Permalink
Browse files

Initial check-in of OAuth and cookie authentication.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@800938 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information...
Damien F. Katz
Damien F. Katz committed Aug 4, 2009
1 parent fd72a9b commit 8e2215ee6306b0f4c13553796d401e9f5f93bcb6
Showing with 2,704 additions and 171 deletions.
  1. +6 −0 CHANGES
  2. +1 −1 Makefile.am
  3. +1 −0 bin/Makefile.am
  4. +2 −0 bin/couchdb.tpl.in
  5. +1 −0 configure.ac
  6. +303 −0 configure.ac.orig
  7. +9 −2 etc/couchdb/default.ini.tpl.in
  8. +4 −0 etc/couchdb/local.ini
  9. +4 −0 share/Makefile.am
  10. +61 −0 share/www/script/couch.js
  11. +4 −0 share/www/script/couch_tests.js
  12. +35 −0 share/www/script/jquery.couch.js
  13. +511 −0 share/www/script/oauth.js
  14. +202 −0 share/www/script/sha1.js
  15. +2 −2 share/www/script/test/changes.js
  16. +162 −0 share/www/script/test/cookie_auth.js
  17. +166 −0 share/www/script/test/oauth.js
  18. +6 −6 share/www/script/test/security_validation.js
  19. +1 −1 share/www/script/test/show_documents.js
  20. +4 −0 src/couchdb/Makefile.am
  21. +2 −1 src/couchdb/couch_db.hrl
  22. +51 −83 src/couchdb/couch_httpd.erl
  23. +507 −0 src/couchdb/couch_httpd_auth.erl
  24. +5 −2 src/couchdb/couch_httpd_external.erl
  25. +6 −21 src/couchdb/couch_httpd_misc_handlers.erl
  26. +173 −0 src/couchdb/couch_httpd_oauth.erl
  27. +14 −14 src/couchdb/couch_httpd_show.erl
  28. +1 −1 src/couchdb/couch_httpd_view.erl
  29. +53 −33 src/couchdb/couch_rep.erl
  30. +45 −1 src/couchdb/couch_util.erl
  31. +47 −0 src/erlang-oauth/Makefile.am
  32. +20 −0 src/erlang-oauth/oauth.app
  33. +107 −0 src/erlang-oauth/oauth.erl
  34. +11 −0 src/erlang-oauth/oauth_hmac_sha1.erl
  35. +22 −0 src/erlang-oauth/oauth_http.erl
  36. +10 −0 src/erlang-oauth/oauth_plaintext.erl
  37. +30 −0 src/erlang-oauth/oauth_rsa_sha1.erl
  38. +16 −0 src/erlang-oauth/oauth_unix.erl
  39. +88 −0 src/erlang-oauth/oauth_uri.erl
  40. +9 −2 src/mochiweb/mochiweb_cookies.erl
  41. +1 −1 test/runner.sh
  42. +1 −0 utils/Makefile.am
View
@@ -11,6 +11,12 @@ Build and System Integration:
* Changed `couchdb` script configuration options.
* Added default.d and local.d configuration directories to load sequence.
+HTTP Interface:
+
+ * Added optional cookie-based authentication handler.
+ * Added optional two-legged OAuth authentication handler.
+
+
Version 0.9.1
-------------
View
@@ -10,7 +10,7 @@
## License for the specific language governing permissions and limitations under
## the License.
-SUBDIRS = bin etc src/couchdb src/ibrowse src/mochiweb share test var utils
+SUBDIRS = bin etc src/couchdb src/erlang-oauth src/ibrowse src/mochiweb share test var utils
localdoc_DATA = AUTHORS.gz BUGS.gz CHANGES.gz NEWS.gz README.gz THANKS.gz
View
@@ -31,6 +31,7 @@ couchdb: couchdb.tpl
-e "s|%couchdbebindir%|couch-@version@/ebin|g" \
-e "s|%mochiwebebindir%|mochiweb-r97/ebin|g" \
-e "s|%ibrowseebindir%|ibrowse-1.4.1/ebin|g" \
+ -e "s|%oauthebindir%|erlang-oauth/ebin|g" \
-e "s|%defaultini%|default.ini|g" \
-e "s|%localini%|local.ini|g" \
-e "s|%localconfdir%|@localconfdir@|g" \
View
@@ -219,7 +219,9 @@ start_couchdb () {
-pa %localerlanglibdir%/%couchdbebindir% \
%localerlanglibdir%/%mochiwebebindir% \
%localerlanglibdir%/%ibrowseebindir% \
+ %localerlanglibdir%/%oauthebindir% \
-eval \"application:load(ibrowse)\" \
+ -eval \"application:load(oauth)\" \
-eval \"application:load(crypto)\" \
-eval \"application:load(couch)\" \
-eval \"crypto:start()\" \
View
@@ -289,6 +289,7 @@ AC_CONFIG_FILES([share/Makefile])
AC_CONFIG_FILES([src/couchdb/couch.app.tpl])
AC_CONFIG_FILES([src/couchdb/Makefile])
AC_CONFIG_FILES([src/couchdb/priv/Makefile])
+AC_CONFIG_FILES([src/erlang-oauth/Makefile])
AC_CONFIG_FILES([src/ibrowse/Makefile])
AC_CONFIG_FILES([src/mochiweb/Makefile])
AC_CONFIG_FILES([test/Makefile])
View
@@ -0,0 +1,303 @@
+dnl Licensed under the Apache License, Version 2.0 (the "License"); you may not
+dnl use this file except in compliance with the License. dnl You may obtain a
+dnl copy of the License at
+dnl
+dnl http://www.apache.org/licenses/LICENSE-2.0
+dnl
+dnl Unless required by applicable law or agreed to in writing, software
+dnl distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+dnl WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+dnl License for the specific language governing permissions and limitations
+dnl under the License.
+
+m4_include([m4/ac_check_icu.m4])
+
+AC_INIT([LOCAL_PACKAGE_NAME], [LOCAL_VERSION], [], [LOCAL_PACKAGE_TARNAME])
+
+AC_PREREQ([2.59])
+
+AC_CONFIG_SRCDIR([CHANGES])
+AC_CONFIG_AUX_DIR([build-aux])
+
+AM_CONFIG_HEADER([config.h])
+
+AM_INIT_AUTOMAKE([1.6.3 foreign])
+
+AC_GNU_SOURCE
+AC_ENABLE_SHARED
+AC_DISABLE_STATIC
+
+AC_PROG_CC
+AC_PROG_LIBTOOL
+AC_PROG_LN_S
+
+AC_MSG_CHECKING([for pthread_create in -lpthread])
+
+original_LIBS="$LIBS"
+LIBS="-lpthread $original_LIBS"
+
+AC_TRY_LINK([#include<pthread.h>],
+ [pthread_create((void *)0, (void *)0, (void *)0, (void *)0)],
+ [pthread=yes], [pthread=no])
+
+if test x${pthread} = xyes; then
+ AC_MSG_RESULT([yes])
+else
+ LIBS="$original_LIBS"
+ AC_MSG_RESULT([no])
+fi
+
+AC_ARG_WITH([erlang], [AC_HELP_STRING([--with-erlang=PATH],
+ [set PATH to the Erlang include directory])], [
+ ERLANG_FLAGS="-I$withval"
+], [
+ ERLANG_FLAGS="-I${libdir}/erlang/usr/include"
+ ERLANG_FLAGS="$ERLANG_FLAGS -I/usr/lib/erlang/usr/include"
+ ERLANG_FLAGS="$ERLANG_FLAGS -I/usr/local/lib/erlang/usr/include"
+ ERLANG_FLAGS="$ERLANG_FLAGS -I/opt/local/lib/erlang/usr/include"
+])
+
+AC_ARG_WITH([js-include], [AC_HELP_STRING([--with-js-include=PATH],
+ [set PATH to the SpiderMonkey include directory])], [
+ JS_INCLUDE="$withval"
+ JS_FLAGS="-I$JS_INCLUDE"
+], [
+ JS_FLAGS="-I/usr/include"
+ JS_FLAGS="$JS_FLAGS -I/usr/include/js"
+ JS_FLAGS="$JS_FLAGS -I/usr/include/mozjs"
+ JS_FLAGS="$JS_FLAGS -I/usr/local/include"
+ JS_FLAGS="$JS_FLAGS -I/opt/local/include"
+ JS_FLAGS="$JS_FLAGS -I/usr/local/include/js"
+ JS_FLAGS="$JS_FLAGS -I/opt/local/include/js"
+])
+
+AC_ARG_WITH([js-lib], [AC_HELP_STRING([--with-js-lib=PATH],
+ [set PATH to the SpiderMonkey library directory])],
+ [JS_LIB_FLAGS="-L$withval"], [])
+
+AC_ARG_VAR([ERLC_FLAGS], [general flags to prepend to ERLC_FLAGS])
+AC_ARG_VAR([FLAGS], [general flags to prepend to LDFLAGS and CPPFLAGS])
+
+LIB_FLAGS="$JS_LIB_FLAGS -L/usr/local/lib -L/opt/local/lib"
+LIBS="$LIB_FLAGS $LIBS"
+# XP_UNIX required for jsapi.h and has been tested to work on Linux and Darwin.
+FLAGS="$LIB_FLAGS $ERLANG_FLAGS $JS_FLAGS -DXP_UNIX $FLAGS"
+CPPFLAGS="$FLAGS $CPPFLAGS"
+# manually linking libm is requred for FreeBSD 7.0
+LDFLAGS="$FLAGS -lm $LDFLAGS"
+
+AC_CHECK_LIB([mozjs], [JS_NewContext], [], [
+ AC_CHECK_LIB([js], [JS_NewContext], [], [
+ AC_MSG_ERROR([Could not find the js library.
+
+Is the Mozilla SpiderMonkey library installed?])])])
+
+AC_CHECK_HEADER([jsapi.h], [], [
+ AC_CHECK_HEADER([js/jsapi.h],
+ [
+ CPPFLAGS="$CPPFLAGS -I$JS_INCLUDE/js"
+ ],
+ [
+ AC_MSG_ERROR([Could not find the jsapi header.
+
+Are the Mozilla SpiderMonkey headers installed?])
+ ])])
+
+AC_LANG_PUSH(C)
+OLD_CFLAGS="$CFLAGS"
+CFLAGS="-Werror-implicit-function-declaration"
+AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <jsapi.h>]],
+ [[JS_SetOperationCallback(0, 0);]]
+ )],
+ AC_DEFINE([USE_JS_SETOPCB], [], [Use new JS_SetOperationCallback])
+)
+CFLAGS="$OLD_CFLAGS"
+AC_LANG_POP(C)
+
+AC_CHECK_ICU([3])
+
+ICU_LOCAL_CFLAGS=`$ICU_CONFIG --cppflags-searchpath`
+ICU_LOCAL_LDFLAGS=`$ICU_CONFIG --ldflags-searchpath`
+
+AC_SUBST(ICU_CONFIG)
+AC_SUBST(ICU_LOCAL_CFLAGS)
+AC_SUBST(ICU_LOCAL_LDFLAGS)
+
+AC_CHECK_CURL([7.15.5])
+AC_SUBST(CURL_CFLAGS)
+AC_SUBST(CURL_LIBS)
+
+case "$(uname -s)" in
+ Linux)
+ LIBS="$LIBS -lcrypt"
+ CPPFLAGS="-D_XOPEN_SOURCE $CPPFLAGS"
+ ;;
+ FreeBSD)
+ LIBS="$LIBS -lcrypt"
+ ;;
+ OpenBSD)
+ LIBS="$LIBS -lcrypto"
+ ;;
+esac
+
+AC_PATH_PROG([ERL], [erl])
+
+if test x${ERL} = x; then
+ AC_MSG_ERROR([Could not find the `erl' executable. Is Erlang installed?])
+fi
+
+erlang_version_error="The installed Erlang version is less than 5.6.0 (R12B)."
+
+version="`${ERL} -version 2>&1 | ${SED} "s/[[^0-9]]/ /g"`"
+
+if test `echo $version | ${AWK} "{print \\$1}"` -lt 5; then
+ AC_MSG_ERROR([$erlang_version_error])
+fi
+
+if test `echo $version | ${AWK} "{print \\$2}"` -lt 6; then
+ AC_MSG_ERROR([$erlang_version_error])
+fi
+
+AC_PATH_PROG([ERLC], [erlc])
+
+if test x${ERLC} = x; then
+ AC_MSG_ERROR([Could not find the `erlc' executable. Is Erlang installed?])
+fi
+
+AC_CHECK_HEADER([erl_driver.h], [], [
+ AC_MSG_ERROR([Could not find the `erl_driver.h' header.
+
+Are the Erlang headers installed? Use the `--with-erlang' option to specify the
+path to the Erlang include directory.])])
+
+AC_PATH_PROG([HELP2MAN_EXECUTABLE], [help2man])
+if test x${HELP2MAN_EXECUTABLE} = x; then
+ AC_MSG_WARN([You will be unable to regenerate any man pages.])
+fi
+
+use_init=yes
+use_launchd=yes
+
+AC_ARG_ENABLE([init], [AC_HELP_STRING([--disable-init],
+ [don't install init script where applicable])], [
+ use_init=$enableval
+], [])
+
+AC_ARG_ENABLE([launchd], [AC_HELP_STRING([--disable-launchd],
+ [don't install launchd configuration where applicable])], [
+ use_launchd=$enableval
+], [])
+
+init_enabled=false
+launchd_enabled=false
+
+if test "$use_init" = "yes"; then
+ AC_MSG_CHECKING(location of init directory)
+ if test -d /etc/rc.d; then
+ init_enabled=true
+ AC_SUBST([initdir], ['${sysconfdir}/rc.d'])
+ AC_MSG_RESULT(${initdir})
+ else
+ if test -d /etc/init.d; then
+ init_enabled=true
+ AC_SUBST([initdir], ['${sysconfdir}/init.d'])
+ AC_MSG_RESULT(${initdir})
+ else
+ AC_MSG_RESULT(not found)
+ fi
+ fi
+fi
+
+if test "$use_launchd" = "yes"; then
+ AC_MSG_CHECKING(location of launchd directory)
+ if test -d /Library/LaunchDaemons; then
+ init_enabled=false
+ launchd_enabled=true
+ AC_SUBST([launchddir], ['${prefix}/Library/LaunchDaemons'])
+ AC_MSG_RESULT(${launchddir})
+ else
+ AC_MSG_RESULT(not found)
+ fi
+fi
+
+AC_ARG_VAR([ERL], [path to the `erl' executable])
+AC_ARG_VAR([ERLC], [path to the `erlc' executable])
+AC_ARG_VAR([HELP2MAN_EXECUTABLE], [path to the `help2man' program])
+
+if test -n "$HELP2MAN_EXECUTABLE"; then
+ help2man_enabled=true
+else
+ if test -f "$srcdir/bin/couchdb.1" -a -f "$srcdir/bin/couchjs.1"; then
+ help2man_enabled=true
+ else
+ help2man_enabled=false
+ fi
+fi
+
+AM_CONDITIONAL([INIT], [test x${init_enabled} = xtrue])
+AM_CONDITIONAL([LAUNCHD], [test x${launchd_enabled} = xtrue])
+AM_CONDITIONAL([HELP2MAN], [test x${help2man_enabled} = xtrue])
+
+AC_SUBST([package_author_name], ["LOCAL_PACKAGE_AUTHOR_NAME"])
+AC_SUBST([package_author_address], ["LOCAL_PACKAGE_AUTHOR_ADDRESS"])
+AC_SUBST([package_identifier], ["LOCAL_PACKAGE_IDENTIFIER"])
+AC_SUBST([package_tarname], ["LOCAL_PACKAGE_TARNAME"])
+AC_SUBST([package_name], ["LOCAL_PACKAGE_NAME"])
+
+AC_SUBST([version], ["LOCAL_VERSION"])
+AC_SUBST([version_major], ["LOCAL_VERSION_MAJOR"])
+AC_SUBST([version_minor], ["LOCAL_VERSION_MINOR"])
+AC_SUBST([version_revision], ["LOCAL_VERSION_REVISION"])
+AC_SUBST([version_stage], ["LOCAL_VERSION_STAGE"])
+AC_SUBST([version_release], ["LOCAL_VERSION_RELEASE"])
+
+AC_SUBST([bug_uri], ["LOCAL_BUG_URI"])
+
+AC_SUBST([localconfdir], [${sysconfdir}/${package_identifier}])
+AC_SUBST([localdatadir], [${datadir}/${package_identifier}])
+AC_SUBST([localdocdir], [${datadir}/doc/${package_identifier}])
+AC_SUBST([locallibdir], [${libdir}/${package_identifier}])
+AC_SUBST([localstatelibdir], [${localstatedir}/lib/${package_identifier}])
+AC_SUBST([localstatelogdir], [${localstatedir}/log/${package_identifier}])
+AC_SUBST([localstaterundir], [${localstatedir}/run/${package_identifier}])
+AC_SUBST([locallibbindir], [${locallibdir}/bin])
+AC_SUBST([localerlanglibdir], [${locallibdir}/erlang/lib])
+
+# fix for older autotools that don't define "abs_top_YYY" by default
+AC_SUBST(abs_top_srcdir)
+AC_SUBST(abs_top_builddir)
+
+AC_REVISION([LOCAL_VERSION])
+
+AC_CONFIG_FILES([Makefile])
+AC_CONFIG_FILES([bin/couchjs.tpl])
+AC_CONFIG_FILES([bin/couchdb.tpl])
+AC_CONFIG_FILES([bin/Makefile])
+AC_CONFIG_FILES([etc/couchdb/Makefile])
+AC_CONFIG_FILES([etc/couchdb/default.ini.tpl])
+AC_CONFIG_FILES([etc/default/Makefile])
+AC_CONFIG_FILES([etc/init/couchdb.tpl])
+AC_CONFIG_FILES([etc/init/Makefile])
+AC_CONFIG_FILES([etc/launchd/org.apache.couchdb.plist.tpl])
+AC_CONFIG_FILES([etc/launchd/Makefile])
+AC_CONFIG_FILES([etc/logrotate.d/couchdb.tpl])
+AC_CONFIG_FILES([etc/logrotate.d/Makefile])
+AC_CONFIG_FILES([etc/Makefile])
+AC_CONFIG_FILES([share/Makefile])
+AC_CONFIG_FILES([src/couchdb/couch.app.tpl])
+AC_CONFIG_FILES([src/couchdb/Makefile])
+AC_CONFIG_FILES([src/couchdb/priv/Makefile])
+AC_CONFIG_FILES([src/ibrowse/Makefile])
+AC_CONFIG_FILES([src/mochiweb/Makefile])
+AC_CONFIG_FILES([test/Makefile])
+AC_CONFIG_FILES([utils/Makefile])
+AC_CONFIG_FILES([var/Makefile])
+
+AC_OUTPUT
+
+echo
+echo "You have configured Apache CouchDB, time to relax."
+echo
+echo "Run \`make && sudo make install' to install."
@@ -16,14 +16,19 @@ batch_save_interval = 1000 ; milliseconds after which to save batches
[httpd]
port = 5984
bind_address = 127.0.0.1
-authentication_handler = {couch_httpd, default_authentication_handler}
+authentication_handlers = {couch_httpd_oauth, oauth_authentication_handler}, {couch_httpd_auth, default_authentication_handler}
default_handler = {couch_httpd_db, handle_request}
WWW-Authenticate = Basic realm="administrator"
[log]
file = %localstatelogdir%/couch.log
level = info
+[couch_httpd_auth]
+authentication_db = users
+secret = replace this with a real secret in your local.ini file
+require_valid_user = false
+
[query_servers]
javascript = %bindir%/%couchjs_command_name% %localdatadir%/server/main.js
@@ -62,7 +67,9 @@ _restart = {couch_httpd_misc_handlers, handle_restart_req}
_stats = {couch_httpd_stats_handlers, handle_stats_req}
_log = {couch_httpd_misc_handlers, handle_log_req}
_sleep = {couch_httpd_misc_handlers, handle_sleep_req}
-_whoami = {couch_httpd_misc_handlers, handle_whoami_req}
+_session = {couch_httpd_auth, handle_session_req}
+_oauth = {couch_httpd_oauth, handle_oauth_req}
+_user = {couch_httpd_auth, handle_user_req}
[httpd_db_handlers]
_view_cleanup = {couch_httpd_db, handle_view_cleanup_req}
View
@@ -14,6 +14,10 @@
[log]
;level = debug
+[couch_httpd_auth]
+;secret = replace this with a real secret
+
+
[update_notification]
;unique notifier name=/full/path/to/exe -with "cmd line arg"
Oops, something went wrong.

0 comments on commit 8e2215e

Please sign in to comment.