Make authentication work with wildcard domains and increase authentication cookie max-age.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1154445 13f79535-47bb-0310-9956-ffa450edef68
author: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2011-08-06 05:59:04 +0000
committer: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2011-08-06 05:59:04 +0000
commit: 96659f703781c4223a9db5013cac10b850daa46b (patch)
tree: fed109b192a9d4d8c9f1358fd289fff45318f9a8 /sca-cpp/trunk/modules/oauth
parent: 9bc3767bab48bbd5897441a36d90f5b7daa8e321 (diff)
5 files changed, 17 insertions, 8 deletions
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
index 5de29ca9da..3805deade3 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
@@ -57,7 +57,8 @@ if (typeof(oauthReferrer()) == 'undefined') {
 
 function submitSignin2(w) {
     parms = w();
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.signin2.mod_oauth2_authorize.value = parms[0];
     document.signin2.mod_oauth2_access_token.value = parms[1];
     document.signin2.mod_oauth2_client_id.value = parms[2];
@@ -78,7 +79,8 @@ function withGithub() {
 
 function submitSignin1(w) {
     parms = w();
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.signin1.mod_oauth1_request_token.value = parms[0];
     document.signin1.mod_oauth1_authorize.value = parms[1];
     document.signin1.mod_oauth1_access_token.value = parms[2];
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
index 59e45b470b..8be8a4deaa 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
@@ -30,7 +30,8 @@
 
 <script type="text/javascript">
 function submitFormSignin() {
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.formSignin.httpd_location.value = '/';
     document.formSignin.submit();
 }
@@ -61,7 +62,8 @@ if (typeof(openauthReferrer()) == 'undefined') {
 }
 
 function submitOpenIDSignin(w) {
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.openIDSignin.openid_identifier.value = w();
     document.openIDSignin.action = openauthReferrer();
     document.openIDSignin.submit();
@@ -109,7 +111,8 @@ function withXRDSEndpoint() {
 
 function submitOAuth2Signin(w) {
     parms = w();
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
     document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
     document.oauth2Signin.mod_oauth2_client_id.value = parms[2];
@@ -130,7 +133,8 @@ function withGithub() {
 
 function submitOAuth1Signin(w) {
     parms = w();
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.oauth1Signin.mod_oauth1_request_token.value = parms[0];
     document.oauth1Signin.mod_oauth1_authorize.value = parms[1];
     document.oauth1Signin.mod_oauth1_access_token.value = parms[2];
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
index 37c2594ffb..267c501b83 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
@@ -32,7 +32,8 @@
 <form name="signout" action="/login" method="GET">
 <script type="text/javascript">
 function submitSignout() {
-    document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + window.location.hostname + ';path=/;secure=TRUE';
+    document.cookie = reset;
     document.signout.submit();
     return true;
 }
diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp
index e990f6dba2..252d5c5ee0 100644
--- a/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp
+++ b/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp
@@ -378,6 +378,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r,
         return mkfailure<int>(reason(prc));
 
     // Send session ID to the client in a cookie
+    debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth1::access_token::setcookie");
     apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server))));
     return httpd::externalRedirect(httpd::url(r->uri, r), r);
 }
diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp
index 61f242a80e..2e4b2e5b80 100644
--- a/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp
+++ b/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp
@@ -203,7 +203,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r,
     if (!hasContent(tr))
         return mkfailure<int>(reason(tr));
     debug(tr, "modoauth2::access_token::response");
-    const list<value> tv = assoc<value>("access_token", httpd::queryArgs(join("", convertValues<string>(content(tr)))));
+    const list<value> tv = assoc<value>("access_token", httpd::queryArgs(join("", convertValues<string>(cadr<value>(content(tr))))));
     if (isNil(tv) || isNil(cdr(tv)))
         return mkfailure<int>("Couldn't retrieve access_token");
     debug(tv, "modoauth2::access_token::token");
@@ -230,6 +230,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r,
         return mkfailure<int>(reason(prc));
 
     // Send session ID to the client in a cookie
+    debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth2::access_token::setcookie");
     apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server))));
     return httpd::externalRedirect(httpd::url(r->uri, r), r);
 }
author	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2011-08-06 05:59:04 +0000
committer	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2011-08-06 05:59:04 +0000
commit	96659f703781c4223a9db5013cac10b850daa46b (patch)
tree	fed109b192a9d4d8c9f1358fd289fff45318f9a8 /sca-cpp/trunk/modules/oauth
parent	9bc3767bab48bbd5897441a36d90f5b7daa8e321 (diff)