incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Adam Kocoloski (JIRA)" <j...@apache.org>
Subject [jira] Created: (COUCHDB-522) supplying a bad TokenSecret causes a 500 error response
Date Thu, 08 Oct 2009 16:50:31 GMT
supplying a bad TokenSecret causes a 500 error response
-------------------------------------------------------

                 Key: COUCHDB-522
                 URL: https://issues.apache.org/jira/browse/COUCHDB-522
             Project: CouchDB
          Issue Type: Bug
          Components: HTTP Interface
    Affects Versions: 0.10
            Reporter: Adam Kocoloski
            Assignee: Jason Davies


It seems that if a user tries to authenticate with OAuth using a token secret that CouchDB
doesn't know about, the result will be an Internal Server Error and a traceback that looks
like

[Thu, 08 Oct 2009 14:44:19 GMT] [info] [<0.1103.24>] Stacktrace: [{oauth_uri,encode,[undefined,[]]},
             {oauth_uri,'-calate/2-lc$^0/1-0-',1},
             {oauth_uri,'-calate/2-lc$^0/1-0-',1},
             {oauth_uri,calate,2},
             {oauth_hmac_sha1,signature,3},
             {oauth_hmac_sha1,verify,4},
             {couch_httpd_oauth,'-oauth_authentication_handler/1-fun-0-',6},
             {couch_httpd,authenticate_request,2}]

I think we could fix this by replacing

TokenSecret = couch_config:get("oauth_token_secrets", AccessToken),

with 

TokenSecret = couch_config:get("oauth_token_secrets", AccessToken, ""),

or some other more appropriate default string.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message