couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Link_Collection_Authentication_and_Authorization" by martinh
Date Sun, 20 May 2012 10:54:55 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Link_Collection_Authentication_and_Authorization" page has been changed by martinh:
http://wiki.apache.org/couchdb/Link_Collection_Authentication_and_Authorization?action=diff&rev1=28&rev2=29

Comment:
Updated OAuth information

  [[http://issues.apache.org/jira/browse/COUCHDB-256|COUCHDB-256]] : Replicating from a write-protected
server fails
  
  [[http://issues.apache.org/jira/browse/COUCHDB-438|COUCHDB-438]] : Add per database (OAuth)
authentication to couchdb
+ 
+ [[http://issues.apache.org/jira/browse/COUCHDB-1238|COUCHDB-1238]] : CouchDB uses _users
db for storing oauth credentials
  
  
  == Definitions ==
@@ -235, +237 @@

  === couch_httpd_oauth::oauth_authentication_handler ===
  
  [[http://issues.apache.org/jira/browse/COUCHDB-420|COUCHDB-420]] implemented an
+ [[http://oauth.net/|OAuth 1.0]] authentication handler included in 0.10.x onwards.
- [[http://oauth.net/|OAuth]] authentication handler now in SVN HEAD and to be
- included in 0.10.x.  The patch also changes
- couch_httpd to accept a list of authentication handlers instead of a single
+ The also allowed couch_httpd to accept a list of authentication handlers instead 
- authentication handler.
+ of a single authentication handler.
  
  Steps to get OAuth authentication working (with the patch installed):
  
@@ -269, +270 @@

  {"ok":true,"name":"admin_user","roles":["_admin"]}
  }}}
  
+ [[http://issues.apache.org/jira/browse/COUCHDB-1238|COUCHDB-1238]] introduced the ability
to store oauth credentials in the _users db, rather than in the .ini. This is present from
1.2 and is disabled by default. A new section was introduced to default.ini.
+ {{{
+ [couch_httpd_oauth]
+ ; If set to 'true', oauth token and consumer secrets will be looked up
+ ; in the authentication database (_users). These secrets are stored in
+ ; a top level property named "oauth" in user documents. Example:
+ ;     {
+ ;         "_id": "org.couchdb.user:joe",
+ ;         "type": "user",
+ ;         "name": "joe",
+ ;         "password_sha": "fe95df1ca59a9b567bdca5cbaf8412abd6e06121",
+ ;         "salt": "4e170ffeb6f34daecfd814dfb4001a73"
+ ;         "roles": ["foo", "bar"],
+ ;         "oauth": {
+ ;             "consumer_keys": {
+ ;                 "consumerKey1": "key1Secret",
+ ;                 "consumerKey2": "key2Secret"
+ ;             },
+ ;             "tokens": {
+ ;                 "token1": "token1Secret",
+ ;                 "token2": "token2Secret"
+ ;             }
+ ;         }
+ ;     }
+ use_users_db = false
+ }}}
+ 
+ 
- === Facebook Authentication ===
+ === Facebook & Twitter Authentication ===
  
- The source for this can be found on [[https://github.com/ocastalabs/CouchDB-Facebook-Authentication|
GitHub]]. This add-on uses
+ The source for this can be found on [[https://github.com/ocastalabs/CouchDB-XO_Auth| GitHub]].
This add-on uses
- the [[http://developers.Facebook.com/docs/authentication/|  Facebook Authentication API]]
to authenticate a user and then creates a cookie based session in a similar manner to couch_httpd_auth.
+ the [[http://developers.Facebook.com/docs/authentication/|  Facebook Authentication API]]
and [[ https://dev.twitter.com/docs/auth/using-oauth | Twitter OAuth API]] to authenticate
a user and then creates a cookie based session in a similar manner to couch_httpd_auth.
  
  == Authorization use cases ==
  

Mime
View raw message