Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@couchdb.apache.org
Date: Tue, 2 Jul 2013 00:25:20 +0000 (UTC)
From: "Alexander Shorin (JIRA)" <jira@apache.org>
To: dev@couchdb.apache.org
Message-ID: <JIRA.12596002.1340753124881.195498.1372724720058@arcas>
In-Reply-To: <JIRA.12596002.1340753124881@arcas>
References: <JIRA.12596002.1340753124881@arcas>
Subject: [jira] [Updated] (COUCHDB-1504) POST to _session using OAuth yields
 401
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


     [ https://issues.apache.org/jira/browse/COUCHDB-1504?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alexander Shorin updated COUCHDB-1504:
--------------------------------------

    Component/s: HTTP Interface
    
> POST to _session using OAuth yields 401
> ---------------------------------------
>
>                 Key: COUCHDB-1504
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1504
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>    Affects Versions: 1.2
>         Environment: OS X 10.6.8, couchdb built via build-couchdb w/ couchdb_browserid & geocouch plugins
>            Reporter: Jim Klo
>              Labels: oauth, session
>
> create a user that has OAuth consumer key, secret, token, and  token secret fields:
> {
>    "_id": "org.couchdb.user:jim.klo@gmail.com",
>    "_rev": "2-c82b774940546d812f459df92c8e0e00",
>    "type": "user",
>    "name": "jim.klo@gmail.com",
>    "roles": [
>        "browserid"
>    ],
>    "salt": "3daafe56a143d8fa08ced7cccfdb2a70",
>    "browserid": true,
>    "oauth": {
>        "consumer_keys": {
>            "jim.klo@gmail.com": "XBE+cC2eUPxHMrd2CWQfEVZ/ELgHCQZg"
>        },
>        "tokens": {
>            "node_sign_token": "iQ0Xm7FTAOokDNvlVPV352ac4Vtg5gSj"
>        }
>    }
> }
> create a valid oauth 1.0 form post with url encoded content:
> curl -H'Content-Type: application/x-www-form-urlencoded' -d 'oauth_consumer_key=jim.klo%40gmail.com&oauth_token=node_sign_token&oauth_version=1.0&oauth_timestamp=1340752816&oauth_nonce=dT2fqv&oauth_signature_method=HMAC-SHA1&oauth_signature=hNSttzb9jMdy%2FhmI2pYBQmmeouI%3D ' -k 'https://jim-klos-macbook-pro.local/_session'
> return is: 
>  {"error":"unauthorized","reason":"Name or password is incorrect."}
> log shows this:
> [Tue, 26 Jun 2012 23:20:19 GMT] [debug] [<0.15281.2>] 'POST' /_session {1,0} from "127.0.0.1"
> Headers: [{'Accept',"application/json"},
>           {'Accept-Charset',"ISO-8859-1,utf-8;q=0.7,*;q=0.3"},
>           {'Accept-Encoding',"gzip,deflate,sdch"},
>           {'Accept-Language',"en-US,en;q=0.8"},
>           {'Connection',"close"},
>           {'Content-Length',"212"},
>           {'Content-Type',"application/x-www-form-urlencoded"},
>           {'Cookie',"AuthSession="},
>           {'Host',"jim-klos-macbook-pro.local"},
>           {"Origin","chrome-extension://iaekhlnnfliepcojnmcjmfnceejmkpbn"},
>           {'User-Agent',"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5"},
>           {'X-Forwarded-For',"127.0.0.1"},
>           {"X-Forwarded-Ssl","on"},
>           {"X-Real-Ip","127.0.0.1"}]
> [Tue, 26 Jun 2012 23:20:19 GMT] [debug] [<0.15281.2>] OAuth Params: []
> [Tue, 26 Jun 2012 23:20:19 GMT] [debug] [<0.15281.2>] Attempt Login: 
> [Tue, 26 Jun 2012 23:20:19 GMT] [info] [<0.15281.2>] 127.0.0.1 - - POST /_session 401
> [Tue, 26 Jun 2012 23:20:19 GMT] [debug] [<0.15281.2>] httpd 401 error response:
>  {"error":"unauthorized","reason":"Name or password is incorrect."}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira