Enable OAuth and OpenID to be used together in the same app. Add a few OpenID providers to test login page.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@993178 13f79535-47bb-0310-9956-ffa450edef68
author: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2010-09-06 23:26:11 +0000
committer: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2010-09-06 23:26:11 +0000
commit: f75296a86350e41c01a355c945ca348082260cf9 (patch)
tree: 7635ae4a46ab4904609c7b662acc04a3c0f6efa8
parent: cc3bc602c8cb2c10aa542eab1e480d8604760007 (diff)
9 files changed, 495 insertions, 75 deletions
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
index fcf5a870c0..a8ed099fae 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
@@ -32,7 +32,7 @@ function queryParams() {
 }
 
 function oauthReferrer() {
-    r = queryParams()['mod_oauth_referrer'];
+    r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return r;
     q = r.indexOf('?');
@@ -67,10 +67,10 @@ function withGithub() {
 </script>
 
 <form name="signin" action="/" method="GET">
-<input type="hidden" name="mod_oauth_authorize" value="https://graph.facebook.com/oauth/authorize"/>
-<input type="hidden" name="mod_oauth_access_token" value="https://graph.facebook.com/oauth/access_token"/>
-<input type="hidden" name="mod_oauth_client_id" value="app1234"/>
-<input type="hidden" name="mod_oauth_info" value="https://graph.facebook.com/me"/>
+<input type="hidden" name="mod_oauth_authorize" value=""/>
+<input type="hidden" name="mod_oauth_access_token" value=""/>
+<input type="hidden" name="mod_oauth_client_id" value=""/>
+<input type="hidden" name="mod_oauth_info" value=""/>
 <input type="hidden" name="mod_oauth_step" value="authorize"/>
 </form>
 
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
new file mode 100644
index 0000000000..16246cc621
--- /dev/null
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
@@ -0,0 +1,158 @@
+<!--
+   Licensed to the Apache Software Foundation (ASF) under one
+   or more contributor license agreements.  See the NOTICE file
+   distributed with this work for additional information
+   regarding copyright ownership.  The ASF licenses this file
+   to you under the Apache License, Version 2.0 (the
+   "License"); you may not use this file except in compliance
+   with the License.  You may obtain a copy of the License at
+   
+     http://www.apache.org/licenses/LICENSE-2.0
+     
+   Unless required by applicable law or agreed to in writing,
+   software distributed under the License is distributed on an
+   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+   KIND, either express or implied.  See the License for the
+   specific language governing permissions and limitations
+   under the License.
+-->
+
+<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1>
+
+<script type="text/javascript">
+function queryParams() {
+    qp = new Array();
+    qs = window.location.search.substring(1).split('&');
+    for (i = 0; i < qs.length; i++) {
+        e = qs[i].indexOf('=');
+        if (e > 0)
+            qp[qs[i].substring(0, e)] = unescape(qs[i].substring(e + 1));
+    }
+    return qp;
+}
+
+function openauthReferrer() {
+    r = queryParams()['openauth_referrer'];
+    if (typeof(r) == 'undefined')
+        return r;
+    q = r.indexOf('?');
+    if (q > 0)
+        return r.substring(0, q);
+    return r;
+}
+
+if (typeof(openauthReferrer()) == 'undefined') {
+    document.location = '/';
+}
+
+function submitOpenIDSignin(w) {
+    document.openIDSignin.openid_identifier.value = w();
+    document.openIDSignin.action = openauthReferrer();
+    document.openIDSignin.submit();
+}
+
+function withGoogle() {
+    return 'https://www.google.com/accounts/o8/id';
+}
+
+function withYahoo() {
+    return 'https://me.yahoo.com/';
+}
+
+function withMyOpenID() {
+    return 'http://www.myopenid.com/xrds';
+}
+
+function withVerisign() {
+    return 'https://pip.verisignlabs.com/';
+}
+
+function withMySpace() {
+    return 'https://api.myspace.com/openid';
+}
+
+function withGoogleApps() {
+    return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value;
+}
+
+function withLivejournal() {
+    return 'http://' + document.fields.ljuser.value + '.livejournal.com';
+}
+
+function withBlogspot() {
+    return 'http://' + document.fields.bsuser.value + '.blogspot.com';
+}
+
+function withBlogger() {
+    return 'http://' + document.fields.bguser.value + '.blogger.com';
+}
+
+function withXRDSEndpoint() {
+    return document.fields.endpoint.value;
+}
+
+function submitOAuthSignin(w) {
+    parms = w();
+    document.oauthSignin.mod_oauth_authorize.value = parms[0];
+    document.oauthSignin.mod_oauth_access_token.value = parms[1];
+    document.oauthSignin.mod_oauth_client_id.value = parms[2];
+    document.oauthSignin.mod_oauth_info.value = parms[3];
+    document.oauthSignin.action = openauthReferrer();
+    document.oauthSignin.submit();
+}
+
+function withFacebook() {
+    var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me'];
+    return parms;
+}
+
+function withGithub() {
+    var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show'];
+    return parms;
+}
+</script>
+
+<form name="fields">
+<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p>
+<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p>
+<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p>
+<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p>
+<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p>
+
+<p>Sign in with a Google apps domain<br/>
+<input type="text" size="20" name="domain" value="example.com"/><br/>
+<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p>
+
+<p>Sign in with your Livejournal account<br/>
+<input type="text" size="10" name="ljuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p>
+
+<p>Sign in with your Blogspot account<br/>
+<input type="text" size="10" name="bsuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p>
+
+<p>Sign in with your Blogger account<br/>
+<input type="text" size="10" name="bguser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p>
+
+<p>Sign in with an OpenID endpoint<br/>
+<input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/>
+<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p>
+
+<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p>
+<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p>
+</form>
+
+<form name="openIDSignin" action="/" method="GET">
+<input type="hidden" name="openid_identifier" value=""/>
+</form>
+
+<form name="oauthSignin" action="/" method="GET">
+<input type="hidden" name="mod_oauth_authorize" value=""/>
+<input type="hidden" name="mod_oauth_access_token" value=""/>
+<input type="hidden" name="mod_oauth_client_id" value=""/>
+<input type="hidden" name="mod_oauth_info" value=""/>
+<input type="hidden" name="mod_oauth_step" value="authorize"/>
+</form>
+
+</body></html>
diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp
index 9a0c9aa078..9a93e6fb20 100644
--- a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp
+++ b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp
@@ -152,7 +152,7 @@ const failable<int> authenticated(const list<list<value> >& info, request_rec* r
  * Redirect to the configured login page.
  */
 const failable<int> login(const string& page, request_rec* r) {
-    const list<list<value> > largs = mklist<list<value> >(mklist<value>("mod_oauth_referrer", httpd::escape(httpd::url(r->uri, r))));
+    const list<list<value> > largs = mklist<list<value> >(mklist<value>("openauth_referrer", httpd::escape(httpd::url(r->uri, r))));
     const string loc = httpd::url(page, r) + string("?") + httpd::queryString(largs);
     debug(loc, "modoauth::login::uri");
     return httpd::externalRedirect(loc, r);
@@ -220,6 +220,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r,
     debug(tv, "modoauth::access_token::token");
 
     // Request user info
+    // TODO Make this step configurable
     const list<list<value> > iargs = mklist<list<value> >(tv);
     const string iuri = httpd::unescape(cadr(info)) + string("?") + httpd::queryString(iargs);
     debug(iuri, "modoauth::access_token::infouri");
@@ -227,7 +228,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r,
     debug(iv, "modoauth::access_token::info");
 
     // Store user info in memcached keyed by session ID
-    const value sid = mkrand();
+    const value sid = string("OAuth_") + mkrand();
     memcache::put(mklist<value>("tuscanyOpenAuth", sid), content(iv), sc.mc);
 
     // Send session ID to the client in a cookie
@@ -251,24 +252,36 @@ int handler(request_rec* r) {
     httpdDebugRequest(r, "modoauth::handler::input");
     const ServerConf& sc = httpd::serverConf<ServerConf>(r, &mod_tuscany_oauth);
 
-    // Nothing to do if we're already authenticated
+    // Get session id from the request
     const maybe<string> sid = sessionID(r);
     if (hasContent(sid)) {
+        // Decline if the session id was not created by this module
+        if (substr(content(sid), 0, 6) != "OAuth_")
+            return DECLINED;
+
+        // If we're authenticated store the user info in the request
         const failable<value> info = userInfo(content(sid), sc);
         if (hasContent(info))
             return httpd::reportStatus(authenticated(content(info), r));
     }
 
-    // Get the current protocol flow step from the query string
+    // Get the request args
     const list<list<value> > args = httpd::queryArgs(r);
+
+    // Decline if the request is for OpenID authentication
+    if (!isNil(assoc<value>("openid_identifier", args)))
+        return DECLINED;
+
+    // Determine the OAuth protocol flow step, conveniently passed
+    // around in a request arg
     const list<value> sl = assoc<value>("mod_oauth_step", args);
     const value step = !isNil(sl) && !isNil(cdr(sl))? cadr(sl) : "";
 
-    // Handle an authorize request
+    // Handle OAuth authorize request step
     if (step == "authorize")
         return httpd::reportStatus(authorize(args, r));
 
-    // Handle an access_token request
+    // Handle OAuth access_token request step
     if (step == "access_token")
         return httpd::reportStatus(access_token(args, r, sc));
 
@@ -347,8 +360,6 @@ const char* confEnabled(cmd_parms *cmd, void *c, const int arg) {
     gc_scoped_pool pool(cmd->pool);
     DirConf& dc = httpd::dirConf<DirConf>(c);
     dc.enabled = (bool)arg;
-    debug(dc.dir, "modoauth::confEnabled::dir");
-    debug(dc.enabled, "modoauth::confEnabled::enabled");
     return NULL;
 }
 const char* confLogin(cmd_parms *cmd, void *c, const char* arg) {
@@ -394,7 +405,7 @@ void registerHooks(unused apr_pool_t *p) {
     ap_hook_post_config(postConfig, NULL, NULL, APR_HOOK_MIDDLE);
     ap_hook_child_init(childInit, NULL, NULL, APR_HOOK_MIDDLE);
     ap_hook_check_user_id(checkUserID, NULL, NULL, APR_HOOK_MIDDLE);
-    ap_hook_handler(handler, NULL, NULL, APR_HOOK_MIDDLE);
+    ap_hook_handler(handler, NULL, NULL, APR_HOOK_FIRST);
 }
 
 }
diff --git a/sca-cpp/trunk/modules/oauth/start-mixed-test b/sca-cpp/trunk/modules/oauth/start-mixed-test
new file mode 100755
index 0000000000..7a96773dd3
--- /dev/null
+++ b/sca-cpp/trunk/modules/oauth/start-mixed-test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#  
+#    http://www.apache.org/licenses/LICENSE-2.0
+#    
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+# Test supporting both OpenID and OAuth in the same app
+here=`readlink -f $0`; here=`dirname $here`
+
+# Setup
+../../components/cache/memcached-start 11212
+../../components/cache/memcached-start 11213
+
+../../modules/http/ssl-ca-conf tmp localhost
+../../modules/http/ssl-cert-conf tmp localhost
+../../modules/http/httpd-conf tmp localhost 8090 htdocs
+../../modules/http/httpd-ssl-conf tmp 8453
+
+./oauth-conf tmp
+./oauth-memcached-conf tmp localhost 11212
+./oauth-memcached-conf tmp localhost 11213
+./oauth-app-conf tmp app1234 secret6789
+
+../openid/openid-conf tmp
+../openid/openid-step2-conf tmp
+../openid/openid-memcached-conf tmp localhost 11212
+../openid/openid-memcached-conf tmp localhost 11213
+
+../../modules/server/server-conf tmp
+../../modules/server/scheme-conf tmp
+cat >>tmp/conf/httpd.conf <<EOF
+SCAContribution `pwd`/
+SCAComposite oauth.composite
+
+Alias /login/index.html $here/htdocs/login/mixed.html
+EOF
+
+../../modules/http/httpd-start tmp
+
diff --git a/sca-cpp/trunk/modules/openid/htdocs/login/index.html b/sca-cpp/trunk/modules/openid/htdocs/login/index.html
index e6b8c6fce3..17e85ffd05 100644
--- a/sca-cpp/trunk/modules/openid/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/openid/htdocs/login/index.html
@@ -32,7 +32,7 @@ function queryParams() {
 }
 
 function openidReferrer() {
-    r = queryParams()['modauthopenid.referrer'];
+    r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return r;
     q = r.indexOf('?');
@@ -76,6 +76,18 @@ function withGoogleApps() {
     return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value;
 }
 
+function withLivejournal() {
+    return 'http://' + document.fields.ljuser.value + '.livejournal.com';
+}
+
+function withBlogspot() {
+    return 'http://' + document.fields.bsuser.value + '.blogspot.com';
+}
+
+function withBlogger() {
+    return 'http://' + document.fields.bguser.value + '.blogger.com';
+}
+
 function withXRDSEndpoint() {
     return document.fields.endpoint.value;
 }
@@ -91,9 +103,23 @@ function withXRDSEndpoint() {
 <p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p>
 <p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p>
 <p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p>
+
 <p>Sign in with a Google apps domain<br/>
 <input type="text" size="20" name="domain" value="example.com"/><br/>
 <input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p>
+
+<p>Sign in with your Livejournal account<br/>
+<input type="text" size="10" name="ljuser" value=""/><br/>
+<input type="button" onclick="submitSignin(withLivejournal)" value="Sign in"/></p>
+
+<p>Sign in with your Blogspot account<br/>
+<input type="text" size="10" name="bsuser" value=""/><br/>
+<input type="button" onclick="submitSignin(withBlogspot)" value="Sign in"/></p>
+
+<p>Sign in with your Blogger account<br/>
+<input type="text" size="10" name="bguser" value=""/><br/>
+<input type="button" onclick="submitSignin(withBlogger)" value="Sign in"/></p>
+
 <p>Sign in with an OpenID endpoint<br/>
 <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/>
 <input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p>
diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html
index e6b8c6fce3..16246cc621 100644
--- a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html
+++ b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html
@@ -17,7 +17,7 @@
    under the License.
 -->
 
-<html><body><h1>Sign in with an OpenID provider</h1>
+<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1>
 
 <script type="text/javascript">
 function queryParams() {
@@ -31,8 +31,8 @@ function queryParams() {
     return qp;
 }
 
-function openidReferrer() {
-    r = queryParams()['modauthopenid.referrer'];
+function openauthReferrer() {
+    r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return r;
     q = r.indexOf('?');
@@ -41,17 +41,16 @@ function openidReferrer() {
     return r;
 }
 
-if (typeof(openidReferrer()) == 'undefined') {
+if (typeof(openauthReferrer()) == 'undefined') {
     document.location = '/';
 }
 
-function submitSignin(w) {
-    document.signin.openid_identifier.value = w();
-    document.signin.action = openidReferrer();
-    document.signin.submit();
+function submitOpenIDSignin(w) {
+    document.openIDSignin.openid_identifier.value = w();
+    document.openIDSignin.action = openauthReferrer();
+    document.openIDSignin.submit();
 }
 
-
 function withGoogle() {
     return 'https://www.google.com/accounts/o8/id';
 }
@@ -76,27 +75,84 @@ function withGoogleApps() {
     return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value;
 }
 
+function withLivejournal() {
+    return 'http://' + document.fields.ljuser.value + '.livejournal.com';
+}
+
+function withBlogspot() {
+    return 'http://' + document.fields.bsuser.value + '.blogspot.com';
+}
+
+function withBlogger() {
+    return 'http://' + document.fields.bguser.value + '.blogger.com';
+}
+
 function withXRDSEndpoint() {
     return document.fields.endpoint.value;
 }
-</script>
 
-<form name="signin" action="/" method="GET">
-<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/>
-</form>
+function submitOAuthSignin(w) {
+    parms = w();
+    document.oauthSignin.mod_oauth_authorize.value = parms[0];
+    document.oauthSignin.mod_oauth_access_token.value = parms[1];
+    document.oauthSignin.mod_oauth_client_id.value = parms[2];
+    document.oauthSignin.mod_oauth_info.value = parms[3];
+    document.oauthSignin.action = openauthReferrer();
+    document.oauthSignin.submit();
+}
+
+function withFacebook() {
+    var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me'];
+    return parms;
+}
+
+function withGithub() {
+    var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show'];
+    return parms;
+}
+</script>
 
 <form name="fields">
-<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p>
-<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p>
-<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p>
-<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p>
-<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p>
+<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p>
+<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p>
+<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p>
+<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p>
+<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p>
+
 <p>Sign in with a Google apps domain<br/>
 <input type="text" size="20" name="domain" value="example.com"/><br/>
-<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p>
+
+<p>Sign in with your Livejournal account<br/>
+<input type="text" size="10" name="ljuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p>
+
+<p>Sign in with your Blogspot account<br/>
+<input type="text" size="10" name="bsuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p>
+
+<p>Sign in with your Blogger account<br/>
+<input type="text" size="10" name="bguser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p>
+
 <p>Sign in with an OpenID endpoint<br/>
 <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/>
-<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p>
+
+<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p>
+<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p>
+</form>
+
+<form name="openIDSignin" action="/" method="GET">
+<input type="hidden" name="openid_identifier" value=""/>
+</form>
+
+<form name="oauthSignin" action="/" method="GET">
+<input type="hidden" name="mod_oauth_authorize" value=""/>
+<input type="hidden" name="mod_oauth_access_token" value=""/>
+<input type="hidden" name="mod_oauth_client_id" value=""/>
+<input type="hidden" name="mod_oauth_info" value=""/>
+<input type="hidden" name="mod_oauth_step" value="authorize"/>
 </form>
 
 </body></html>
diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html
index e6b8c6fce3..16246cc621 100644
--- a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html
+++ b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html
@@ -17,7 +17,7 @@
    under the License.
 -->
 
-<html><body><h1>Sign in with an OpenID provider</h1>
+<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1>
 
 <script type="text/javascript">
 function queryParams() {
@@ -31,8 +31,8 @@ function queryParams() {
     return qp;
 }
 
-function openidReferrer() {
-    r = queryParams()['modauthopenid.referrer'];
+function openauthReferrer() {
+    r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return r;
     q = r.indexOf('?');
@@ -41,17 +41,16 @@ function openidReferrer() {
     return r;
 }
 
-if (typeof(openidReferrer()) == 'undefined') {
+if (typeof(openauthReferrer()) == 'undefined') {
     document.location = '/';
 }
 
-function submitSignin(w) {
-    document.signin.openid_identifier.value = w();
-    document.signin.action = openidReferrer();
-    document.signin.submit();
+function submitOpenIDSignin(w) {
+    document.openIDSignin.openid_identifier.value = w();
+    document.openIDSignin.action = openauthReferrer();
+    document.openIDSignin.submit();
 }
 
-
 function withGoogle() {
     return 'https://www.google.com/accounts/o8/id';
 }
@@ -76,27 +75,84 @@ function withGoogleApps() {
     return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value;
 }
 
+function withLivejournal() {
+    return 'http://' + document.fields.ljuser.value + '.livejournal.com';
+}
+
+function withBlogspot() {
+    return 'http://' + document.fields.bsuser.value + '.blogspot.com';
+}
+
+function withBlogger() {
+    return 'http://' + document.fields.bguser.value + '.blogger.com';
+}
+
 function withXRDSEndpoint() {
     return document.fields.endpoint.value;
 }
-</script>
 
-<form name="signin" action="/" method="GET">
-<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/>
-</form>
+function submitOAuthSignin(w) {
+    parms = w();
+    document.oauthSignin.mod_oauth_authorize.value = parms[0];
+    document.oauthSignin.mod_oauth_access_token.value = parms[1];
+    document.oauthSignin.mod_oauth_client_id.value = parms[2];
+    document.oauthSignin.mod_oauth_info.value = parms[3];
+    document.oauthSignin.action = openauthReferrer();
+    document.oauthSignin.submit();
+}
+
+function withFacebook() {
+    var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me'];
+    return parms;
+}
+
+function withGithub() {
+    var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show'];
+    return parms;
+}
+</script>
 
 <form name="fields">
-<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p>
-<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p>
-<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p>
-<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p>
-<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p>
+<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p>
+<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p>
+<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p>
+<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p>
+<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p>
+
 <p>Sign in with a Google apps domain<br/>
 <input type="text" size="20" name="domain" value="example.com"/><br/>
-<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p>
+
+<p>Sign in with your Livejournal account<br/>
+<input type="text" size="10" name="ljuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p>
+
+<p>Sign in with your Blogspot account<br/>
+<input type="text" size="10" name="bsuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p>
+
+<p>Sign in with your Blogger account<br/>
+<input type="text" size="10" name="bguser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p>
+
 <p>Sign in with an OpenID endpoint<br/>
 <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/>
-<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p>
+
+<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p>
+<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p>
+</form>
+
+<form name="openIDSignin" action="/" method="GET">
+<input type="hidden" name="openid_identifier" value=""/>
+</form>
+
+<form name="oauthSignin" action="/" method="GET">
+<input type="hidden" name="mod_oauth_authorize" value=""/>
+<input type="hidden" name="mod_oauth_access_token" value=""/>
+<input type="hidden" name="mod_oauth_client_id" value=""/>
+<input type="hidden" name="mod_oauth_info" value=""/>
+<input type="hidden" name="mod_oauth_step" value="authorize"/>
 </form>
 
 </body></html>
diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html
index e6b8c6fce3..16246cc621 100644
--- a/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html
+++ b/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html
@@ -17,7 +17,7 @@
    under the License.
 -->
 
-<html><body><h1>Sign in with an OpenID provider</h1>
+<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1>
 
 <script type="text/javascript">
 function queryParams() {
@@ -31,8 +31,8 @@ function queryParams() {
     return qp;
 }
 
-function openidReferrer() {
-    r = queryParams()['modauthopenid.referrer'];
+function openauthReferrer() {
+    r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return r;
     q = r.indexOf('?');
@@ -41,17 +41,16 @@ function openidReferrer() {
     return r;
 }
 
-if (typeof(openidReferrer()) == 'undefined') {
+if (typeof(openauthReferrer()) == 'undefined') {
     document.location = '/';
 }
 
-function submitSignin(w) {
-    document.signin.openid_identifier.value = w();
-    document.signin.action = openidReferrer();
-    document.signin.submit();
+function submitOpenIDSignin(w) {
+    document.openIDSignin.openid_identifier.value = w();
+    document.openIDSignin.action = openauthReferrer();
+    document.openIDSignin.submit();
 }
 
-
 function withGoogle() {
     return 'https://www.google.com/accounts/o8/id';
 }
@@ -76,27 +75,84 @@ function withGoogleApps() {
     return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value;
 }
 
+function withLivejournal() {
+    return 'http://' + document.fields.ljuser.value + '.livejournal.com';
+}
+
+function withBlogspot() {
+    return 'http://' + document.fields.bsuser.value + '.blogspot.com';
+}
+
+function withBlogger() {
+    return 'http://' + document.fields.bguser.value + '.blogger.com';
+}
+
 function withXRDSEndpoint() {
     return document.fields.endpoint.value;
 }
-</script>
 
-<form name="signin" action="/" method="GET">
-<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/>
-</form>
+function submitOAuthSignin(w) {
+    parms = w();
+    document.oauthSignin.mod_oauth_authorize.value = parms[0];
+    document.oauthSignin.mod_oauth_access_token.value = parms[1];
+    document.oauthSignin.mod_oauth_client_id.value = parms[2];
+    document.oauthSignin.mod_oauth_info.value = parms[3];
+    document.oauthSignin.action = openauthReferrer();
+    document.oauthSignin.submit();
+}
+
+function withFacebook() {
+    var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me'];
+    return parms;
+}
+
+function withGithub() {
+    var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show'];
+    return parms;
+}
+</script>
 
 <form name="fields">
-<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p>
-<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p>
-<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p>
-<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p>
-<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p>
+<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p>
+<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p>
+<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p>
+<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p>
+<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p>
+
 <p>Sign in with a Google apps domain<br/>
 <input type="text" size="20" name="domain" value="example.com"/><br/>
-<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p>
+
+<p>Sign in with your Livejournal account<br/>
+<input type="text" size="10" name="ljuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p>
+
+<p>Sign in with your Blogspot account<br/>
+<input type="text" size="10" name="bsuser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p>
+
+<p>Sign in with your Blogger account<br/>
+<input type="text" size="10" name="bguser" value=""/><br/>
+<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p>
+
 <p>Sign in with an OpenID endpoint<br/>
 <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/>
-<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p>
+<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p>
+
+<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p>
+<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p>
+</form>
+
+<form name="openIDSignin" action="/" method="GET">
+<input type="hidden" name="openid_identifier" value=""/>
+</form>
+
+<form name="oauthSignin" action="/" method="GET">
+<input type="hidden" name="mod_oauth_authorize" value=""/>
+<input type="hidden" name="mod_oauth_access_token" value=""/>
+<input type="hidden" name="mod_oauth_client_id" value=""/>
+<input type="hidden" name="mod_oauth_info" value=""/>
+<input type="hidden" name="mod_oauth_step" value="authorize"/>
 </form>
 
 </body></html>
diff --git a/sca-cpp/trunk/samples/store-cluster/server-ssl-conf b/sca-cpp/trunk/samples/store-cluster/server-ssl-conf
index 37a654b805..0b54b5cbf3 100755
--- a/sca-cpp/trunk/samples/store-cluster/server-ssl-conf
+++ b/sca-cpp/trunk/samples/store-cluster/server-ssl-conf
@@ -32,6 +32,11 @@ tar -C tmp/ssl -c `../../modules/http/ssl-cert-find tmp/ssl` | tar -C $root -x
 ../../modules/http/vhost-ssl-conf $root
 
 #../../modules/http/httpd-auth-conf $root
+../../modules/oauth/oauth-conf $root
+../../modules/oauth/oauth-memcached-conf $root localhost 11211
+../../modules/oauth/oauth-memcached-conf $root localhost 11212
+../../modules/oauth/oauth-memcached-conf $root localhost 11213
+../../modules/oauth/oauth-app-conf $root app1234 secret6789
 ../../modules/openid/openid-conf $root
 ../../modules/openid/openid-step2-conf $root
 ../../modules/openid/openid-memcached-conf $root localhost 11211
author	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2010-09-06 23:26:11 +0000
committer	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2010-09-06 23:26:11 +0000
commit	f75296a86350e41c01a355c945ca348082260cf9 (patch)
tree	7635ae4a46ab4904609c7b662acc04a3c0f6efa8
parent	cc3bc602c8cb2c10aa542eab1e480d8604760007 (diff)