Make normalize_base_string_uri handle scheme and path more conformantly

* only accept absolute URIs including a scheme
* use the root path if the input path is empty

2 files changed, 18 insertions, 6 deletions

diff --git a/tests/oauth1/rfc5849/test_client.py b/tests/oauth1/rfc5849/test_client.py
index 6b3dc8a..7716369 100644
--- a/tests/oauth1/rfc5849/test_client.py
+++ b/tests/oauth1/rfc5849/test_client.py
@@ -9,20 +9,20 @@ class ClientRealmTests(TestCase):
 
     def test_client_no_realm(self):
         client = Client("client-key")
-        uri, header, body = client.sign("example-uri")
+        uri, header, body = client.sign("http://example-uri")
         self.assertTrue(
             header["Authorization"].startswith('OAuth oauth_nonce='))
 
     def test_client_realm_sign_with_default_realm(self):
         client = Client("client-key", realm="moo-realm")
         self.assertEqual(client.realm, "moo-realm")
-        uri, header, body = client.sign("example-uri")
+        uri, header, body = client.sign("http://example-uri")
         self.assertTrue(
             header["Authorization"].startswith('OAuth realm="moo-realm",'))
 
     def test_client_realm_sign_with_additional_realm(self):
         client = Client("client-key", realm="moo-realm")
-        uri, header, body = client.sign("example-uri", realm="baa-realm")
+        uri, header, body = client.sign("http://example-uri", realm="baa-realm")
         self.assertTrue(
             header["Authorization"].startswith('OAuth realm="baa-realm",'))
         # make sure sign() does not override the default realm
diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py
index afdcfc0..4abf914 100644
--- a/tests/oauth1/rfc5849/test_signatures.py
+++ b/tests/oauth1/rfc5849/test_signatures.py
@@ -83,12 +83,24 @@ class SignatureTests(TestCase):
         uri = b"www.example.com:8080"
         self.assertRaises(ValueError, normalize_base_string_uri, uri)
 
-        uri = "http://www.example.com:80"
-        self.assertEquals(normalize_base_string_uri(uri), "http://www.example.com")
+        # test a URI with the default port
+        uri = "http://www.example.com:80/"
+        self.assertEquals(normalize_base_string_uri(uri), "http://www.example.com/")
 
+        # test a URI missing a path
+        uri = "http://www.example.com"
+        self.assertEquals(normalize_base_string_uri(uri), "http://www.example.com/")
+
+        # test a relative URI
+        uri = "/a-host-relative-uri"
+        host = "www.example.com"
+        self.assertRaises(ValueError, normalize_base_string_uri, (uri, host))
+
+        # test overriding the URI's netloc with a host argument
+        uri = "http://www.example.com/a-path"
         host = "alternatehost.example.com"
         self.assertEquals(normalize_base_string_uri(uri, host),
-                          "http://alternatehost.example.com")
+                          "http://alternatehost.example.com/a-path")
 
     def test_collect_parameters(self):
         """ We check against parameters multiple times in case things change after more