summaryrefslogtreecommitdiff
path: root/share/www/script/test/oauth.js
diff options
context:
space:
mode:
authorDamien F. Katz <damien@apache.org>2009-08-04 19:50:46 +0000
committerDamien F. Katz <damien@apache.org>2009-08-04 19:50:46 +0000
commit8e2215ee6306b0f4c13553796d401e9f5f93bcb6 (patch)
tree948b9179887e73379bc445b9ad058de3a0bbe870 /share/www/script/test/oauth.js
parentfd72a9bc48ebab76976f538c28459a0e26aa1750 (diff)
Initial check-in of OAuth and cookie authentication.
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@800938 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share/www/script/test/oauth.js')
-rw-r--r--share/www/script/test/oauth.js166
1 files changed, 166 insertions, 0 deletions
diff --git a/share/www/script/test/oauth.js b/share/www/script/test/oauth.js
new file mode 100644
index 00000000..fb4ab818
--- /dev/null
+++ b/share/www/script/test/oauth.js
@@ -0,0 +1,166 @@
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not
+// use this file except in compliance with the License. You may obtain a copy
+// of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+couchTests.oauth = function(debug) {
+ // This tests OAuth authentication.
+
+ var authorization_url = "/_oauth/authorize";
+
+ var db = new CouchDB("test_suite_db");
+ db.deleteDb();
+ db.createDb();
+ if (debug) debugger;
+
+ var dbA = new CouchDB("test_suite_db_a");
+ var dbB = new CouchDB("test_suite_db_b");
+ dbA.deleteDb();
+ dbA.createDb();
+ dbB.deleteDb();
+ dbB.createDb();
+
+ // Simple secret key generator
+ function generateSecret(length) {
+ var secret = '';
+ for (var i=0; i<length; i++) {
+ secret += String.fromCharCode(Math.floor(Math.random() * 256));
+ }
+ return secret;
+ }
+
+ function oauthRequest(path, message, accessor, method) {
+ message.action = path;
+ message.method = method || 'GET';
+ OAuth.SignatureMethod.sign(message, accessor);
+ var parameters = message.parameters;
+ if (method == "POST" || method == "GET") {
+ if (method == "GET") {
+ return CouchDB.request("GET", OAuth.addToURL(path, parameters));
+ } else {
+ return CouchDB.request("POST", path, {
+ headers: {"Content-Type": "application/x-www-form-urlencoded"},
+ body: OAuth.formEncode(parameters)
+ });
+ }
+ } else {
+ return CouchDB.request("GET", path, {
+ headers: {Authorization: OAuth.getAuthorizationHeader('', parameters)}
+ });
+ }
+ }
+
+ var consumerSecret = generateSecret(64);
+ var tokenSecret = generateSecret(64);
+
+ var host = CouchDB.host;
+ var dbPair = {
+ source: {
+ url: "http://" + host + "/test_suite_db_a",
+ auth: {
+ oauth: {
+ consumer_key: "key",
+ consumer_secret: consumerSecret,
+ token_secret: tokenSecret,
+ token: "foo"
+ }
+ }
+ },
+ target: "http://" + host + "/test_suite_db_b"
+ };
+
+ // this function will be called on the modified server
+ var testFun = function () {
+ try {
+ var usersDb = new CouchDB("test_suite_users");
+ usersDb.deleteDb();
+ usersDb.createDb();
+
+ // Create a user
+ T(CouchDB.createUser("jason", "testpassword", "test@somemail.com", ['test'], true).ok);
+
+ var accessor = {
+ consumerSecret: consumerSecret,
+ tokenSecret: tokenSecret
+ };
+
+ var signatureMethods = ["PLAINTEXT", "HMAC-SHA1"];
+ var consumerKeys = {key: 200, nonexistent_key: 400};
+
+ for (var i=0; i<signatureMethods.length; i++) {
+ for (var consumerKey in consumerKeys) {
+ var expectedCode = consumerKeys[consumerKey];
+ var message = {
+ parameters: {
+ oauth_signature_method: signatureMethods[i],
+ oauth_consumer_key: consumerKey,
+ oauth_token: "foo",
+ oauth_token_secret: tokenSecret,
+ oauth_version: "1.0"
+ }
+ };
+
+ // Get request token via Authorization header
+ xhr = oauthRequest("http://" + host + "/_oauth/request_token", message, accessor);
+ T(xhr.status == expectedCode);
+
+ // GET request token via query parameters
+ xhr = oauthRequest("http://" + host + "/_oauth/request_token", message, accessor, "GET");
+ T(xhr.status == expectedCode);
+
+ responseMessage = OAuth.decodeForm(xhr.responseText);
+
+ // Obtaining User Authorization
+ //Only needed for 3-legged OAuth
+ //xhr = CouchDB.request("GET", authorization_url + '?oauth_token=' + responseMessage.oauth_token);
+ //T(xhr.status == expectedCode);
+
+ xhr = oauthRequest("http://" + host + "/_session", message, accessor);
+ T(xhr.status == expectedCode);
+ if (xhr.status == expectedCode == 200) {
+ data = JSON.parse(xhr.responseText);
+ T(data.name == "jason");
+ T(data.roles[0] == "test");
+ }
+
+ xhr = oauthRequest("http://" + host + "/_session?foo=bar", message, accessor);
+ T(xhr.status == expectedCode);
+
+ // Replication
+ var result = CouchDB.replicate(dbPair.source, dbPair.target);
+ T(result.ok);
+ }
+ }
+
+ } finally {
+ }
+ };
+
+ run_on_modified_server(
+ [{section: "httpd",
+ key: "WWW-Authenticate", value: 'Basic realm="administrator",OAuth'},
+ {section: "couch_httpd_auth",
+ key: "secret", value: generateSecret(64)},
+ {section: "couch_httpd_auth",
+ key: "authentication_db", value: "test_suite_users"},
+ {section: "oauth_consumer_secrets",
+ key: "key", value: consumerSecret},
+ {section: "oauth_token_users",
+ key: "foo", value: "jason"},
+ {section: "oauth_token_secrets",
+ key: "foo", value: tokenSecret},
+ {section: "couch_httpd_oauth",
+ key: "authorization_url", value: authorization_url},
+ {section: "httpd",
+ key: "authentication_handlers",
+ value: "{couch_httpd_oauth, oauth_authentication_handler}, {couch_httpd_auth, default_authentication_handler}"}],
+ testFun
+ );
+};