You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Jason Davies (JIRA)" <ji...@apache.org> on 2009/10/12 12:29:31 UTC
[jira] Closed: (COUCHDB-522) supplying a bad TokenSecret causes a
500 error response
[ https://issues.apache.org/jira/browse/COUCHDB-522?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jason Davies closed COUCHDB-522.
--------------------------------
Resolution: Fixed
Fixed in r824290.
> supplying a bad TokenSecret causes a 500 error response
> -------------------------------------------------------
>
> Key: COUCHDB-522
> URL: https://issues.apache.org/jira/browse/COUCHDB-522
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 0.10
> Reporter: Adam Kocoloski
> Assignee: Jason Davies
>
> It seems that if a user tries to authenticate with OAuth using a token secret that CouchDB doesn't know about, the result will be an Internal Server Error and a traceback that looks like
> [Thu, 08 Oct 2009 14:44:19 GMT] [info] [<0.1103.24>] Stacktrace: [{oauth_uri,encode,[undefined,[]]},
> {oauth_uri,'-calate/2-lc$^0/1-0-',1},
> {oauth_uri,'-calate/2-lc$^0/1-0-',1},
> {oauth_uri,calate,2},
> {oauth_hmac_sha1,signature,3},
> {oauth_hmac_sha1,verify,4},
> {couch_httpd_oauth,'-oauth_authentication_handler/1-fun-0-',6},
> {couch_httpd,authenticate_request,2}]
> I think we could fix this by replacing
> TokenSecret = couch_config:get("oauth_token_secrets", AccessToken),
> with
> TokenSecret = couch_config:get("oauth_token_secrets", AccessToken, ""),
> or some other more appropriate default string.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.