couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kocol...@apache.org
Subject svn commit: r820469 - in /couchdb/trunk: share/www/script/test/oauth.js src/couchdb/couch_rep_httpc.erl
Date Wed, 30 Sep 2009 22:00:42 GMT
Author: kocolosk
Date: Wed Sep 30 22:00:41 2009
New Revision: 820469

URL: http://svn.apache.org/viewvc?rev=820469&view=rev
Log:
more OAuth fixes, in particular for requests with query-string parameters

Modified:
    couchdb/trunk/share/www/script/test/oauth.js
    couchdb/trunk/src/couchdb/couch_rep_httpc.erl

Modified: couchdb/trunk/share/www/script/test/oauth.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/oauth.js?rev=820469&r1=820468&r2=820469&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/test/oauth.js (original)
+++ couchdb/trunk/share/www/script/test/oauth.js Wed Sep 30 22:00:41 2009
@@ -52,7 +52,7 @@
         });
       }
     } else {
-      return CouchDB.request("GET", path, {
+      return CouchDB.request(method, path, {
         headers: {Authorization: OAuth.getAuthorizationHeader('', parameters)}
       });
     }
@@ -63,6 +63,11 @@
   var admintokenSecret = generateSecret(64);
   var testadminPassword = "ohsosecret";
 
+  var adminBasicAuthHeaderValue = function() {
+    var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword));
+    return retval;
+  }
+
   var host = CouchDB.host;
   var dbPair = {
     source: {
@@ -76,14 +81,12 @@
         }
       }
     },
-    target: "http://" + host + "/test_suite_db_b"
+    target: {
+      url: "http://" + host + "/test_suite_db_b",
+      headers: {"Authorization": adminBasicAuthHeaderValue()}
+    }
   };
 
-  var adminBasicAuthHeaderValue = function() {
-    var retval = 'Basic ' + binb2b64(str2binb("testadmin:" + testadminPassword));
-    return retval;
-  }
-
   // this function will be called on the modified server
   var testFun = function () {
     try {
@@ -92,6 +95,16 @@
         body: JSON.stringify(testadminPassword)
       });
 
+      CouchDB.request("GET", "/_sleep?time=50");
+
+      CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user",
{
+        headers: {
+          "X-Couch-Persist": "false",
+          "Authorization": adminBasicAuthHeaderValue()
+        },
+        body: JSON.stringify("true")
+      });
+
       var usersDb = new CouchDB("test_suite_users", {
         "X-Couch-Full-Commit":"false",
         "Authorization": adminBasicAuthHeaderValue()
@@ -157,7 +170,9 @@
           T(xhr.status == expectedCode);
 
           // Replication
-          var result = CouchDB.replicate(dbPair.source, dbPair.target);
+          var result = CouchDB.replicate(dbPair.source, dbPair.target, {
+            headers: {"Authorization": adminBasicAuthHeaderValue()}
+          });
           T(result.ok);
 
           // Test auth via admin user defined in .ini
@@ -179,6 +194,15 @@
         }
       }
     } finally {
+      var xhr = CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user",
{
+        headers: {
+          "Authorization": adminBasicAuthHeaderValue(),
+          "X-Couch-Persist": "false"
+        },
+        body: JSON.stringify("false")
+      });
+      T(xhr.status == 200);
+
       var xhr = CouchDB.request("DELETE", "http://" + host + "/_config/admins/testadmin",
{
         headers: {
           "Authorization": adminBasicAuthHeaderValue(),

Modified: couchdb/trunk/src/couchdb/couch_rep_httpc.erl
URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_rep_httpc.erl?rev=820469&r1=820468&r2=820469&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_rep_httpc.erl (original)
+++ couchdb/trunk/src/couchdb/couch_rep_httpc.erl Wed Sep 30 22:00:41 2009
@@ -26,18 +26,19 @@
 do_request(Req) ->
     #http_db{
         auth = Auth,
+        body = B,
+        conn = Conn,
         headers = Headers0,
         method = Method,
-        body = B,
         options = Opts,
-        conn = Conn
+        qs = QS
     } = Req,
     Url = full_url(Req),
     Headers = case proplists:get_value(<<"oauth">>, Auth) of
     undefined ->
         Headers0;
     {OAuthProps} ->
-        [oauth_header(Url, Method, OAuthProps) | Headers0]
+        [oauth_header(Url, QS, Method, OAuthProps) | Headers0]
     end,
     Body = case B of
     {Fun, InitialState} when is_function(Fun) ->
@@ -68,7 +69,7 @@
     undefined ->
         Headers0;
     {OAuthProps} ->
-        [oauth_header(Url, get, OAuthProps) | Headers0]
+        [oauth_header(Url, [], head, OAuthProps) | Headers0]
     end,
     case catch ibrowse:send_req(Url, Headers, head) of
     {ok, "200", _, _} ->
@@ -177,7 +178,8 @@
         Body
     end.
 
-oauth_header(Url, Action, Props) ->
+oauth_header(Url, QS, Action, Props) ->
+    QSL = [{couch_util:to_list(K), couch_util:to_list(V)} || {K,V} <- QS],
     ConsumerKey = ?b2l(proplists:get_value(<<"consumer_key">>, Props)),
     Token = ?b2l(proplists:get_value(<<"token">>, Props)),
     TokenSecret = ?b2l(proplists:get_value(<<"token_secret">>, Props)),
@@ -186,7 +188,9 @@
     Method = case Action of
         get -> "GET";
         post -> "POST";
-        put -> "PUT"
+        put -> "PUT";
+        head -> "HEAD"
     end,
-    Params = oauth:signed_params(Method, Url, [], Consumer, Token, TokenSecret),
+    Params = oauth:signed_params(Method, Url, QSL, Consumer, Token, TokenSecret)
+        -- QSL,
     {"Authorization", "OAuth " ++ oauth_uri:params_to_header_string(Params)}.



Mime
View raw message