couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dav...@apache.org
Subject svn commit: r828836 - in /couchdb/trunk: share/www/script/test/oauth.js src/couchdb/couch_httpd_oauth.erl
Date Thu, 22 Oct 2009 19:58:18 GMT
Author: davisp
Date: Thu Oct 22 19:58:18 2009
New Revision: 828836

URL: http://svn.apache.org/viewvc?rev=828836&view=rev
Log:
Improve OAuth error message for missing tokens.

Added a test in oauth.js


Modified:
    couchdb/trunk/share/www/script/test/oauth.js
    couchdb/trunk/src/couchdb/couch_httpd_oauth.erl

Modified: couchdb/trunk/share/www/script/test/oauth.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/oauth.js?rev=828836&r1=828835&r2=828836&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/test/oauth.js (original)
+++ couchdb/trunk/share/www/script/test/oauth.js Thu Oct 22 19:58:18 2009
@@ -196,6 +196,12 @@
             T(data.name == "testadmin");
             T(data.roles[0] == "_admin");
           }
+
+          // Test when the user's token doesn't exist.
+          message.parameters.oauth_token = "not a token!";
+          xhr = oauthRequest("GET", "http://" + host + "/_session?foo=bar",
+                  message, adminAccessor);
+          T(xhr.status == 400, "Request should be invalid.");
         }
       }
     } finally {

Modified: couchdb/trunk/src/couchdb/couch_httpd_oauth.erl
URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd_oauth.erl?rev=828836&r1=828835&r2=828836&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_httpd_oauth.erl (original)
+++ couchdb/trunk/src/couchdb/couch_httpd_oauth.erl Thu Oct 22 19:58:18 2009
@@ -38,7 +38,10 @@
 set_user_ctx(Req, AccessToken) ->
     DbName = couch_config:get("couch_httpd_auth", "authentication_db"),
     {ok, _Db} = couch_httpd_auth:ensure_users_db_exists(?l2b(DbName)),
-    Name = ?l2b(couch_config:get("oauth_token_users", AccessToken)),
+    Name = case couch_config:get("oauth_token_users", AccessToken) of
+        undefined -> throw({bad_request, unknown_oauth_token});
+        Value -> ?l2b(Value)
+    end,
     case couch_httpd_auth:get_user(Name) of
         nil -> Req;
         User ->



Mime
View raw message