12 files changed, 1386 insertions, 0 deletions
diff --git a/protocols/Twitter/oauth/tests/Makefile.am b/protocols/Twitter/oauth/tests/Makefile.am
new file mode 100644
index 0000000000..55330a19ac
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/Makefile.am
@@ -0,0 +1,44 @@
+check_PROGRAMS = oauthexample oauthdatapost tcwiki tceran tcother oauthtest oauthtest2 oauthsign oauthbodyhash
+ACLOCAL_AMFLAGS= -I m4
+
+OAUTHDIR =../src
+INCLUDES = -I$(srcdir)/$(OAUTHDIR)
+MYCFLAGS = @LIBOAUTH_CFLAGS@ @HASH_CFLAGS@ @CURL_CFLAGS@ 
+MYLDADD  = $(OAUTHDIR)/liboauth.la
+LIBS     = -lm @HASH_LIBS@ @CURL_LIBS@ @LIBS@
+
+tcwiki_SOURCES = selftest_wiki.c commontest.c commontest.h
+tcwiki_LDADD = $(MYLDADD)
+tcwiki_CFLAGS = $(MYCFLAGS) @TEST_UNICODE@
+
+tceran_SOURCES = selftest_eran.c commontest.c commontest.h
+tceran_LDADD = $(MYLDADD)
+tceran_CFLAGS = $(MYCFLAGS) @TEST_UNICODE@
+
+tcother_SOURCES = selftest_other.c commontest.c commontest.h
+tcother_LDADD = $(MYLDADD)
+tcother_CFLAGS = $(MYCFLAGS)
+
+oauthtest_SOURCES = oauthtest.c
+oauthtest_LDADD = $(MYLDADD)
+oauthtest_CFLAGS = $(MYCFLAGS)
+
+oauthtest2_SOURCES = oauthtest2.c
+oauthtest2_LDADD = $(MYLDADD)
+oauthtest2_CFLAGS = $(MYCFLAGS)
+
+oauthexample_SOURCES = oauthexample.c
+oauthexample_LDADD = $(MYLDADD)
+oauthexample_CFLAGS = $(MYCFLAGS)
+
+oauthsign_SOURCES = oauthsign.c
+oauthsign_LDADD = $(MYLDADD)
+oauthsign_CFLAGS = $(MYCFLAGS)
+
+oauthdatapost_SOURCES = oauthdatapost.c
+oauthdatapost_LDADD = $(MYLDADD)
+oauthdatapost_CFLAGS = $(MYCFLAGS)
+
+oauthbodyhash_SOURCES = oauthbodyhash.c
+oauthbodyhash_LDADD = $(MYLDADD)
+oauthbodyhash_CFLAGS = $(MYCFLAGS)
diff --git a/protocols/Twitter/oauth/tests/commontest.c b/protocols/Twitter/oauth/tests/commontest.c
new file mode 100644
index 0000000000..fb5d891381
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/commontest.c
@@ -0,0 +1,155 @@
+/**
+ *  @brief test and example code for liboauth.
+ *  @file commontest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2007, 2008 Robin Gareus <robin@gareus.org>
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifdef TEST_UNICODE
+#include <locale.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+#include "commontest.h"
+
+extern int loglevel; //< report each successful test
+
+/*
+ * test parameter encoding
+ */
+int test_encoding(char *param, char *expected) {
+  int rv=0;
+  char *testcase=NULL;
+  testcase = oauth_url_escape(param);
+  if (strcmp(testcase,expected)) {
+    rv=1;
+    printf("parameter encoding test for '%s' failed.\n"
+           " got: '%s' expected: '%s'\n", param, testcase, expected);
+  } 
+  else if (loglevel) printf("parameter encoding ok. ('%s')\n", testcase);
+  if (testcase) free(testcase);
+  return (rv);
+}
+
+#ifdef TEST_UNICODE
+/*
+ * test unicode paramter encoding
+ */
+int test_uniencoding(wchar_t *src, char *expected) {
+  size_t n;
+  char *dst;
+// check unicode: http://www.thescripts.com/forum/thread223350.html
+  const char *encoding = "en_US.UTF-8"; // or try en_US.ISO-8859-1 etc.
+  //wchar_t src[] = {0x0080, 0};
+
+  if(setlocale(LC_CTYPE, encoding) == NULL) {
+    printf("requested encoding unavailable\n");
+    return -1;
+  }
+
+  n = wcstombs(NULL, src, 0);
+  dst = malloc(n + 1);
+  if(dst == NULL) {
+    printf("memory allocation failed\n");
+    return -2;
+  }
+  if(wcstombs(dst, src, n + 1) != n) {
+    printf("conversion failed\n");
+    free(dst);
+    return -3;
+  }
+  return test_encoding(dst, expected);
+}
+#endif
+
+/*
+ * test request normalization
+ */
+int test_normalize(char *param, char *expected) {
+  int rv=2;
+  int  i, argc;
+  char **argv = NULL;
+  char *testcase;
+
+  argc = oauth_split_url_parameters(param, &argv);
+  qsort(argv, argc, sizeof(char *), oauth_cmpstringp);
+  testcase= oauth_serialize_url(argc,0, argv);
+
+  rv=strcmp(testcase,expected);
+  if (rv) {
+    printf("parameter normalization test failed for: '%s'.\n"
+           " got: '%s' expected: '%s'\n", param, testcase, expected);
+  }
+  else if (loglevel) printf("parameter normalization ok. ('%s')\n", testcase);
+  for (i=0;i<argc;i++) free(argv[i]);
+  if (argv) free(argv);
+  if (testcase) free(testcase);
+  return (rv);
+}
+
+/*
+ * test request concatenation
+ */
+int test_request(char *http_method, char *request, char *expected) {
+  int rv=2;
+  int  i, argc;
+  char **argv = NULL;
+  char *query, *testcase;
+
+  argc = oauth_split_url_parameters(request, &argv);
+  qsort(&argv[1], argc-1, sizeof(char *), oauth_cmpstringp);
+  query= oauth_serialize_url(argc,1, argv);
+  testcase = oauth_catenc(3, http_method, argv[0], query);
+
+  rv=strcmp(testcase,expected);
+  if (rv) {
+    printf("request concatenation test failed for: '%s'.\n"
+           " got:      '%s'\n expected: '%s'\n", request, testcase, expected);
+  }
+  else if (loglevel) printf("request concatenation ok.\n");
+  for (i=0;i<argc;i++) free(argv[i]);
+  if (argv) free(argv);
+  if (query) free(query);
+  if (testcase) free(testcase);
+  return (rv);
+}
+
+/*
+ * test hmac-sha1 checksum
+ */
+int test_sha1(char *c_secret, char *t_secret, char *base, char *expected) {
+  int rv=0;
+  char *okey = oauth_catenc(2, c_secret, t_secret);
+  char *b64d = oauth_sign_hmac_sha1(base, okey);
+  if (strcmp(b64d,expected)) {
+    printf("HMAC-SHA1 invalid. base:'%s' secrets:'%s'\n"
+           " got: '%s' expected: '%s'\n", base, okey, b64d, expected);
+    rv=1;
+  } else if (loglevel) printf("HMAC-SHA1 test sucessful.\n");
+  free(b64d);
+  free(okey);
+  return (rv);
+}
diff --git a/protocols/Twitter/oauth/tests/commontest.h b/protocols/Twitter/oauth/tests/commontest.h
new file mode 100644
index 0000000000..d90d381569
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/commontest.h
@@ -0,0 +1,7 @@
+int test_encoding(char *param, char *expected);
+#ifdef TEST_UNICODE
+int test_uniencoding(wchar_t *src, char *expected);
+#endif
+int test_normalize(char *param, char *expected);
+int test_request(char *http_method, char *request, char *expected);
+int test_sha1(char *c_secret, char *t_secret, char *base, char *expected);
diff --git a/protocols/Twitter/oauth/tests/oauthbodyhash.c b/protocols/Twitter/oauth/tests/oauthbodyhash.c
new file mode 100644
index 0000000000..eb3ff3fbb9
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthbodyhash.c
@@ -0,0 +1,90 @@
+/**
+ *  @brief experimental code to sign data uploads
+ *  @file oauthbodysign.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2009 Robin Gareus <robin@gareus.org>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <oauth.h>
+
+int my_data_post(char *url, char *data) {
+  const char *c_key         = "key"; //< consumer key
+  const char *c_secret      = "secret"; //< consumer secret
+  char *t_key               = "tkey"; //< access token key
+  char *t_secret            = "tsecret"; //< access token secret
+
+  char *postarg = NULL;
+  char *req_url = NULL;
+  char *reply   = NULL;
+  char *bh;
+  char *uh;
+  char *sig_url;
+
+  bh=oauth_body_hash_data(strlen(data), data);
+  uh = oauth_catenc(2, url, bh);
+  req_url = oauth_sign_url2(uh, &postarg, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+  printf("POST: %s?%s\n", req_url, postarg);
+  if (uh) free(uh);
+
+  sig_url = malloc(2+strlen(req_url)+strlen(postarg));
+  sprintf(sig_url,"%s?%s",req_url, postarg);
+  reply = oauth_post_data(sig_url, data, strlen(data), "Content-Type: application/json");
+  if(sig_url) free(sig_url);
+
+  printf("REPLY: %s\n", reply);
+  if(reply) free(reply);
+  return 0;
+}
+
+int main (int argc, char **argv) {
+  char *base_url = "http://localhost/oauthtest.php";
+  char *teststring="Hello World!";
+
+  /* TEST_BODY_HASH_FILE and TEST_BODY_HASH_DATA are only
+   * here as examples and for testing during development.
+   *
+   * the my_data_post() function above uses oauth_body_hash_data() 
+   */
+
+#if defined TEST_BODY_HASH_FILE || defined TEST_BODY_HASH_DATA
+  char *bh=NULL;
+#endif
+
+#ifdef TEST_BODY_HASH_FILE // example hash file
+  char *filename="/tmp/test";
+  bh=oauth_body_hash_file(filename);
+  if (bh) printf("%s\n", bh);
+  if (bh) free(bh);
+#endif
+
+#ifdef TEST_BODY_HASH_DATA // example hash data
+  bh=oauth_body_hash_data(strlen(teststring), teststring);
+  if (bh) printf("%s\n", bh);
+  if (bh) free(bh);
+#endif
+
+  my_data_post(base_url, teststring);
+  return(0);
+}
diff --git a/protocols/Twitter/oauth/tests/oauthdatapost.c b/protocols/Twitter/oauth/tests/oauthdatapost.c
new file mode 100644
index 0000000000..9bd2e1d20f
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthdatapost.c
@@ -0,0 +1,166 @@
+/**
+ *  @brief experimental code to sign data uploads
+ *  @file oauthimageupload.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2008 Robin Gareus <robin@gareus.org>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <oauth.h>
+
+#ifdef USE_MMAP
+#include <sys/mman.h>
+#endif
+
+/** 
+ * example oauth body signature and HTTP-POST.
+ * WARNING: <b> This is request type is not part of the 
+ * oauth core 1.0</b>. 
+ *
+ * This is an experimental extension.
+ */
+int oauth_image_post(char *filename, char *url) {
+  const char *c_key         = "key"; //< consumer key
+  const char *c_secret      = "secret"; //< consumer secret
+  char *t_key               = NULL; //< access token key
+  char *t_secret            = NULL; //< access token secret
+
+  char *postarg = NULL;
+  char *req_url = NULL;
+  char *reply   = NULL;
+
+  char *filedata = NULL;
+  size_t filelen = 0;
+
+  FILE *F;
+
+  char *okey, *sign;
+  char *sig_url;
+
+  // get acces token - see oautexample.c
+  t_key    = strdup("key"); //< access token key
+  t_secret = strdup("secret"); //< access token secret
+
+  // read raw data to sign and send from file.
+  F= fopen(filename, "r");
+  if (!F) return 1;
+  fseek(F, 0L, SEEK_END);
+  filelen= ftell(F);
+  rewind(F);
+
+  #ifdef USE_MMAP
+  filedata=mmap(NULL,filelen,PROT_READ,MAP_SHARED,fileno(F),0L);
+  #else 
+  filedata=malloc(filelen*sizeof(char));
+  if (filelen != fread(filedata,sizeof(char), filelen, F)) {
+  	fclose(F);
+  	return 2;
+  }
+  fclose(F);
+  #endif
+
+  // sign the body
+  okey = oauth_catenc(2, c_secret, t_secret);
+  sign = oauth_sign_hmac_sha1_raw(filedata,filelen,okey,strlen(okey));
+  free(okey);
+  sig_url = malloc(63+strlen(url)+strlen(sign));
+  sprintf(sig_url,"%s&xoauth_body_signature=%s&xoauth_body_signature_method=HMAC_SHA1",url, sign);
+
+  // sign a POST request
+  req_url = oauth_sign_url2(sig_url, &postarg, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+  free(sig_url);
+
+  // append the oauth [post] parameters to the request-URL!!
+  sig_url = malloc(2+strlen(req_url)+strlen(postarg));
+  sprintf(sig_url,"%s?%s",req_url, postarg);
+
+  printf("POST:'%s'\n",sig_url);
+  //reply = oauth_post_file(sig_url,filename,filelen,"Content-Type: image/jpeg;");
+  printf("reply:'%s'\n",reply);
+
+  if(req_url) free(req_url);
+  if(postarg) free(postarg);
+  if(reply) free(reply);
+  if(t_key) free(t_key);
+  if(t_secret) free(t_secret);
+
+  #ifdef USE_MMAP
+  munmap(filedata,filelen);
+  fclose(F);
+  #else 
+  if(filedata) free(filedata);
+  #endif
+  return(0);
+}
+
+
+/**
+ * Main Test and Example Code.
+ * 
+ * compile:
+ *  gcc -lssl -loauth -o oauthdatapost oauthdatapost.c
+ */
+
+int main (int argc, char **argv) {
+  char *base_url = "http://mms06.test.mediamatic.nl";
+  char *filename = "/tmp/test.jpg";
+  int anyid = 18704;
+  char *title = "test";
+  char *url;
+
+  if (argc>4) base_url = argv[4];
+  if (argc>3) title = argv[3];
+  if (argc>2) anyid = atoi(argv[2]);
+  if (argc>1) filename = argv[1];
+
+  // TODO check if file exists; also read oauth-params from args or file
+
+  // anyMeta.nl image-post module URL
+  url = malloc(1024*sizeof(char));
+  if (anyid<1 && !title) 
+    sprintf(url,"%s/module/ImagePost/",base_url);
+  else if (anyid>0 && !title) 
+    sprintf(url,"%s/module/ImagePost/%i?echoid=1",base_url,anyid);
+  else if (anyid<1 && title) {
+    char *tp = oauth_url_escape(title);
+    sprintf(url,"%s/module/ImagePost/?title=%s",base_url,tp);
+    free(tp);
+  }
+  else if (anyid>0 && title) {
+    char *tp = oauth_url_escape(title);
+    sprintf(url,"%s/module/ImagePost/%i?echoid=1&title=%s",base_url,anyid,tp);
+    free(tp);
+  }
+
+  // doit
+  switch(oauth_image_post(filename, url)) {
+    case 0:
+      printf("request ok.\n");
+      break;
+    default:
+      printf("upload failed.\n");
+      break;
+  }
+  return(0);
+}
diff --git a/protocols/Twitter/oauth/tests/oauthexample.c b/protocols/Twitter/oauth/tests/oauthexample.c
new file mode 100644
index 0000000000..fb5915dc53
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthexample.c
@@ -0,0 +1,161 @@
+/**
+ *  @brief example code for liboauth using http://term.ie/oauth/example
+ *  @file oauthexample.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2008 Robin Gareus <robin@gareus.org>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+/**
+ * split and parse URL parameters replied by the test-server
+ * into <em>oauth_token</em> and <em>oauth_token_secret</em>.
+ */
+int parse_reply(const char *reply, char **token, char **secret) {
+  int rc;
+  int ok=1;
+  char **rv = NULL;
+  rc = oauth_split_url_parameters(reply, &rv);
+  qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
+  if( rc==2 
+      && !strncmp(rv[0],"oauth_token=",11)
+      && !strncmp(rv[1],"oauth_token_secret=",18) ) {
+    ok=0;
+    if (token)  *token =strdup(&(rv[0][12]));
+    if (secret) *secret=strdup(&(rv[1][19]));
+    printf("key:    '%s'\nsecret: '%s'\n",*token, *secret); // XXX token&secret may be NULL.
+  }
+  if(rv) free(rv);
+  return ok;
+}
+
+/** 
+ * an example requesting a request-token from an OAuth service-provider
+ * exchaning it with an access token
+ * and make an example request.
+ * exercising either the oauth-HTTP GET or POST function.
+ */
+int oauth_consumer_example(int use_post) {
+  const char *request_token_uri = "http://term.ie/oauth/example/request_token.php";
+  const char *access_token_uri = "http://term.ie/oauth/example/access_token.php";
+  const char *test_call_uri = "http://term.ie/oauth/example/echo_api.php?method=foo%20bar&bar=baz";
+  const char *c_key         = "key"; //< consumer key
+  const char *c_secret      = "secret"; //< consumer secret
+
+  char *t_key    = NULL; //< access token key
+  char *t_secret = NULL; //< access token secret
+
+  char *req_url = NULL;
+  char *postarg = NULL;
+  char *reply   = NULL;
+
+  printf("Request token..\n");
+  if (use_post) { // HTTP POST 
+    req_url = oauth_sign_url2(request_token_uri, &postarg, OA_HMAC, NULL, c_key, c_secret, NULL, NULL);
+    reply = oauth_http_post(req_url,postarg);
+  } else { // HTTP GET
+    req_url = oauth_sign_url2(request_token_uri, NULL, OA_HMAC, NULL, c_key, c_secret, NULL, NULL);
+    reply = oauth_http_get(req_url,postarg);
+  }
+  if (req_url) free(req_url);
+  if (postarg) free(postarg);
+  if (!reply) return(1);
+  if (parse_reply(reply, &t_key, &t_secret)) return(2);
+  free(reply);
+
+  // The Request Token provided above is already authorized, for this test server
+  // so we may use it to request an Access Token right away.
+
+  printf("Access token..\n");
+
+  if (use_post) {
+    req_url = oauth_sign_url2(access_token_uri, &postarg, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    reply = oauth_http_post(req_url,postarg);
+  } else {
+    req_url = oauth_sign_url2(access_token_uri, NULL, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    reply = oauth_http_get(req_url,postarg);
+  }
+  if (req_url) free(req_url);
+  if (postarg) free(postarg);
+  if (!reply) return(3);
+  if(t_key) free(t_key);
+  if(t_secret) free(t_secret);
+  if (parse_reply(reply, &t_key, &t_secret)) return(4);
+  free(reply);
+
+  printf("make some request..\n");
+
+  if (use_post) {
+    req_url = oauth_sign_url2(test_call_uri, &postarg, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    reply = oauth_http_post(req_url,postarg);
+  } else {
+    req_url = oauth_sign_url2(test_call_uri, NULL, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    reply = oauth_http_get(req_url,postarg);
+  }
+  printf("query:'%s'\n",req_url);
+  printf("reply:'%s'\n",reply);
+  if(req_url) free(req_url);
+  if(postarg) free(postarg);
+
+  if (strcmp(reply,"bar=baz&method=foo+bar")) return (5);
+
+  if(reply) free(reply);
+  if(t_key) free(t_key);
+  if(t_secret) free(t_secret);
+
+  return(0);
+}
+
+
+/**
+ * Main Test and Example Code.
+ * 
+ * compile:
+ *  gcc -lssl -loauth -o oauthexample oauthexample.c
+ */
+
+int main (int argc, char **argv) {
+  switch(oauth_consumer_example(0)) {
+    case 1:
+      printf("HTTP request for an oauth request-token failed.\n");
+      break;
+    case 2:
+      printf("did not receive a request-token.\n");
+      break;
+    case 3:
+      printf("HTTP request for an oauth access-token failed.\n");
+      break;
+    case 4:
+      printf("did not receive an access-token.\n");
+      break;
+    case 5:
+      printf("test call 'echo-api' did not respond correctly.\n");
+      break;
+    default:
+      printf("request ok.\n");
+      break;
+  }
+  return(0);
+}
diff --git a/protocols/Twitter/oauth/tests/oauthsign.c b/protocols/Twitter/oauth/tests/oauthsign.c
new file mode 100644
index 0000000000..e52d62c8b7
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthsign.c
@@ -0,0 +1,75 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <oauth.h>
+#include <strings.h>
+
+static void usage (char *program_name) {
+  printf(" usage: %s mode url ckey tkey csec tsec\n", program_name);
+  exit (1);
+}
+
+/**
+ * 
+ * compile:
+ *  gcc -loauth -o oauthsign oauthsign.c
+ */
+int main (int argc, char **argv) {
+
+  char *url;     //< the url to sign
+  char *c_key;    //< consumer key
+  char *c_secret;  //< consumer secret
+  char *t_key;    //< token key
+  char *t_secret ;  //< token secret
+
+  int mode = 0;   //< mode: 0=GET 1=POST
+
+  // TODO: use getopt to parse parameters
+
+  // FIXME: read secrets from stdin - they show up in ps(1)
+  // also overwrite memory of secrets before freeing it.
+ 
+  if (argc !=7) usage(argv[0]);
+
+  if ( atoi(argv[1]) > 0 ) mode=atoi(argv[1]);// questionable numeric shortcut
+  else if (!strcasecmp(argv[1],"GET"))         mode=1;
+  else if (!strcasecmp(argv[1],"POST"))        mode=2;
+  else if (!strcasecmp(argv[1],"POSTREQUEST")) mode=4;
+  else usage(argv[0]);
+
+  url      = argv[2];
+  c_key    = argv[3];
+  t_key    = argv[4];
+  c_secret = argv[5];
+  t_secret = argv[6];
+
+  if (mode==1) { // GET
+    char *geturl = NULL;
+    geturl = oauth_sign_url2(url, NULL, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    if(geturl) {
+      printf("%s\n", geturl);
+      free(geturl);
+    }
+  } else { // POST
+    char *postargs = NULL, *post = NULL;
+    post = oauth_sign_url2(url, &postargs, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    if (!post || !postargs) {
+    	return (1);
+    }
+    if (mode==2) { // print postargs only
+      if (postargs) printf("%s\n", postargs);
+    } else if (mode==3) { // print url and postargs
+      if (post && postargs) printf("%s\n%s\n", post, postargs);
+    } else if (post && postargs) {
+      char *reply = oauth_http_post(post,postargs);
+      if(reply){
+      	//write(STDOUT, reply, strlen(reply))
+        printf("%s\n", reply);
+      	free(reply);
+      }
+    }
+    if(post) free(post);
+    if(postargs) free(postargs);
+  }
+
+  return (0);
+}
diff --git a/protocols/Twitter/oauth/tests/oauthtest.c b/protocols/Twitter/oauth/tests/oauthtest.c
new file mode 100644
index 0000000000..e06cb30b9e
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthtest.c
@@ -0,0 +1,191 @@
+/**
+ *  @brief self-test and example code for liboauth 
+ *  @file oauthtest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2007, 2008 Robin Gareus <robin@gareus.org>
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+/* 
+ * a example requesting and parsing a request-token from an OAuth service-provider
+ * excercising the oauth-HTTP GET function. - it is almost the same as 
+ * \ref request_token_example_post below. 
+ */
+void request_token_example_get(void) {
+#if 0
+  const char *request_token_uri = "http://oauth-sandbox.mediamatic.nl/module/OAuth/request_token";
+  const char *req_c_key         = "17b09ea4c9a4121145936f0d7d8daa28047583796"; //< consumer key
+  const char *req_c_secret      = "942295b08ffce77b399419ee96ac65be"; //< consumer secret
+#else
+  const char *request_token_uri = "http://term.ie/oauth/example/request_token.php";
+  const char *req_c_key         = "key"; //< consumer key
+  const char *req_c_secret      = "secret"; //< consumer secret
+#endif
+  char *res_t_key    = NULL; //< replied key
+  char *res_t_secret = NULL; //< replied secret
+
+  char *req_url = NULL;
+  char *reply;
+
+  req_url = oauth_sign_url2(request_token_uri, NULL, OA_HMAC, NULL, req_c_key, req_c_secret, NULL, NULL);
+
+  printf("request URL:%s\n\n", req_url);
+  reply = oauth_http_get(req_url,NULL);
+  if (!reply) 
+    printf("HTTP request for an oauth request-token failed.\n");
+  else {
+    // parse reply - example:
+    //"oauth_token=2a71d1c73d2771b00f13ca0acb9836a10477d3c56&oauth_token_secret=a1b5c00c1f3e23fb314a0aa22e990266"
+    int rc;
+    char **rv = NULL;
+
+    printf("HTTP-reply: %s\n", reply);
+    rc = oauth_split_url_parameters(reply, &rv);
+    qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
+    if( rc==2 
+	&& !strncmp(rv[0],"oauth_token=",11)
+	&& !strncmp(rv[1],"oauth_token_secret=",18) ){
+	  res_t_key=strdup(&(rv[0][12]));
+	  res_t_secret=strdup(&(rv[1][19]));
+	  printf("key:    '%s'\nsecret: '%s'\n",res_t_key, res_t_secret);
+    }
+    if(rv) free(rv);
+  }
+
+  if(req_url) free(req_url);
+  if(reply) free(reply);
+  if(res_t_key) free(res_t_key);
+  if(res_t_secret) free(res_t_secret);
+}
+
+/*
+ * a example requesting and parsing a request-token from an OAuth service-provider
+ * using the oauth-HTTP POST function.
+ */
+void request_token_example_post(void) {
+#if 0
+  const char *request_token_uri = "http://oauth-sandbox.mediamatic.nl/module/OAuth/request_token";
+  const char *req_c_key         = "17b09ea4c9a4121145936f0d7d8daa28047583796"; //< consumer key
+  const char *req_c_secret      = "942295b08ffce77b399419ee96ac65be"; //< consumer secret
+#else
+  const char *request_token_uri = "http://term.ie/oauth/example/request_token.php";
+  const char *req_c_key         = "key"; //< consumer key
+  const char *req_c_secret      = "secret"; //< consumer secret
+#endif
+  char *res_t_key    = NULL; //< replied key
+  char *res_t_secret = NULL; //< replied secret
+
+  char *postarg = NULL;
+  char *req_url;
+  char *reply;
+
+  req_url = oauth_sign_url2(request_token_uri, &postarg, OA_HMAC, NULL, req_c_key, req_c_secret, NULL, NULL);
+
+  printf("request URL:%s\n\n", req_url);
+  reply = oauth_http_post(req_url,postarg);
+  if (!reply) 
+    printf("HTTP request for an oauth request-token failed.\n");
+  else {
+    //parse reply - example:
+    //"oauth_token=2a71d1c73d2771b00f13ca0acb9836a10477d3c56&oauth_token_secret=a1b5c00c1f3e23fb314a0aa22e990266"
+    int rc;
+    char **rv = NULL;
+    printf("HTTP-reply: %s\n", reply);
+    rc = oauth_split_url_parameters(reply, &rv);
+    qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
+    if( rc==2 
+	&& !strncmp(rv[0],"oauth_token=",11)
+	&& !strncmp(rv[1],"oauth_token_secret=",18) ){
+	  res_t_key=strdup(&(rv[0][12]));
+	  res_t_secret=strdup(&(rv[1][19]));
+	  printf("key:    '%s'\nsecret: '%s'\n",res_t_key, res_t_secret);
+    }
+    if(rv) free(rv);
+  }
+
+  if(req_url) free(req_url);
+  if(postarg) free(postarg);
+  if(reply) free(reply);
+  if(res_t_key) free(res_t_key);
+  if(res_t_secret) free(res_t_secret);
+}
+
+
+/*
+ * Main Test and Example Code.
+ * 
+ * compile:
+ *  gcc -lssl -loauth -o oauthtest oauthtest.c
+ */
+int main (int argc, char **argv) {
+  int fail=0;
+
+  const char *url      = "http://base.url/&just=append?post=or_get_parameters"
+                         "&arguments=will_be_formatted_automatically?&dont_care"
+			 "=about_separators";
+			 //< the url to sign
+  const char *c_key    = "1234567890abcdef1234567890abcdef123456789";
+  			//< consumer key
+  const char *c_secret = "01230123012301230123012301230123";
+  			//< consumer secret
+  const char *t_key    = "0987654321fedcba0987654321fedcba098765432";
+  			//< token key
+  const char *t_secret = "66666666666666666666666666666666";
+  			//< token secret
+
+#if 1 // example sign GET request and print the signed request URL
+  {
+    char *geturl = NULL;
+    geturl = oauth_sign_url2(url, NULL, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    printf("GET: URL:%s\n\n", geturl);
+    if(geturl) free(geturl);
+  }
+#endif
+
+#if 1 // sign POST ;) example 
+  {
+    char *postargs = NULL, *post = NULL;
+    post = oauth_sign_url2(url, &postargs, OA_HMAC, NULL, c_key, c_secret, t_key, t_secret);
+    printf("POST: URL:%s\n      PARAM:%s\n\n", post, postargs);
+    if(post) free(post);
+    if(postargs) free(postargs);
+  }
+#endif
+
+  printf(" *** sending HTTP request *** \n\n");
+
+// These two will perform a HTTP request, requesting an access token. 
+// it's intended both as test (verify signature) 
+// and example code.
+#if 1 // POST a request-token request
+  request_token_example_post();
+#endif
+#if 1 // GET a request-token
+  request_token_example_get();
+#endif
+
+  return (fail?1:0);
+}
diff --git a/protocols/Twitter/oauth/tests/oauthtest2.c b/protocols/Twitter/oauth/tests/oauthtest2.c
new file mode 100644
index 0000000000..fe4cbbbebd
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/oauthtest2.c
@@ -0,0 +1,133 @@
+/**
+ *  @brief self-test and example code for liboauth using 
+ *         HTTP Authorization header.
+ *  @file oauthtest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2010 Robin Gareus <robin@gareus.org>
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+/* 
+ * a example requesting and parsing a request-token from an OAuth service-provider
+ * using OAuth HTTP Authorization header:
+ * see http://oauth.net/core/1.0a/#auth_header
+ * and http://oauth.net/core/1.0a/#consumer_req_param
+ */
+void request_token_example_get(void) {
+#if 0
+  const char *request_token_uri = "http://localhost/oauthtest.php?test=test";
+  const char *req_c_key         = "17b09ea4c9a4121145936f0d7d8daa28047583796"; //< consumer key
+  const char *req_c_secret      = "942295b08ffce77b399419ee96ac65be"; //< consumer secret
+#else
+  const char *request_token_uri = "http://term.ie/oauth/example/request_token.php";
+  const char *req_c_key         = "key"; //< consumer key
+  const char *req_c_secret      = "secret"; //< consumer secret
+#endif
+  char *res_t_key    = NULL; //< replied key
+  char *res_t_secret = NULL; //< replied secret
+
+  char *req_url = NULL;
+  char *req_hdr = NULL;
+  char *http_hdr= NULL;
+  char *reply;
+
+
+  //req_url = oauth_sign_url2(request_token_uri, NULL, OA_HMAC, NULL, req_c_key, req_c_secret, NULL, NULL);
+
+  // oauth_sign_url2 (see oauth.h) in steps
+  int  argc;
+  char **argv = NULL;
+
+  argc = oauth_split_url_parameters(request_token_uri, &argv);
+  if (1) {
+    int i;
+    for (i=0;i<argc; i++)
+      printf("%d:%s\n", i, argv[i]);
+  }
+
+  oauth_sign_array2_process(&argc, &argv,
+          NULL, //< postargs (unused)
+          OA_HMAC,
+          NULL, //< HTTP method (defaults to "GET")
+          req_c_key, req_c_secret, NULL, NULL);
+
+  // 'default' oauth_sign_url2 would do:
+  // req_url = oauth_serialize_url(argc, 0, argv);
+ 
+  // we split [x_]oauth_ parameters (for use in HTTP Authorization header)
+  req_hdr = oauth_serialize_url_sep(argc, 1, argv, ", ", 6);
+  // and other URL parameters 
+  req_url = oauth_serialize_url_sep(argc, 0, argv, "&", 1);
+
+  oauth_free_array(&argc, &argv);
+
+  // done with OAuth stuff, now perform the HTTP request.
+  http_hdr = malloc(strlen(req_hdr) + 55);
+
+  // Note that (optional) 'realm' is not to be 
+  // included in the oauth signed parameters and thus only added here.
+  // see 9.1.1 in http://oauth.net/core/1.0/#anchor14
+  sprintf(http_hdr, "Authorization: OAuth realm=\"http://example.org/\", %s", req_hdr);
+
+  printf("request URL=%s\n", req_url);
+  printf("request header=%s\n\n", http_hdr);
+  reply = oauth_http_get2(req_url,NULL, http_hdr);
+  if (!reply) 
+    printf("HTTP request for an oauth request-token failed.\n");
+  else {
+    // parse reply - example:
+    //"oauth_token=2a71d1c73d2771b00f13ca0acb9836a10477d3c56&oauth_token_secret=a1b5c00c1f3e23fb314a0aa22e990266"
+    int rc;
+    char **rv = NULL;
+
+    printf("HTTP-reply: %s\n", reply);
+    rc = oauth_split_url_parameters(reply, &rv);
+    qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
+    if( rc==2 
+	&& !strncmp(rv[0],"oauth_token=",11)
+	&& !strncmp(rv[1],"oauth_token_secret=",18) ){
+	  res_t_key=strdup(&(rv[0][12]));
+	  res_t_secret=strdup(&(rv[1][19]));
+	  printf("key:    '%s'\nsecret: '%s'\n",res_t_key, res_t_secret);
+    }
+    if(rv) free(rv);
+  }
+
+  if(req_url) free(req_url);
+  if(req_hdr) free(req_hdr);
+  if(http_hdr)free(http_hdr);
+  if(reply) free(reply);
+  if(res_t_key) free(res_t_key);
+  if(res_t_secret) free(res_t_secret);
+}
+
+/*
+ * Main Test and Example Code.
+ */
+int main (int argc, char **argv) {
+  request_token_example_get();
+  return (0);
+}
diff --git a/protocols/Twitter/oauth/tests/selftest_eran.c b/protocols/Twitter/oauth/tests/selftest_eran.c
new file mode 100644
index 0000000000..7e118d48ba
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/selftest_eran.c
@@ -0,0 +1,98 @@
+/**
+ *  @brief self-test for liboauth.
+ *  @file selftest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * This code contains examples provided by Eran Hammer-Lahav 
+ * on the oauth.net mailing list.
+ *
+ * Copyright 2008 Robin Gareus <robin@gareus.org>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifdef TEST_UNICODE
+#include <locale.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+#include "commontest.h"
+
+int loglevel = 1; //< report each successful test
+
+int main (int argc, char **argv) {
+  int fail=0;
+  char *tmptst;
+
+  if (loglevel) printf("\n *** testing liboauth against Eran's Test cases ***\n http://groups.google.com/group/oauth/browse_frm/thread/243f4da439fd1f51?hl=en\n");
+
+  // Eran's test-cases - http://groups.google.com/group/oauth/browse_frm/thread/243f4da439fd1f51?hl=en
+  fail|=test_encoding("1234=asdf=4567","1234%3Dasdf%3D4567");
+  fail|=test_encoding("asdf-4354=asew-5698","asdf-4354%3Dasew-5698");
+  fail|=test_encoding("erks823*43=asd&123ls%23","erks823%2A43%3Dasd%26123ls%2523");
+  fail|=test_encoding("dis9$#$Js009%==","dis9%24%23%24Js009%25%3D%3D");
+  fail|=test_encoding("3jd834jd9","3jd834jd9");
+  fail|=test_encoding("12303202302","12303202302");
+  fail|=test_encoding("taken with a 30% orange filter","taken%20with%20a%2030%25%20orange%20filter");
+  fail|=test_encoding("mountain & water view","mountain%20%26%20water%20view");
+
+  fail|=test_request("GET", "http://example.com:80/photo" "?" 
+      "oauth_version=1.0"
+      "&oauth_consumer_key=1234=asdf=4567"
+      "&oauth_timestamp=12303202302"
+      "&oauth_nonce=3jd834jd9"
+      "&oauth_token=asdf-4354=asew-5698"
+      "&oauth_signature_method=HMAC-SHA1"
+      "&title=taken with a 30% orange filter"
+      "&file=mountain \001 water view"
+      "&format=jpeg"
+      "&include=date"
+      "&include=aperture",
+  "GET&http%3A%2F%2Fexample.com%2Fphoto&file%3Dmountain%2520%2526%2520water%2520view%26format%3Djpeg%26include%3Daperture%26include%3Ddate%26oauth_consumer_key%3D1234%253Dasdf%253D4567%26oauth_nonce%3D3jd834jd9%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D12303202302%26oauth_token%3Dasdf-4354%253Dasew-5698%26oauth_version%3D1.0%26title%3Dtaken%2520with%2520a%252030%2525%2520orange%2520filter" );
+
+  tmptst = oauth_sign_url2(
+      "http://example.com:80/photo" "?" 
+      "oauth_version=1.0"
+      "&oauth_timestamp=12303202302"
+      "&oauth_nonce=3jd834jd9"
+      "&title=taken with a 30% orange filter"
+      "&file=mountain \001 water view"
+      "&format=jpeg"
+      "&include=date"
+      "&include=aperture",
+   NULL, OA_HMAC, NULL, "1234=asdf=4567", "erks823*43=asd&123ls%23", "asdf-4354=asew-5698", "dis9$#$Js009%==");
+  if (strcmp(tmptst,"http://example.com/photo?file=mountain%20%26%20water%20view&format=jpeg&include=aperture&include=date&oauth_consumer_key=1234%3Dasdf%3D4567&oauth_nonce=3jd834jd9&oauth_signature_method=HMAC-SHA1&oauth_timestamp=12303202302&oauth_token=asdf-4354%3Dasew-5698&oauth_version=1.0&title=taken%20with%20a%2030%25%20orange%20filter&oauth_signature=jMdUSR1vOr3SzNv3gZ5DDDuGirA%3D")) {
+  	printf(" got '%s'\n expected: '%s'\n",tmptst, "http://example.com/photo?file=mountain%20%26%20water%20view&format=jpeg&include=aperture&include=date&oauth_consumer_key=1234%3Dasdf%3D4567&oauth_nonce=3jd834jd9&oauth_signature_method=HMAC-SHA1&oauth_timestamp=12303202302&oauth_token=asdf-4354%3Dasew-5698&oauth_version=1.0&title=taken%20with%20a%2030%25%20orange%20filter&oauth_signature=jMdUSR1vOr3SzNv3gZ5DDDuGirA%3D");
+	fail|=1;
+  } else if (loglevel) printf("request signature ok.\n");
+  if(tmptst) free(tmptst);
+
+  // report
+  if (fail) {
+    printf("\n !!! One or more of Eran's Test Cases failed.\n\n");
+  } else {
+    printf(" *** Eran's Test-Cases verified sucessfully.\n");
+  }
+
+  return (fail?1:0);
+}
diff --git a/protocols/Twitter/oauth/tests/selftest_other.c b/protocols/Twitter/oauth/tests/selftest_other.c
new file mode 100644
index 0000000000..0bb9c714a0
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/selftest_other.c
@@ -0,0 +1,83 @@
+/**
+ *  @brief self-test for liboauth.
+ *  @file selftest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2009 Robin Gareus <robin@gareus.org>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+#include "commontest.h"
+
+int loglevel = 1; //< report each successful test
+
+int main (int argc, char **argv) {
+  int fail=0;
+
+  if (loglevel) printf("\n *** Testing query parameter array encoding.\n");
+
+  fail|=test_request("GET", "http://example.com" 
+      "?k1=v1"
+      "&a1[ak1]=av1"
+      "&a1[aa1][aak2]=aav2"
+      "&a1[aa1][aak1]=aav1"
+      "&k2=v2"
+      "&a1[ak2]=av2",
+  "GET&http%3A%2F%2Fexample.com%2F&a1%255Baa1%255D%255Baak1%255D%3Daav1%26a1%255Baa1%255D%255Baak2%255D%3Daav2%26a1%255Bak1%255D%3Dav1%26a1%255Bak2%255D%3Dav2%26k1%3Dv1%26k2%3Dv2");
+
+  if (loglevel) printf("\n *** Testing http://tools.ietf.org/html/rfc5849 example.\n");
+
+  fail|=test_request("GET", "http://example.com" 
+      "/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b"
+      "&c2&a3=2+q"
+      "&oauth_consumer_key=9djdj82h48djs9d2"
+      "&oauth_token=kkk9d7dh3k39sjv7"
+      "&oauth_signature_method=HMAC-SHA1"
+      "&oauth_timestamp=137131201"
+      "&oauth_nonce=7d8f3e4a"
+      "&oauth_signature=djosJKDKJSD8743243%2Fjdk33klY%3D",
+   "GET&http%3A%2F%2Fexample.com%2Frequest&a2%3Dr%2520b%26a3%3D2%2520q%26a3%3Da%26b5%3D%253D%25253D%26c%2540%3D%26c2%3D%26oauth_consumer_key%3D9djdj82h48djs9d2%26oauth_nonce%3D7d8f3e4a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D137131201%26oauth_token%3Dkkk9d7dh3k39sjv7");
+
+  if (loglevel) printf("\n *** Testing body hash calculation.\n");
+
+  char *bh;
+  const char *teststring="Hello World!";
+  bh=oauth_body_hash_data(strlen(teststring), teststring);
+  if (bh) { 
+    if (strcmp(bh,"oauth_body_hash=Lve95gjOVATpfV8EL5X4nxwjKHE=")) fail|=1;
+    free(bh);
+  } else { 
+    fail|=1;
+  }
+
+  // report
+  if (fail) {
+    printf("\n !!! One or more test cases failed.\n\n");
+  } else {
+    printf(" *** Test cases verified sucessfully.\n");
+  }
+
+  return (fail?1:0);
+}
diff --git a/protocols/Twitter/oauth/tests/selftest_wiki.c b/protocols/Twitter/oauth/tests/selftest_wiki.c
new file mode 100644
index 0000000000..b54409b198
--- /dev/null
+++ b/protocols/Twitter/oauth/tests/selftest_wiki.c
@@ -0,0 +1,183 @@
+/**
+ *  @brief self-test for liboauth.
+ *  @file selftest.c
+ *  @author Robin Gareus <robin@gareus.org>
+ *
+ * Copyright 2007, 2008 Robin Gareus <robin@gareus.org>
+ *
+ * This code contains examples from http://wiki.oauth.net/ may they be blessed.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifdef TEST_UNICODE
+#include <locale.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <oauth.h>
+
+#include "commontest.h"
+
+int loglevel = 1; //< report each successful test
+
+int main (int argc, char **argv) {
+  int fail=0;
+  char *b64d;
+  char *testurl, *testkey;
+ #ifdef TEST_UNICODE
+  wchar_t src[] = {0x000A, 0};
+ #endif
+
+  if (loglevel) printf("\n *** testing liboauth against http://wiki.oauth.net/TestCases (july 2008) ***\n");
+
+  // http://wiki.oauth.net/TestCases
+  fail|=test_encoding("abcABC123","abcABC123");
+  fail|=test_encoding("-._~","-._~");
+  fail|=test_encoding("%","%25");
+  fail|=test_encoding("+","%2B");
+  fail|=test_encoding("&=*","%26%3D%2A");
+
+ #ifdef TEST_UNICODE
+  src[0] = 0x000A; fail|=test_uniencoding(src,"%0A");
+  src[0] = 0x0020; fail|=test_uniencoding(src,"%20");
+  src[0] = 0x007F; fail|=test_uniencoding(src,"%7F");
+  src[0] = 0x0080; fail|=test_uniencoding(src,"%C2%80");
+  src[0] = 0x3001; fail|=test_uniencoding(src,"%E3%80%81");
+ #endif
+
+  fail|=test_normalize("name", "name=");
+  fail|=test_normalize("a=b", "a=b");
+  fail|=test_normalize("a=b&c=d", "a=b&c=d");
+  fail|=test_normalize("a=x!y&a=x+y", "a=x%20y&a=x%21y");
+  fail|=test_normalize("x!y=a&x=a", "x=a&x%21y=a");
+
+  fail|=test_request("GET", "http://example.com/" "?" 
+      "n=v",
+  // expect:
+      "GET&http%3A%2F%2Fexample.com%2F&n%3Dv");
+
+  fail|=test_request("GET", "http://example.com" "?" 
+      "n=v",
+  // expect:
+      "GET&http%3A%2F%2Fexample.com%2F&n%3Dv");
+
+  fail|=test_request("POST", "https://photos.example.net/request_token" "?" 
+      "oauth_version=1.0"
+      "&oauth_consumer_key=dpf43f3p2l4k3l03"
+      "&oauth_timestamp=1191242090"
+      "&oauth_nonce=hsu94j3884jdopsl"
+      "&oauth_signature_method=PLAINTEXT"
+      "&oauth_signature=ignored",
+  // expect:
+      "POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DPLAINTEXT%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0");
+
+  fail|=test_request("GET", "http://photos.example.net/photos" "?" 
+      "file=vacation.jpg&size=original"
+      "&oauth_version=1.0"
+      "&oauth_consumer_key=dpf43f3p2l4k3l03"
+      "&oauth_token=nnch734d00sl2jdk"
+      "&oauth_timestamp=1191242096"
+      "&oauth_nonce=kllo9940pd9333jh"
+      "&oauth_signature=ignored"
+      "&oauth_signature_method=HMAC-SHA1",
+  // expect:
+      "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal");
+
+  fail|=test_sha1("cs","","bs","egQqG5AJep5sJ7anhXju1unge2I=");
+  fail|=test_sha1("cs","ts","bs","VZVjXceV7JgPq/dOTnNmEfO0Fv8=");
+  fail|=test_sha1("kd94hf93k423kf44","pfkkdhi9sl3r4s00","GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal","tR3+Ty81lMeYAr/Fid0kMTYa/WM=");
+
+  // HMAC-SHA1 selftest.
+  // see http://oauth.net/core/1.0/#anchor25 
+  testurl = "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3D"
+      "vacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce"
+      "%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26o"
+      "auth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk"
+      "%26oauth_version%3D1.0%26size%3Doriginal";
+
+  testkey = "kd94hf93k423kf44&pfkkdhi9sl3r4s00";
+  b64d = oauth_sign_hmac_sha1(testurl , testkey);
+  if (strcmp(b64d,"tR3+Ty81lMeYAr/Fid0kMTYa/WM=")) {
+    printf("HMAC-SHA1 signature test failed.\n");
+    fail|=1;
+  } else if (loglevel)
+    printf("HMAC-SHA1 signature test successful.\n");
+  free(b64d);
+
+  // rsa-signature based on http://wiki.oauth.net/TestCases example
+  b64d = oauth_sign_rsa_sha1(
+    "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal",
+
+    "-----BEGIN PRIVATE KEY-----\n"
+    "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V\n"
+    "A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d\n"
+    "7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ\n"
+    "hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H\n"
+    "X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm\n"
+    "uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw\n"
+    "rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z\n"
+    "zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn\n"
+    "qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG\n"
+    "WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno\n"
+    "cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+\n"
+    "3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8\n"
+    "AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54\n"
+    "Lw03eHTNQghS0A==\n"
+    "-----END PRIVATE KEY-----");
+
+  if (strcmp(b64d,"jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=")) {
+    printf("RSA-SHA1 signature test failed.\n");
+    fail|=1;
+  } else if (loglevel)
+    printf("RSA-SHA1 signature test successful.\n");
+  free(b64d);
+
+  if (oauth_verify_rsa_sha1(
+    "GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal",
+
+    "-----BEGIN CERTIFICATE-----\n"
+    "MIIBpjCCAQ+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAZMRcwFQYDVQQDDA5UZXN0\n"
+    "IFByaW5jaXBhbDAeFw03MDAxMDEwODAwMDBaFw0zODEyMzEwODAwMDBaMBkxFzAV\n"
+    "BgNVBAMMDlRlc3QgUHJpbmNpcGFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n"
+    "gQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlY\n"
+    "zypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp/IpH7kH41Etb\n"
+    "mUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQABMA0GCSqGSIb3\n"
+    "DQEBBQUAA4GBAGZLPEuJ5SiJ2ryq+CmEGOXfvlTtEL2nuGtr9PewxkgnOjZpUy+d\n"
+    "4TvuXJbNQc8f4AMWL/tO9w0Fk80rWKp9ea8/df4qMq5qlFWlx6yOLQxumNOmECKb\n"
+    "WpkUQDIDJEoFUzKMVuJf4KO/FJ345+BNLGgbJ6WujreoM1X/gYfdnJ/J\n"
+    "-----END CERTIFICATE-----\n", 
+    "jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=")
+      != 1) {
+    printf("RSA-SHA1 verify-signature test failed.\n");
+    fail|=1;
+  } else if (loglevel)
+    printf("RSA-SHA1 verify-signature test successful.\n");
+
+  // report
+  if (fail) {
+    printf("\n !!! One or more tests from http://wiki.oauth.net/TestCases failed.\n\n");
+  } else {
+    printf(" *** http://wiki.oauth.net/TestCases verified sucessfully.\n");
+  }
+
+  return (fail?1:0);
+}