diff options
author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-11-14 07:10:15 +0000 |
---|---|---|
committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-11-14 07:10:15 +0000 |
commit | 4bf0a7052b448315eda710857acafe24bb112a5b (patch) | |
tree | 89b47bf8471da886a2c523721d76c6ebd5860c28 /sca-cpp/trunk | |
parent | 1b4cab13b70f2d596ecb98e81073dbb45e0e85df (diff) |
Change authentication scheme from Form based auth to OpenID + OAuth.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1201614 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk')
39 files changed, 267 insertions, 133 deletions
diff --git a/sca-cpp/trunk/.gitignore b/sca-cpp/trunk/.gitignore index 0a161b3717..1dd44f8fd9 100644 --- a/sca-cpp/trunk/.gitignore +++ b/sca-cpp/trunk/.gitignore @@ -56,7 +56,7 @@ m4/ config.guess config.sub config.status -*config.js +config.js all.js *-min.html *-min.js @@ -93,7 +93,7 @@ doxygen *.jar *.prefix *.crt -*.patch +/*.patch index.yaml core gen-cpp/ @@ -135,7 +135,7 @@ scribe-cat js-test js-eval file-test -test-start +test-start* xml-value value-xml json-value diff --git a/sca-cpp/trunk/README b/sca-cpp/trunk/README index d532fe68d4..92dfde8154 100644 --- a/sca-cpp/trunk/README +++ b/sca-cpp/trunk/README @@ -15,9 +15,9 @@ can be used to help assemble distributed SCA composite applications: Cache: key/value memory cache, using Memcached; Chat: XMPP chat, using Apache Vysper and Libstrophe; Constdb: fast persistent store for mostly constant data, using TinyCDB; -Filedb: key/value 'NoSQL' persistent store, using plain files; +Filedb: key/value persistent store, using plain files; Http: HTTP client, using Libcurl; -Kvdb: fast key/value 'NoSQL' persistent store, using LevelDB; +Kvdb: fast key/value persistent store, using LevelDB; Log: distributed logger, using Facebook Scribe; Queue: AMQP queuing, using Apache Qpid/C; Sqldb: SQL database, using PostgreSQL; @@ -77,9 +77,9 @@ Here's a rough guide to the Tuscany SCA source tree: | | |-- cache Memcached key/value cache | | |-- chat XMPP chat | | |-- constdb TinyCDB constant persistent store - | | |-- filedb Plain file NoSQL persistent store + | | |-- filedb Plain file persistent store | | |-- http HTTP client - | | |-- kvdb LevelDB NoSQL persistent store + | | |-- kvdb LevelDB key/value persistent store | | |-- log Scribe logger | | |-- queue AMQP message queue | | |-- sqldb PostgreSQL database @@ -98,6 +98,7 @@ Here's a rough guide to the Tuscany SCA source tree: | | | |-- macos Automated install on Mac OS X 10.1.7 | |-- ubuntu Automated install on Ubuntu 10.10 + | |-- patches Temporary patches to some of the dependencies | |-- branches Topic and release branches | diff --git a/sca-cpp/trunk/macos/macos-install b/sca-cpp/trunk/macos/macos-install index 2cc8a57dfa..b9474482a4 100755 --- a/sca-cpp/trunk/macos/macos-install +++ b/sca-cpp/trunk/macos/macos-install @@ -105,7 +105,8 @@ curl -OL http://memcached.googlecode.com/files/memcached-1.4.7.tar.gz tar xzf memcached-1.4.7.tar.gz cd memcached-1.4.7 # http://code.google.com/p/memcached/issues/detail?id=218 -patch -p0<$build/../memcached-1.4.7.patch +curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/memcached-1.4.7.patch +patch -p0 <memcached-1.4.7.patch autoreconf --install ./configure --with-libevent=$build/libevent-2.0.13-stable-bin --prefix=$build/memcached-1.4.7-bin make @@ -265,10 +266,13 @@ if [ "$?" != "0" ]; then exit $? fi cd $build -curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.1.tar.gz/download -o modsecurity-crs_2.2.1.tar.gz -tar xzf modsecurity-crs_2.2.1.tar.gz -cp -R $build/modsecurity-crs_2.2.1/base_rules $build/modsecurity-apache-2.6.1-bin -cp -R $build/modsecurity-crs_2.2.1/optional_rules $build/modsecurity-apache-2.6.1-bin +curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz/download -o modsecurity-crs_2.2.2.tar.gz +tar xzf modsecurity-crs_2.2.2.tar.gz +cd modsecurity-crs_2.2.2 +curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch +patch -p0 <modsecurity-crs_2.2.2.patch +cp -R base_rules $build/modsecurity-apache-2.6.1-bin +cp -R optional_rules $build/modsecurity-apache-2.6.1-bin if [ "$?" != "0" ]; then exit $? fi @@ -305,7 +309,7 @@ fi cd $build # Create src archive -tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.1 modsecurity-crs_2.2.1.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin +tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.2 modsecurity-crs_2.2.2.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin # Create bin archive tar czf tuscany-sca-cpp-1.0.tar.gz apr-1.4.x-bin curl-7.19.5-bin expat-2.0.1-bin htmltidy-bin httpd-2.3.15-bin js-1.8.5-bin libcloud-0.4.2-bin libevent-2.0.13-stable-bin liboauth-0.9.1-bin libopkele-bin libstrophe-bin libxml2-2.7.7-bin memcached-1.4.7-bin mod-auth-openid-bin modsecurity-apache-2.6.1-bin nspr-4.8.8-bin nuvem/nuvem-parallel pcre-8.12-bin tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin diff --git a/sca-cpp/trunk/modules/edit/Makefile.am b/sca-cpp/trunk/modules/edit/Makefile.am index b6a6fc9419..98c0ecc2e9 100644 --- a/sca-cpp/trunk/modules/edit/Makefile.am +++ b/sca-cpp/trunk/modules/edit/Makefile.am @@ -20,16 +20,16 @@ if WANT_PYTHON moddir = $(prefix)/modules/edit dist_mod_SCRIPTS = start stop ssl-start mkapplinks -BUILT_SOURCES = htdocs/headconfig.js htdocs/footconfig.js -htdocs/headconfig.js: - touch htdocs/headconfig.js +BUILT_SOURCES = htdocs/config.js htdocs/public/config.js +htdocs/config.js: + touch htdocs/config.js -htdocs/footconfig.js: - touch htdocs/footconfig.js +htdocs/public/config.js: + touch htdocs/public/config.js -not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/notfound/index.html htdocs/oops/index.html htdocs/graph/index.html htdocs/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/headconfig.js htdocs/footconfig.js +not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/public/notfound/index.html htdocs/public/oops/index.html htdocs/graph/index.html htdocs/public/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/public/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/config.js htdocs/public/config.js -minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/notfound/index-min.html htdocs/oops/index-min.html htdocs/graph/index-min.html htdocs/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/headconfig-min.js htdocs/footconfig-min.js +minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/public/notfound/index-min.html htdocs/public/oops/index-min.html htdocs/graph/index-min.html htdocs/public/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/public/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/config-min.js htdocs/public/config-min.js resources = edit.composite *.py htdocs/*.cmf htdocs/*.ico htdocs/home/*.png htdocs/app/*.cmf htdocs/home/*.b64 htdocs/*.txt htdocs/public/*.png htdocs/public/*.b64 palettes/*/palette.composite accounts/*/*.account apps/*/app.composite apps/*/app.stats apps/*/htdocs/app.html dashboards/*/user.apps store/*/store.apps ${not_minified} ${minified} diff --git a/sca-cpp/trunk/modules/edit/accounts.py b/sca-cpp/trunk/modules/edit/accounts.py index 600134c054..4589f6c0cc 100644 --- a/sca-cpp/trunk/modules/edit/accounts.py +++ b/sca-cpp/trunk/modules/edit/accounts.py @@ -25,7 +25,7 @@ def accountid(user): # Get the current user's account def get(id, user, cache): account = cache.get(accountid(user)) - if isNil(account): + if isNil(account) or account is None: return () return account diff --git a/sca-cpp/trunk/modules/edit/apps.py b/sca-cpp/trunk/modules/edit/apps.py index a820f969cb..35a4c79e33 100644 --- a/sca-cpp/trunk/modules/edit/apps.py +++ b/sca-cpp/trunk/modules/edit/apps.py @@ -56,7 +56,7 @@ def get(id, cache, store, composites, pages): if isNil(id): return (("'feed", ("'title", "Apps"), ("'id", "apps")),) app = cache.get(appid(id)); - if (isNil(app) or app is None): + if isNil(app) or app is None: return (("'entry", ("'title", car(id)), ("'id", car(id))),) return app diff --git a/sca-cpp/trunk/modules/edit/composites.py b/sca-cpp/trunk/modules/edit/composites.py index 7eb8593d18..87569a8700 100644 --- a/sca-cpp/trunk/modules/edit/composites.py +++ b/sca-cpp/trunk/modules/edit/composites.py @@ -33,7 +33,7 @@ def get(id, cache): if isNil(id): return (("'feed", ("'title", "Composites"), ("'id", "composites")),) app = cache.get(appid(id)); - if (isNil(app) or app is None): + if isNil(app) or app is None: return (("'entry", ("'title", car(id)), ("'id", car(id))),) return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(app))),) diff --git a/sca-cpp/trunk/modules/edit/dashboards.py b/sca-cpp/trunk/modules/edit/dashboards.py index 5e98c9cb59..f42106e0ec 100644 --- a/sca-cpp/trunk/modules/edit/dashboards.py +++ b/sca-cpp/trunk/modules/edit/dashboards.py @@ -25,7 +25,7 @@ def dashboardid(user): # Get a dashboard from the cache def getdashboard(id, cache): dashboard = cache.get(id) - if isNil(dashboard): + if isNil(dashboard) or dashboard is None: return () return dashboard diff --git a/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf b/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf index b478c7cd3d..6ea53970aa 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf +++ b/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf @@ -4,12 +4,12 @@ CACHE MANIFEST # App resources /favicon.ico -/notauth/ -/notfound/ -/notyet/ -/oops/ /public/iframe-min.html /public/img.png +/public/notauth/ +/public/notfound/ +/public/notyet/ +/public/oops/ /public/touchicon.png NETWORK: diff --git a/sca-cpp/trunk/modules/edit/htdocs/app/index.html b/sca-cpp/trunk/modules/edit/htdocs/app/index.html index 97ea0a3f79..0b01c1d3bd 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/app/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/app/index.html @@ -48,6 +48,8 @@ appcache.get = function(uri) { if (http.status == 200) { if (http.getResponseHeader("X-Login") != null) { if (log) log('http error', u, 'X-Login'); + // Redirect to login page if not signed in + document.location = '/login/'; return null; } else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) { if (log) log('http error', u, 'No-Content'); @@ -57,6 +59,9 @@ appcache.get = function(uri) { return http.responseText; } if (log) log('http error', u, http.status, http.statusText); + // Redirect to login page if not signed in + if (http.status == 403) + document.location = '/login/'; return null; }; @@ -69,6 +74,10 @@ appcache.get = function(uri) { document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css'))); })(); +// Redirect to login page if not signed in +if (document.location.protocol == 'https:' && !ui.signedin()) + document.location = '/login/'; + </script> </head> <body class="delayed" onload="onload();"> @@ -77,7 +86,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js'))); })(); </script> </div> @@ -117,8 +126,8 @@ var locationcomp = sca.httpclient('location', '/' + appname + '/location'); var appresources = [ ['/all-min.js'], ['/ui-min.css'], - ['/footconfig-min.js'], - ['/headconfig-min.js'], + ['/config-min.js'], + ['/public/config-min.js'] ]; /** @@ -889,11 +898,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf b/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf index 0be3e662d7..cb76f773a3 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf +++ b/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf @@ -5,12 +5,12 @@ CACHE MANIFEST # App resources / /favicon.ico -/notauth/ -/notfound/ -/notyet/ -/oops/ /public/iframe-min.html /public/img.png +/public/notauth/ +/public/notfound/ +/public/notyet/ +/public/oops/ /public/touchicon.png NETWORK: diff --git a/sca-cpp/trunk/modules/edit/htdocs/index.html b/sca-cpp/trunk/modules/edit/htdocs/index.html index 547c11652a..0a57717a06 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/index.html @@ -48,6 +48,8 @@ appcache.get = function(uri) { if (http.status == 200) { if (http.getResponseHeader("X-Login") != null) { if (log) log('http error', u, 'X-Login'); + // Redirect to login page if not signed in + document.location = '/login/'; return null; } else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) { if (log) log('http error', u, 'No-Content'); @@ -57,6 +59,9 @@ appcache.get = function(uri) { return http.responseText; } if (log) log('http error', u, http.status, http.statusText); + // Redirect to login page if not signed in + if (http.status == 403) + document.location = '/login/'; return null; }; @@ -69,6 +74,10 @@ appcache.get = function(uri) { document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css'))); })(); +// Redirect to login page if not signed in +if (document.location.protocol == 'https:' && !ui.signedin()) + document.location = '/login/'; + </script> </head> <body class="delayed" onload="onload();"> @@ -77,7 +86,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js'))); })(); </script> </div> @@ -117,13 +126,13 @@ var appresources = [ ['/account/', 'flip'], ['/clone/', 'flip'], ['/create/', 'flip'], - ['/footconfig-min.js'], ['/graph/', 'flip'], - ['/headconfig-min.js'], + ['/config-min.js'], ['/home/', 'right'], ['/home/home.b64'], ['/page/', 'flip'], ['/public/app.b64'], + ['/public/config-min.js'], ['/public/grid72.b64'], ['/public/iframe-min.html'], ['/public/img.b64'], @@ -249,7 +258,9 @@ function showmenu(mdiv, view, appname) { ui.menu('Stats', '/#view=stats&app=' + appname, '_view', view == 'stats'), ui.menu('Page', '/#view=page&app=' + appname, '_view', view == 'page'), ui.menu(isNil(config.compose)? 'Composition' : config.compose, '/#view=graph&app=' + appname, '_view', view == 'graph'))), - mklist(ui.menu('Account', '/#view=account', '_view', view == 'account'), ui.menu('Sign out', '/logout/', '_self', false))); + mklist( + ui.menu('Account', '/#view=account', '_view', view == 'account'), + ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false))); } /** @@ -486,11 +497,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/htdocs/login/index.html b/sca-cpp/trunk/modules/edit/htdocs/login/index.html index 76709af15e..982f8cf446 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/login/index.html @@ -32,7 +32,8 @@ <h1>Sign in</h1> -<form name="formSignin" onsubmit="submitSignin();" method="POST" action="/login/dologin/"> +<!-- +<form name="passwordSignin" onsubmit="submitPasswordSignin();" method="POST" action="/login/dologin/"> <table border="0"> <tr><td><b>Username:</b></td></tr> <tr><td><input type="text" id="httpd_username" name="httpd_username" value="" size="15" autocapitalize="off" placeholder="Enter your user name" style="width: 300px;"/></td></tr> @@ -42,6 +43,33 @@ </table> <input type="hidden" name="httpd_location" value="/"/> </form> +--> + +<form name="openIDForm"> +<table border="0"> +<tr><td><b>Sign in with your Google account</b></td></tr> +<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOpenIDSignin(withGoogle)"/></td></tr> +</table> +</form> + +<form name="oauth2Form"> +<table border="0"> +<tr><td><b>Sign in with your Facebook account</b></td></tr> +<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withFacebook)"/></td></tr> +</table> +</form> + +<form name="openIDSignin" action="/" method="GET"> +<input type="hidden" name="openid_identifier" value=""/> +</form> + +<form name="oauth2Signin" action="/" method="GET"> +<input type="hidden" name="mod_oauth2_authorize" value=""/> +<input type="hidden" name="mod_oauth2_access_token" value=""/> +<input type="hidden" name="mod_oauth2_client_id" value=""/> +<input type="hidden" name="mod_oauth2_info" value=""/> +<input type="hidden" name="mod_oauth2_step" value="authorize"/> +</form> <script type="text/javascript"> function queryParams() { @@ -55,7 +83,7 @@ function queryParams() { return qp; } -function oauthReferrer() { +function formReferrer() { r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return '/'; @@ -68,11 +96,68 @@ function oauthReferrer() { return r; } -function submitSignin() { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/'; +function openauthReferrer() { + r = queryParams()['openauth_referrer']; + if (typeof(r) == 'undefined') + return '/'; + q = r.indexOf('?'); + if (q > 0) + return r.substring(0, q); + return r; +} + +/** + * Signin with a userid and password. + */ +function submitPasswordSignin() { + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/'; + document.cookie = reset; + localStorage.removeItem('/r/EditWidget/accounts'); + localStorage.removeItem('/r/EditWidget/dashboards'); + //localStorage.clear(); + document.passwordSignin.httpd_location.value = formReferrer(); + document.passwordSignin.submit(); +} + +/** + * Signin with OpenID. + */ +function submitOpenIDSignin(w) { + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/'; + document.cookie = reset; + localStorage.removeItem('/r/EditWidget/accounts'); + localStorage.removeItem('/r/EditWidget/dashboards'); + //localStorage.clear(); + document.openIDSignin.openid_identifier.value = w(); + document.openIDSignin.action = openauthReferrer(); + document.openIDSignin.submit(); +} + +function withGoogle() { + return 'https://www.google.com/accounts/o8/id'; +} + +/** + * Signin with OAuth 2.0. + */ +function submitOAuth2Signin(w) { + parms = w(); + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/'; document.cookie = reset; - document.formSignin.httpd_location.value = oauthReferrer(); - document.formSignin.submit(); + localStorage.removeItem('/r/EditWidget/accounts'); + localStorage.removeItem('/r/EditWidget/dashboards'); + //localStorage.clear(); + document.oauth2Signin.mod_oauth2_authorize.value = parms[0]; + document.oauth2Signin.mod_oauth2_access_token.value = parms[1]; + document.oauth2Signin.mod_oauth2_client_id.value = parms[2]; + document.oauth2Signin.mod_oauth2_info.value = parms[3]; + document.oauth2Signin.action = openauthReferrer(); + document.oauth2Signin.submit(); +} + +function withFacebook() { + var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'facebook.com', 'https://graph.facebook.com/me']; + return parms; } /** diff --git a/sca-cpp/trunk/modules/edit/htdocs/logout/index.html b/sca-cpp/trunk/modules/edit/htdocs/logout/index.html index f5dd06ee99..133b6b7348 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/logout/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/logout/index.html @@ -32,16 +32,18 @@ <h1>Sign out</h1> -<form name="signout" onsubmit="submitSignout();" action="/" method="GET"> +<form name="signout" onsubmit="submitSignout();" action="/login/" method="GET"> <input type="submit" id="signOut" value="Sign out" class="graybutton" style="font-weight: bold"/> </form> <script type="text/javascript"> function submitSignout() { - // Clear session cookie and local storage + // Clear session cookie and user-specific local storage entries var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/'; document.cookie = reset; - localStorage.clear(); + localStorage.removeItem('/r/EditWidget/accounts'); + localStorage.removeItem('/r/EditWidget/dashboards'); + //localStorage.clear(); document.signout.submit(); return true; } diff --git a/sca-cpp/trunk/modules/edit/htdocs/notauth/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notauth/index.html index b44ccb26e9..8a688c9aa5 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/notauth/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/public/notauth/index.html @@ -76,7 +76,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js'))); })(); </script> </div> @@ -109,8 +109,8 @@ var cdiv = $('content'); */ function showmenu(mdiv) { mdiv.innerHTML = ui.menubar( - mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)), - mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false))); + mklist(ui.menu('Home', '/', '_view', false)), + mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false))); } showmenu(mdiv); @@ -145,11 +145,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/htdocs/notfound/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notfound/index.html index 6b3bb09824..b7ba34c416 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/notfound/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/public/notfound/index.html @@ -76,7 +76,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js'))); })(); </script> </div> @@ -110,8 +110,8 @@ var cdiv = $('content'); */ function showmenu(mdiv) { mdiv.innerHTML = ui.menubar( - mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)), - mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false))); + mklist(ui.menu('Home', '/', '_view', false)), + mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false))); } showmenu(mdiv); @@ -146,11 +146,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/htdocs/notyet/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notyet/index.html index d01e535299..ca164f3172 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/notyet/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/public/notyet/index.html @@ -76,7 +76,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js'))); })(); </script> </div> @@ -110,8 +110,8 @@ var cdiv = $('content'); */ function showmenu(mdiv) { mdiv.innerHTML = ui.menubar( - mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)), - mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false))); + mklist(ui.menu('Home', '/', '_view', false)), + mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false))); } showmenu(mdiv); @@ -146,11 +146,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/htdocs/oops/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/oops/index.html index aeb5ae5d2c..8cfe2f6537 100644 --- a/sca-cpp/trunk/modules/edit/htdocs/oops/index.html +++ b/sca-cpp/trunk/modules/edit/htdocs/public/oops/index.html @@ -76,7 +76,7 @@ appcache.get = function(uri) { <div id="headdiv" class="hsection"> <script type="text/javascript"> (function() { -$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js'))); +$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js'))); })(); </script> </div> @@ -109,8 +109,8 @@ var cdiv = $('content'); */ function showmenu(mdiv) { mdiv.innerHTML = ui.menubar( - mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)), - mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false))); + mklist(ui.menu('Home', '/', '_view', false)), + mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false))); } showmenu(mdiv); @@ -145,11 +145,6 @@ function onload() { </script> <div id="footdiv" class="fsection"> -<script type="text/javascript"> -(function() { -$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js'))); -})(); -</script> </div> </div> diff --git a/sca-cpp/trunk/modules/edit/pages.py b/sca-cpp/trunk/modules/edit/pages.py index aa84f40162..99392aeeef 100644 --- a/sca-cpp/trunk/modules/edit/pages.py +++ b/sca-cpp/trunk/modules/edit/pages.py @@ -33,7 +33,7 @@ def get(id, cache): if isNil(id): return (("'feed", ("'title", "Pages"), ("'id", "pages")),) xhtml = cache.get(appid(id)) - if (isNil(xhtml) or xhtml is None): + if isNil(xhtml) or xhtml is None: return (("'entry", ("'title", car(id)), ("'id", car(id))),) return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(xhtml))),) diff --git a/sca-cpp/trunk/modules/edit/ssl-start b/sca-cpp/trunk/modules/edit/ssl-start index f467371b80..5103566a5c 100755 --- a/sca-cpp/trunk/modules/edit/ssl-start +++ b/sca-cpp/trunk/modules/edit/ssl-start @@ -32,11 +32,30 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python` ../../modules/http/httpd-event-conf tmp ../../modules/http/httpd-ssl-conf tmp 8453 -# Configure authentication -../../modules/http/open-auth-conf tmp -../../modules/http/passwd-auth-conf tmp john john -../../modules/http/passwd-auth-conf tmp jane jane -../../modules/http/passwd-auth-conf tmp admin admin +# Configure password authentication +#../../modules/http/open-auth-conf tmp +#../../modules/http/passwd-auth-conf tmp john john +#../../modules/http/passwd-auth-conf tmp jane jane +#../../modules/http/passwd-auth-conf tmp admin admin + +# Configure OAuth authentication +# Configure your OAuth app keys here +../../modules/oauth/oauth-conf tmp +../../modules/oauth/oauth-memcached-conf tmp sca-store.com 11212 +../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890 + +# Configure OpenID step2 authentication +../../modules/openid/openid-conf tmp +../../modules/openid/openid-step2-conf tmp +../../modules/openid/openid-memcached-conf tmp sca-store.com 11212 + +# Configure authorized users +#../../modules/http/group-auth-conf tmp john +#../../modules/http/group-auth-conf tmp jane +#../../modules/http/group-auth-conf tmp admin +# Configure your OpenID and OAuth ids here +../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=45678 +../../modules/http/group-auth-conf tmp 23456789 # Configure mod-security ../../modules/http/mod-security-conf tmp @@ -48,9 +67,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python` # Configure error pages cat >>tmp/conf/svhost-ssl.conf <<EOF # Error pages -ErrorDocument 404 /notfound/ -ErrorDocument 401 /notauth/ -ErrorDocument 500 /oops/ +ErrorDocument 404 /public/notfound/ +ErrorDocument 401 /public/notauth/ +ErrorDocument 500 /public/oops/ +ErrorDocument 405 /public/oops/ EOF @@ -100,8 +120,9 @@ EOF mkdir -p tmp/appdata/filedb # Start memcached -../../components/cache/memcached-start +../../components/cache/memcached-start 11211 +../../components/cache/memcached-start 11212 # Start server -../http/httpd-start tmp +../../modules/http/httpd-start tmp diff --git a/sca-cpp/trunk/modules/edit/start b/sca-cpp/trunk/modules/edit/start index dfc6fa2b14..361cead2df 100755 --- a/sca-cpp/trunk/modules/edit/start +++ b/sca-cpp/trunk/modules/edit/start @@ -34,9 +34,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python` # Configure error pages cat >>tmp/conf/svhost.conf <<EOF # Error pages -ErrorDocument 404 /notfound/ -ErrorDocument 401 /notauth/ -ErrorDocument 500 /oops/ +ErrorDocument 404 /public/notfound/ +ErrorDocument 401 /public/notauth/ +ErrorDocument 500 /public/oops/ +ErrorDocument 405 /public/oops/ EOF @@ -86,7 +87,8 @@ mkdir -p tmp/appdata/filedb # Start memcached ../../components/cache/memcached-start 11211 +../../components/cache/memcached-start 11212 # Start server -../http/httpd-start tmp +../../modules/http/httpd-start tmp diff --git a/sca-cpp/trunk/modules/edit/stop b/sca-cpp/trunk/modules/edit/stop index bc831c18a6..60c25f88f5 100755 --- a/sca-cpp/trunk/modules/edit/stop +++ b/sca-cpp/trunk/modules/edit/stop @@ -17,6 +17,7 @@ # specific language governing permissions and limitations # under the License. -../http/httpd-stop tmp +../../modules/http/httpd-stop tmp ../../components/cache/memcached-stop 11211 +../../components/cache/memcached-stop 11212 diff --git a/sca-cpp/trunk/modules/edit/store.py b/sca-cpp/trunk/modules/edit/store.py index eaa68b1d23..79750975a5 100644 --- a/sca-cpp/trunk/modules/edit/store.py +++ b/sca-cpp/trunk/modules/edit/store.py @@ -25,7 +25,7 @@ def storeid(tag): # Get a store from the cache def getstore(id, cache): store = cache.get(id) - if isNil(store): + if isNil(store) or store is None: return () return store diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf index 516debd795..67de40e5a6 100755 --- a/sca-cpp/trunk/modules/http/httpd-conf +++ b/sca-cpp/trunk/modules/http/httpd-conf @@ -267,6 +267,11 @@ AuthUserFile "$root/conf/httpd.passwd" Require all granted </Location> +# Mark login page with a header +<Location /login> +Header set X-Login open-auth +</Location> + EOF # Create password and group files diff --git a/sca-cpp/trunk/modules/http/httpd.hpp b/sca-cpp/trunk/modules/http/httpd.hpp index d413e6c288..c1cc16d08d 100644 --- a/sca-cpp/trunk/modules/http/httpd.hpp +++ b/sca-cpp/trunk/modules/http/httpd.hpp @@ -603,6 +603,7 @@ const int externalRedirect(const string& uri, request_rec* r) { debug(uri, "httpd::externalRedirect"); r->status = HTTP_MOVED_TEMPORARILY; apr_table_setn(r->headers_out, "Location", apr_pstrdup(r->pool, c_str(uri))); + apr_table_setn(r->headers_out, "Cache-Control", "no-cache"); r->filename = apr_pstrdup(r->pool, c_str(string("/redirect:/") + uri)); return HTTP_MOVED_TEMPORARILY; } diff --git a/sca-cpp/trunk/modules/http/open-auth-conf b/sca-cpp/trunk/modules/http/open-auth-conf index bed20d75a9..66d36242e2 100755 --- a/sca-cpp/trunk/modules/http/open-auth-conf +++ b/sca-cpp/trunk/modules/http/open-auth-conf @@ -35,7 +35,7 @@ cat >>$root/conf/auth.conf <<EOF AuthType Open AuthName "$host" Session On -SessionCookieName TuscanyOpenAuth domain=.$host; path=/; max-age=31556926 +SessionCookieName TuscanyOpenAuth domain=.$host; path=/ SessionCryptoPassphrase $pw AuthOpenAuth On AuthOpenAuthLoginPage /login @@ -53,10 +53,5 @@ Require valid-user SetHandler form-login-handler </Location> -# Mark login page with a header -<Location /login> -Header set X-Login open-auth -</Location> - EOF diff --git a/sca-cpp/trunk/modules/http/openauth.hpp b/sca-cpp/trunk/modules/http/openauth.hpp index d7377324d9..e044a74fe2 100644 --- a/sca-cpp/trunk/modules/http/openauth.hpp +++ b/sca-cpp/trunk/modules/http/openauth.hpp @@ -77,7 +77,7 @@ const string cookie(const string& sid, const string& domain) { const time_t t = time(NULL) + 86400; char exp[32]; strftime(exp, 32, "%a, %d-%b-%Y %H:%M:%S GMT", gmtime(&t)); - const string c = string("TuscanyOpenAuth=") + sid + ";domain=." + domain + ";path=/;expires=" + string(exp) + ";secure=TRUE"; + const string c = string("TuscanyOpenAuth=") + sid + "; expires=" + string(exp) + "; domain=." + domain + "; path=/"; debug(c, "openauth::cookie"); return c; } diff --git a/sca-cpp/trunk/modules/js/htdocs/ui.js b/sca-cpp/trunk/modules/js/htdocs/ui.js index d8628f6dd0..ee65d62e56 100644 --- a/sca-cpp/trunk/modules/js/htdocs/ui.js +++ b/sca-cpp/trunk/modules/js/htdocs/ui.js @@ -193,6 +193,13 @@ ui.windowtitle = function(host) { }; /** + * Return true if the session cookie contains signin information. + */ +ui.signedin = function() { + return !isNil(document.cookie) && document.cookie.indexOf('TuscanyOpenAuth=') != -1; +}; + +/** * Convert a CSS position to a numeric position. */ ui.numpos = function(p) { diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html index 3805deade3..d1002f79ec 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html @@ -57,7 +57,7 @@ if (typeof(oauthReferrer()) == 'undefined') { function submitSignin2(w) { parms = w(); - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.signin2.mod_oauth2_authorize.value = parms[0]; document.signin2.mod_oauth2_access_token.value = parms[1]; @@ -79,7 +79,7 @@ function withGithub() { function submitSignin1(w) { parms = w(); - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.signin1.mod_oauth1_request_token.value = parms[0]; document.signin1.mod_oauth1_authorize.value = parms[1]; diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html index 8be8a4deaa..57484dc479 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html @@ -30,7 +30,7 @@ <script type="text/javascript"> function submitFormSignin() { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.formSignin.httpd_location.value = '/'; document.formSignin.submit(); @@ -62,7 +62,7 @@ if (typeof(openauthReferrer()) == 'undefined') { } function submitOpenIDSignin(w) { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.openIDSignin.openid_identifier.value = w(); document.openIDSignin.action = openauthReferrer(); @@ -111,7 +111,7 @@ function withXRDSEndpoint() { function submitOAuth2Signin(w) { parms = w(); - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.oauth2Signin.mod_oauth2_authorize.value = parms[0]; document.oauth2Signin.mod_oauth2_access_token.value = parms[1]; @@ -133,7 +133,7 @@ function withGithub() { function submitOAuth1Signin(w) { parms = w(); - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.oauth1Signin.mod_oauth1_request_token.value = parms[0]; document.oauth1Signin.mod_oauth1_authorize.value = parms[1]; diff --git a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html index 267c501b83..35172da07f 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html @@ -32,7 +32,7 @@ <form name="signout" action="/login" method="GET"> <script type="text/javascript"> function submitSignout() { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + window.location.hostname + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.signout.submit(); return true; diff --git a/sca-cpp/trunk/modules/oauth/oauth-conf b/sca-cpp/trunk/modules/oauth/oauth-conf index 02f81a240b..856eea7f39 100755 --- a/sca-cpp/trunk/modules/oauth/oauth-conf +++ b/sca-cpp/trunk/modules/oauth/oauth-conf @@ -41,6 +41,12 @@ LoadModule mod_tuscany_oauth2 $here/libmod_tuscany_oauth2$libsuffix EOF +cat >$root/cert/oauth-keys.conf <<EOF +# Generated by: oauth-conf $* +# OAuth App keys + +EOF + cat >>$root/conf/auth.conf <<EOF # Generated by: oauth-conf $* # Enable OAuth authentication @@ -54,13 +60,14 @@ Require valid-user # Configure OAuth App keys Include $root/cert/oauth-keys.conf -Include $HOME/.oauth/*-key.conf EOF -cat >$root/cert/oauth-keys.conf <<EOF -# Generated by: oauth-conf $* -# OAuth App keys +if [ -d "$HOME/.oauth" ]; then + cat >>$root/conf/auth.conf <<EOF +# Configure OAuth App keys +Include $HOME/.oauth/*-key.conf EOF +fi diff --git a/sca-cpp/trunk/modules/openid/htdocs/login/index.html b/sca-cpp/trunk/modules/openid/htdocs/login/index.html index a90b669dd7..dcb10e111f 100644 --- a/sca-cpp/trunk/modules/openid/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/openid/htdocs/login/index.html @@ -56,7 +56,7 @@ if (typeof(openidReferrer()) == 'undefined') { } function submitSignin(w) { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.signin.openid_identifier.value = w(); document.signin.action = openidReferrer(); diff --git a/sca-cpp/trunk/modules/openid/htdocs/logout/index.html b/sca-cpp/trunk/modules/openid/htdocs/logout/index.html index 7780e9dec3..35172da07f 100644 --- a/sca-cpp/trunk/modules/openid/htdocs/logout/index.html +++ b/sca-cpp/trunk/modules/openid/htdocs/logout/index.html @@ -32,7 +32,7 @@ <form name="signout" action="/login" method="GET"> <script type="text/javascript"> function submitSignout() { - var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE'; + var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/'; document.cookie = reset; document.signout.submit(); return true; diff --git a/sca-cpp/trunk/modules/openid/openid-conf b/sca-cpp/trunk/modules/openid/openid-conf index 4cc8bcdd40..021c8b1e82 100755 --- a/sca-cpp/trunk/modules/openid/openid-conf +++ b/sca-cpp/trunk/modules/openid/openid-conf @@ -44,8 +44,7 @@ Require valid-user AuthOpenIDEnabled On AuthOpenIDCookiePath / AuthOpenIDCookieName TuscanyOpenAuth -AuthOpenIDSecureCookie On -AuthOpenIDLoginPage /login +AuthOpenIDLoginPage /login/ AuthOpenIDAXAdd EMAIL http://axschema.org/contact/email AuthOpenIDAXAdd FULLNAME http://axschema.org/namePerson AuthOpenIDAXAdd NICKNAME http://axschema.org/namePerson/friendly diff --git a/sca-cpp/trunk/macos/memcached-1.4.7.patch b/sca-cpp/trunk/patches/memcached-1.4.7.patch index f34d75753e..f34d75753e 100644 --- a/sca-cpp/trunk/macos/memcached-1.4.7.patch +++ b/sca-cpp/trunk/patches/memcached-1.4.7.patch diff --git a/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch b/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch new file mode 100644 index 0000000000..2ff56de749 --- /dev/null +++ b/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch @@ -0,0 +1,8 @@ +--- base_rules/modsecurity_crs_40_generic_attacks.conf ++++ base_rules/modsecurity_crs_40_generic_attacks.conf +164,165c164,165 +< SecRule ARGS "(?:ft|htt)ps?.*\?+$" \ +< "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}" +--- +> #SecRule ARGS "(?:ft|htt)ps?.*\?+$" \ +> # "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}" diff --git a/sca-cpp/trunk/ubuntu/ubuntu-install b/sca-cpp/trunk/ubuntu/ubuntu-install index 40023e3ea0..7b46ee0872 100755 --- a/sca-cpp/trunk/ubuntu/ubuntu-install +++ b/sca-cpp/trunk/ubuntu/ubuntu-install @@ -237,8 +237,11 @@ fi cd $build curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz tar xzf modsecurity-crs_2.2.2.tar.gz -cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin -cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin +cd modsecurity-crs_2.2.2 +curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch +patch -p0 <modsecurity-crs_2.2.2.patch +cp -R base_rules $build/modsecurity-apache-2.6.1-bin +cp -R optional_rules $build/modsecurity-apache-2.6.1-bin if [ "$?" != "0" ]; then exit $? fi diff --git a/sca-cpp/trunk/ubuntu/ubuntu-install-all b/sca-cpp/trunk/ubuntu/ubuntu-install-all index ea3023e39c..fc071931ac 100755 --- a/sca-cpp/trunk/ubuntu/ubuntu-install-all +++ b/sca-cpp/trunk/ubuntu/ubuntu-install-all @@ -291,8 +291,11 @@ fi cd $build curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz tar xzf modsecurity-crs_2.2.2.tar.gz -cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin -cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin +cd modsecurity-crs_2.2.2 +curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch +patch -p0 <modsecurity-crs_2.2.2.patch +cp -R base_rules $build/modsecurity-apache-2.6.1-bin +cp -R optional_rules $build/modsecurity-apache-2.6.1-bin if [ "$?" != "0" ]; then exit $? fi |