Error'], ""
+ end
+
+ ##
+ # Check for missing translations in an HTML response
+ def assert_no_missing_translations(msg = "")
+ assert_select "span[class=translation_missing]", false, "Missing translation #{msg}"
+ end
+
+ ##
+ # execute a block with a given set of HTTP responses stubbed
+ def with_http_stubs(stubs_file)
+ stubs = YAML.load_file(File.expand_path("../http/#{stubs_file}.yml", __FILE__))
+ stubs.each do |url, response|
+ stub_request(:get, Regexp.new(Regexp.quote(url))).to_return(:status => response["code"], :body => response["body"])
+ end
+
+ yield
+ end
+
+ def stub_gravatar_request(email, status = 200, body = nil)
+ hash = ::Digest::MD5.hexdigest(email.downcase)
+ url = "https://www.gravatar.com/avatar/#{hash}?d=404"
+ stub_request(:get, url).and_return(:status => status, :body => body)
+ end
+
+ def email_text_parts(message)
+ message.parts.each_with_object([]) do |part, text_parts|
+ if part.content_type.start_with?("text/")
+ text_parts.push(part)
+ elsif part.multipart?
+ text_parts.concat(email_text_parts(part))