@Test
public void testRevokedAccessToken() throws Exception {
MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL);
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
assertEquals("", response.getResponseAsString());
client.approveToken("user_data=hello-oauth");
response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1");
assertEquals("User data is hello-oauth", response.getResponseAsString());
serviceProvider.revokeAllAccessTokens();
response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2");
assertEquals("", response.getResponseAsString());
assertNotNull(response.getMetadata().get("oauthApprovalUrl"));
assertNull("Should not return oauthError for revoked token",
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
checkStringContains("should return original request", errorText, "GET /data?cachebust=2\n");
checkStringContains("should return signed request", errorText, "GET /data?cachebust=2&");
checkStringContains("should remove secret", errorText, "oauth_token_secret=REMOVED");
checkStringContains("should return response", errorText, "HTTP/1.1 401");
checkStringContains("should return response", errorText, "oauth_problem=\"token_revoked\"");
client.approveToken("user_data=reapproved");
response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=3");
assertEquals("User data is reapproved", response.getResponseAsString());
}