couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Davies (JIRA)" <j...@apache.org>
Subject [jira] Closed: (COUCHDB-522) supplying a bad TokenSecret causes a 500 error response
Date Mon, 12 Oct 2009 10:29:31 GMT

     [ https://issues.apache.org/jira/browse/COUCHDB-522?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jason Davies closed COUCHDB-522.
--------------------------------

    Resolution: Fixed

Fixed in r824290.

> supplying a bad TokenSecret causes a 500 error response
> -------------------------------------------------------
>
>                 Key: COUCHDB-522
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-522
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>    Affects Versions: 0.10
>            Reporter: Adam Kocoloski
>            Assignee: Jason Davies
>
> It seems that if a user tries to authenticate with OAuth using a token secret that CouchDB
doesn't know about, the result will be an Internal Server Error and a traceback that looks
like
> [Thu, 08 Oct 2009 14:44:19 GMT] [info] [<0.1103.24>] Stacktrace: [{oauth_uri,encode,[undefined,[]]},
>              {oauth_uri,'-calate/2-lc$^0/1-0-',1},
>              {oauth_uri,'-calate/2-lc$^0/1-0-',1},
>              {oauth_uri,calate,2},
>              {oauth_hmac_sha1,signature,3},
>              {oauth_hmac_sha1,verify,4},
>              {couch_httpd_oauth,'-oauth_authentication_handler/1-fun-0-',6},
>              {couch_httpd,authenticate_request,2}]
> I think we could fix this by replacing
> TokenSecret = couch_config:get("oauth_token_secrets", AccessToken),
> with 
> TokenSecret = couch_config:get("oauth_token_secrets", AccessToken, ""),
> or some other more appropriate default string.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message