diff options
author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-08-06 05:59:04 +0000 |
---|---|---|
committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-08-06 05:59:04 +0000 |
commit | 96659f703781c4223a9db5013cac10b850daa46b (patch) | |
tree | fed109b192a9d4d8c9f1358fd289fff45318f9a8 /sca-cpp/trunk/modules/oauth | |
parent | 9bc3767bab48bbd5897441a36d90f5b7daa8e321 (diff) |
Make authentication work with wildcard domains and increase authentication cookie max-age.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1154445 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
-rw-r--r-- | sca-cpp/trunk/modules/oauth/htdocs/login/index.html | 6 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html | 12 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/oauth/htdocs/logout/index.html | 3 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/oauth/mod-oauth1.cpp | 1 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/oauth/mod-oauth2.cpp | 3 |
5 files changed, 17 insertions, 8 deletions
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html index 5de29ca9da..3805deade3 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html @@ -57,7 +57,8 @@ if (typeof(oauthReferrer()) == 'undefined') { function submitSignin2(w) { parms = w(); - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.signin2.mod_oauth2_authorize.value = parms[0]; document.signin2.mod_oauth2_access_token.value = parms[1]; document.signin2.mod_oauth2_client_id.value = parms[2]; @@ -78,7 +79,8 @@ function withGithub() { function submitSignin1(w) { parms = w(); - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.signin1.mod_oauth1_request_token.value = parms[0]; document.signin1.mod_oauth1_authorize.value = parms[1]; document.signin1.mod_oauth1_access_token.value = parms[2]; diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html index 59e45b470b..8be8a4deaa 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html @@ -30,7 +30,8 @@ <script type="text/javascript"> function submitFormSignin() { - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.formSignin.httpd_location.value = '/'; document.formSignin.submit(); } @@ -61,7 +62,8 @@ if (typeof(openauthReferrer()) == 'undefined') { } function submitOpenIDSignin(w) { - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.openIDSignin.openid_identifier.value = w(); document.openIDSignin.action = openauthReferrer(); document.openIDSignin.submit(); @@ -109,7 +111,8 @@ function withXRDSEndpoint() { function submitOAuth2Signin(w) { parms = w(); - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.oauth2Signin.mod_oauth2_authorize.value = parms[0]; document.oauth2Signin.mod_oauth2_access_token.value = parms[1]; document.oauth2Signin.mod_oauth2_client_id.value = parms[2]; @@ -130,7 +133,8 @@ function withGithub() { function submitOAuth1Signin(w) { parms = w(); - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + document.cookie = reset; document.oauth1Signin.mod_oauth1_request_token.value = parms[0]; document.oauth1Signin.mod_oauth1_authorize.value = parms[1]; document.oauth1Signin.mod_oauth1_access_token.value = parms[2]; diff --git a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html index 37c2594ffb..267c501b83 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html @@ -32,7 +32,8 @@ <form name="signout" action="/login" method="GET"> <script type="text/javascript"> function submitSignout() { - document.cookie = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + window.location.hostname + ';path=/;secure=TRUE'; + document.cookie = reset; document.signout.submit(); return true; } diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp index e990f6dba2..252d5c5ee0 100644 --- a/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp +++ b/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp @@ -378,6 +378,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, return mkfailure<int>(reason(prc)); // Send session ID to the client in a cookie + debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth1::access_token::setcookie"); apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server)))); return httpd::externalRedirect(httpd::url(r->uri, r), r); } diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp index 61f242a80e..2e4b2e5b80 100644 --- a/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp +++ b/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp @@ -203,7 +203,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, if (!hasContent(tr)) return mkfailure<int>(reason(tr)); debug(tr, "modoauth2::access_token::response"); - const list<value> tv = assoc<value>("access_token", httpd::queryArgs(join("", convertValues<string>(content(tr))))); + const list<value> tv = assoc<value>("access_token", httpd::queryArgs(join("", convertValues<string>(cadr<value>(content(tr)))))); if (isNil(tv) || isNil(cdr(tv))) return mkfailure<int>("Couldn't retrieve access_token"); debug(tv, "modoauth2::access_token::token"); @@ -230,6 +230,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, return mkfailure<int>(reason(prc)); // Send session ID to the client in a cookie + debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth2::access_token::setcookie"); apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server)))); return httpd::externalRedirect(httpd::url(r->uri, r), r); } |