diff options
author | Adam Kocoloski <kocolosk@apache.org> | 2009-09-30 22:00:41 +0000 |
---|---|---|
committer | Adam Kocoloski <kocolosk@apache.org> | 2009-09-30 22:00:41 +0000 |
commit | 3c32073065286f57835323a7f97a3958a8021dec (patch) | |
tree | 174ac10dfb809863865edd4f80db12e589a46b7b | |
parent | 32f2b2260217bfc1f685274445eb7e1aea6a0199 (diff) |
more OAuth fixes, in particular for requests with query-string parameters
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@820469 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | share/www/script/test/oauth.js | 40 | ||||
-rw-r--r-- | src/couchdb/couch_rep_httpc.erl | 18 |
2 files changed, 43 insertions, 15 deletions
diff --git a/share/www/script/test/oauth.js b/share/www/script/test/oauth.js index ebe817b2..6d8498a6 100644 --- a/share/www/script/test/oauth.js +++ b/share/www/script/test/oauth.js @@ -52,7 +52,7 @@ couchTests.oauth = function(debug) { }); } } else { - return CouchDB.request("GET", path, { + return CouchDB.request(method, path, { headers: {Authorization: OAuth.getAuthorizationHeader('', parameters)} }); } @@ -63,6 +63,11 @@ couchTests.oauth = function(debug) { var admintokenSecret = generateSecret(64); var testadminPassword = "ohsosecret"; + var adminBasicAuthHeaderValue = function() { + var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword)); + return retval; + } + var host = CouchDB.host; var dbPair = { source: { @@ -76,14 +81,12 @@ couchTests.oauth = function(debug) { } } }, - target: "http://" + host + "/test_suite_db_b" + target: { + url: "http://" + host + "/test_suite_db_b", + headers: {"Authorization": adminBasicAuthHeaderValue()} + } }; - var adminBasicAuthHeaderValue = function() { - var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword)); - return retval; - } - // this function will be called on the modified server var testFun = function () { try { @@ -92,6 +95,16 @@ couchTests.oauth = function(debug) { body: JSON.stringify(testadminPassword) }); + CouchDB.request("GET", "/_sleep?time=50"); + + CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", { + headers: { + "X-Couch-Persist": "false", + "Authorization": adminBasicAuthHeaderValue() + }, + body: JSON.stringify("true") + }); + var usersDb = new CouchDB("test_suite_users", { "X-Couch-Full-Commit":"false", "Authorization": adminBasicAuthHeaderValue() @@ -157,7 +170,9 @@ couchTests.oauth = function(debug) { T(xhr.status == expectedCode); // Replication - var result = CouchDB.replicate(dbPair.source, dbPair.target); + var result = CouchDB.replicate(dbPair.source, dbPair.target, { + headers: {"Authorization": adminBasicAuthHeaderValue()} + }); T(result.ok); // Test auth via admin user defined in .ini @@ -179,6 +194,15 @@ couchTests.oauth = function(debug) { } } } finally { + var xhr = CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", { + headers: { + "Authorization": adminBasicAuthHeaderValue(), + "X-Couch-Persist": "false" + }, + body: JSON.stringify("false") + }); + T(xhr.status == 200); + var xhr = CouchDB.request("DELETE", "http://" + host + "/_config/admins/testadmin", { headers: { "Authorization": adminBasicAuthHeaderValue(), diff --git a/src/couchdb/couch_rep_httpc.erl b/src/couchdb/couch_rep_httpc.erl index 35334225..b714be6b 100644 --- a/src/couchdb/couch_rep_httpc.erl +++ b/src/couchdb/couch_rep_httpc.erl @@ -26,18 +26,19 @@ do_request(#http_db{url=Url} = Req) when is_binary(Url) -> do_request(Req) -> #http_db{ auth = Auth, + body = B, + conn = Conn, headers = Headers0, method = Method, - body = B, options = Opts, - conn = Conn + qs = QS } = Req, Url = full_url(Req), Headers = case proplists:get_value(<<"oauth">>, Auth) of undefined -> Headers0; {OAuthProps} -> - [oauth_header(Url, Method, OAuthProps) | Headers0] + [oauth_header(Url, QS, Method, OAuthProps) | Headers0] end, Body = case B of {Fun, InitialState} when is_function(Fun) -> @@ -68,7 +69,7 @@ db_exists(Req, CanonicalUrl) -> undefined -> Headers0; {OAuthProps} -> - [oauth_header(Url, get, OAuthProps) | Headers0] + [oauth_header(Url, [], head, OAuthProps) | Headers0] end, case catch ibrowse:send_req(Url, Headers, head) of {ok, "200", _, _} -> @@ -177,7 +178,8 @@ maybe_decompress(Headers, Body) -> Body end. -oauth_header(Url, Action, Props) -> +oauth_header(Url, QS, Action, Props) -> + QSL = [{couch_util:to_list(K), couch_util:to_list(V)} || {K,V} <- QS], ConsumerKey = ?b2l(proplists:get_value(<<"consumer_key">>, Props)), Token = ?b2l(proplists:get_value(<<"token">>, Props)), TokenSecret = ?b2l(proplists:get_value(<<"token_secret">>, Props)), @@ -186,7 +188,9 @@ oauth_header(Url, Action, Props) -> Method = case Action of get -> "GET"; post -> "POST"; - put -> "PUT" + put -> "PUT"; + head -> "HEAD" end, - Params = oauth:signed_params(Method, Url, [], Consumer, Token, TokenSecret), + Params = oauth:signed_params(Method, Url, QSL, Consumer, Token, TokenSecret) + -- QSL, {"Authorization", "OAuth " ++ oauth_uri:params_to_header_string(Params)}. |