summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAdam Kocoloski <kocolosk@apache.org>2009-09-30 22:00:41 +0000
committerAdam Kocoloski <kocolosk@apache.org>2009-09-30 22:00:41 +0000
commit3c32073065286f57835323a7f97a3958a8021dec (patch)
tree174ac10dfb809863865edd4f80db12e589a46b7b
parent32f2b2260217bfc1f685274445eb7e1aea6a0199 (diff)
more OAuth fixes, in particular for requests with query-string parameters
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@820469 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--share/www/script/test/oauth.js40
-rw-r--r--src/couchdb/couch_rep_httpc.erl18
2 files changed, 43 insertions, 15 deletions
diff --git a/share/www/script/test/oauth.js b/share/www/script/test/oauth.js
index ebe817b2..6d8498a6 100644
--- a/share/www/script/test/oauth.js
+++ b/share/www/script/test/oauth.js
@@ -52,7 +52,7 @@ couchTests.oauth = function(debug) {
});
}
} else {
- return CouchDB.request("GET", path, {
+ return CouchDB.request(method, path, {
headers: {Authorization: OAuth.getAuthorizationHeader('', parameters)}
});
}
@@ -63,6 +63,11 @@ couchTests.oauth = function(debug) {
var admintokenSecret = generateSecret(64);
var testadminPassword = "ohsosecret";
+ var adminBasicAuthHeaderValue = function() {
+ var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword));
+ return retval;
+ }
+
var host = CouchDB.host;
var dbPair = {
source: {
@@ -76,14 +81,12 @@ couchTests.oauth = function(debug) {
}
}
},
- target: "http://" + host + "/test_suite_db_b"
+ target: {
+ url: "http://" + host + "/test_suite_db_b",
+ headers: {"Authorization": adminBasicAuthHeaderValue()}
+ }
};
- var adminBasicAuthHeaderValue = function() {
- var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword));
- return retval;
- }
-
// this function will be called on the modified server
var testFun = function () {
try {
@@ -92,6 +95,16 @@ couchTests.oauth = function(debug) {
body: JSON.stringify(testadminPassword)
});
+ CouchDB.request("GET", "/_sleep?time=50");
+
+ CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", {
+ headers: {
+ "X-Couch-Persist": "false",
+ "Authorization": adminBasicAuthHeaderValue()
+ },
+ body: JSON.stringify("true")
+ });
+
var usersDb = new CouchDB("test_suite_users", {
"X-Couch-Full-Commit":"false",
"Authorization": adminBasicAuthHeaderValue()
@@ -157,7 +170,9 @@ couchTests.oauth = function(debug) {
T(xhr.status == expectedCode);
// Replication
- var result = CouchDB.replicate(dbPair.source, dbPair.target);
+ var result = CouchDB.replicate(dbPair.source, dbPair.target, {
+ headers: {"Authorization": adminBasicAuthHeaderValue()}
+ });
T(result.ok);
// Test auth via admin user defined in .ini
@@ -179,6 +194,15 @@ couchTests.oauth = function(debug) {
}
}
} finally {
+ var xhr = CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", {
+ headers: {
+ "Authorization": adminBasicAuthHeaderValue(),
+ "X-Couch-Persist": "false"
+ },
+ body: JSON.stringify("false")
+ });
+ T(xhr.status == 200);
+
var xhr = CouchDB.request("DELETE", "http://" + host + "/_config/admins/testadmin", {
headers: {
"Authorization": adminBasicAuthHeaderValue(),
diff --git a/src/couchdb/couch_rep_httpc.erl b/src/couchdb/couch_rep_httpc.erl
index 35334225..b714be6b 100644
--- a/src/couchdb/couch_rep_httpc.erl
+++ b/src/couchdb/couch_rep_httpc.erl
@@ -26,18 +26,19 @@ do_request(#http_db{url=Url} = Req) when is_binary(Url) ->
do_request(Req) ->
#http_db{
auth = Auth,
+ body = B,
+ conn = Conn,
headers = Headers0,
method = Method,
- body = B,
options = Opts,
- conn = Conn
+ qs = QS
} = Req,
Url = full_url(Req),
Headers = case proplists:get_value(<<"oauth">>, Auth) of
undefined ->
Headers0;
{OAuthProps} ->
- [oauth_header(Url, Method, OAuthProps) | Headers0]
+ [oauth_header(Url, QS, Method, OAuthProps) | Headers0]
end,
Body = case B of
{Fun, InitialState} when is_function(Fun) ->
@@ -68,7 +69,7 @@ db_exists(Req, CanonicalUrl) ->
undefined ->
Headers0;
{OAuthProps} ->
- [oauth_header(Url, get, OAuthProps) | Headers0]
+ [oauth_header(Url, [], head, OAuthProps) | Headers0]
end,
case catch ibrowse:send_req(Url, Headers, head) of
{ok, "200", _, _} ->
@@ -177,7 +178,8 @@ maybe_decompress(Headers, Body) ->
Body
end.
-oauth_header(Url, Action, Props) ->
+oauth_header(Url, QS, Action, Props) ->
+ QSL = [{couch_util:to_list(K), couch_util:to_list(V)} || {K,V} <- QS],
ConsumerKey = ?b2l(proplists:get_value(<<"consumer_key">>, Props)),
Token = ?b2l(proplists:get_value(<<"token">>, Props)),
TokenSecret = ?b2l(proplists:get_value(<<"token_secret">>, Props)),
@@ -186,7 +188,9 @@ oauth_header(Url, Action, Props) ->
Method = case Action of
get -> "GET";
post -> "POST";
- put -> "PUT"
+ put -> "PUT";
+ head -> "HEAD"
end,
- Params = oauth:signed_params(Method, Url, [], Consumer, Token, TokenSecret),
+ Params = oauth:signed_params(Method, Url, QSL, Consumer, Token, TokenSecret)
+ -- QSL,
{"Authorization", "OAuth " ++ oauth_uri:params_to_header_string(Params)}.