From 69d5b41e7ecfa8d1b31628af5e0b2297984ea943 Mon Sep 17 00:00:00 2001 From: Jan Lehnardt Date: Sat, 29 Aug 2009 13:42:50 +0000 Subject: merge cascading auth patch by Jason Davies, closes COUCHDB-478, fix tests git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@809134 13f79535-47bb-0310-9956-ffa450edef68 --- share/www/script/couch.js | 4 ++- share/www/script/sha1.js | 2 +- share/www/script/test/oauth.js | 76 +++++++++++++++++++++++++++++++++--------- 3 files changed, 64 insertions(+), 18 deletions(-) (limited to 'share/www/script') diff --git a/share/www/script/couch.js b/share/www/script/couch.js index e902a730..81e25f1b 100644 --- a/share/www/script/couch.js +++ b/share/www/script/couch.js @@ -324,7 +324,9 @@ CouchDB.createUser = function(username, password, email, roles, basicAuth) { } } var headers = {"Content-Type": "application/x-www-form-urlencoded"}; - if (!basicAuth) { + if (basicAuth) { + headers['Authorization'] = basicAuth + } else { headers['X-CouchDB-WWW-Authenticate'] = 'Cookie'; } diff --git a/share/www/script/sha1.js b/share/www/script/sha1.js index 1b559823..ee73a634 100644 --- a/share/www/script/sha1.js +++ b/share/www/script/sha1.js @@ -12,7 +12,7 @@ * the server-side, but the defaults work in most cases. */ var hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ -var b64pad = ""; /* base-64 pad character. "=" for strict RFC compliance */ +var b64pad = "="; /* base-64 pad character. "=" for strict RFC compliance */ var chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ /* diff --git a/share/www/script/test/oauth.js b/share/www/script/test/oauth.js index 6048a0ce..8b71d745 100644 --- a/share/www/script/test/oauth.js +++ b/share/www/script/test/oauth.js @@ -36,7 +36,7 @@ couchTests.oauth = function(debug) { return secret; } - function oauthRequest(path, message, accessor, method) { + function oauthRequest(method, path, message, accessor) { message.action = path; message.method = method || 'GET'; OAuth.SignatureMethod.sign(message, accessor); @@ -59,6 +59,8 @@ couchTests.oauth = function(debug) { var consumerSecret = generateSecret(64); var tokenSecret = generateSecret(64); + var admintokenSecret = generateSecret(64); + var testadminPassword = "ohsosecret"; var host = CouchDB.host; var dbPair = { @@ -76,24 +78,40 @@ couchTests.oauth = function(debug) { target: "http://" + host + "/test_suite_db_b" }; + var adminBasicAuthHeaderValue = function() { + var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword)); + return retval; + } + // this function will be called on the modified server var testFun = function () { try { - var usersDb = new CouchDB("test_suite_users", {"X-Couch-Full-Commit":"false"}); + CouchDB.request("PUT", "http://" + host + "/_config/admins/testadmin", { + headers: {"X-Couch-Persist": "false"}, + body: JSON.stringify(testadminPassword) + }); + + var usersDb = new CouchDB("test_suite_users", { + "X-Couch-Full-Commit":"false", + "Authorization": adminBasicAuthHeaderValue() + }); usersDb.deleteDb(); usersDb.createDb(); - + // Create a user - T(CouchDB.createUser("jason", "testpassword", "test@somemail.com", ['test'], true).ok); + T(CouchDB.createUser("jason", "testpassword", "test@somemail.com", ['test'], adminBasicAuthHeaderValue()).ok); var accessor = { consumerSecret: consumerSecret, tokenSecret: tokenSecret }; + var adminAccessor = { + consumerSecret: consumerSecret, + tokenSecret: admintokenSecret + }; var signatureMethods = ["PLAINTEXT", "HMAC-SHA1"]; var consumerKeys = {key: 200, nonexistent_key: 400}; - for (var i=0; i