couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filipe David Manana <fdman...@apache.org>
Subject Re: [2/2] git commit: Fix OAuth authentication with VHosts + URL rewriting
Date Mon, 12 Dec 2011 03:24:19 GMT
On Monday, December 12, 2011, Randall Leeds <randall.leeds@gmail.com> wrote:
> I'm missing something. Is there any place where pre_rewrite_user_ctx
> is read? I only see put and erase calls.

Yes. You miss the fact that erase returns the current value (or undefined).
>
> On Sat, Dec 10, 2011 at 12:11, Filipe David Manana <fdmanana@apache.org>
wrote:
>> On Sat, Dec 10, 2011 at 8:08 PM, Benoit Chesneau <bchesneau@gmail.com>
wrote:
>>> what is the point of wariting in the process registry?
>>
>> To make it simple, not adding a new handle_request_int clause to
>> couch_httpd or a new entry point.
>>
>>>
>>> On Sat, Dec 10, 2011 at 9:03 PM,  <fdmanana@apache.org> wrote:
>>>> Fix OAuth authentication with VHosts + URL rewriting
>>>>
>>>> The OAuth handler was not getting the right path (the one
>>>> the client used to compute its OAuth signature) to verify
>>>> the client's signature. The right path is the one from
>>>> before doing the VHost dispatch.
>>>> Secondly, after the OAuth handler succeeds, the rewriter
>>>> kicks in and calls couch_httpd:handle_request_int/5 with a
>>>> new mochiweb request which contains the rewritten patch.
>>>> This will cause all the authentication handlers to run again,
>>>> which makes the OAuth handler fail this second time because
>>>> it gets a rewritten patch.
>>>>
>>>> COUCHDB-1320
>>>>
>>>>
>>>> Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
>>>> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/b86fa1f6
>>>> Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/b86fa1f6
>>>> Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/b86fa1f6
>>>>
>>>> Branch: refs/heads/1.2.x
>>>> Commit: b86fa1f6bedee9d441bf4cac53c2794a60c69216
>>>> Parents: 25754ac
>>>> Author: Filipe David Borba Manana <fdmanana@apache.org>
>>>> Authored: Sat Dec 10 19:05:52 2011 +0000
>>>> Committer: Filipe David Borba Manana <fdmanana@apache.org>
>>>> Committed: Sat Dec 10 19:40:37 2011 +0000
>>>>
>>>> ----------------------------------------------------------------------
>>>>  src/couchdb/couch_httpd.erl         |    3 +-
>>>>  src/couchdb/couch_httpd_oauth.erl   |   11 +++-
>>>>  src/couchdb/couch_httpd_rewrite.erl |    4 +-
>>>>  test/etap/160-vhosts.t              |   89
+++++++++++++++++++++++++++++-
>>>>  4 files changed, 102 insertions(+), 5 deletions(-)
>>>> ----------------------------------------------------------------------
>>>>
>>>>
>>>>
http://git-wip-us.apache.org/repos/asf/couchdb/blob/b86fa1f6/src/couchdb/couch_httpd.erl
>>>> ----------------------------------------------------------------------
>>>> diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
>>>> index 11b0bca..2d4c38d 100644
>>>> --- a/src/couchdb/couch_httpd.erl
>>>> +++ b/src/couchdb/couch_httpd.erl
>>>> @@ -298,7 +298,8 @@ handle_request_int(MochiReq, DefaultFun,
>>>>         db_url_handlers = DbUrlHandlers,
>>>>         design_url_handlers = DesignUrlHandlers,
>>>>         default_fun = DefaultFun,
>>>> -        url_handlers = UrlHandlers
>>>> +        url_handlers = UrlHandlers,
>>>> +        user_ctx = erlang:erase(pre_rewrite_user_ctx)
>>>>     },
>>>>
>>>>     HandlerFun = couch_util:dict_find(HandlerKey, UrlHandlers,
DefaultFun),
>>>>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message