diff options
Diffstat (limited to '')
9 files changed, 495 insertions, 75 deletions
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html index fcf5a870c0..a8ed099fae 100644 --- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html @@ -32,7 +32,7 @@ function queryParams() { } function oauthReferrer() { - r = queryParams()['mod_oauth_referrer']; + r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return r; q = r.indexOf('?'); @@ -67,10 +67,10 @@ function withGithub() { </script> <form name="signin" action="/" method="GET"> -<input type="hidden" name="mod_oauth_authorize" value="https://graph.facebook.com/oauth/authorize"/> -<input type="hidden" name="mod_oauth_access_token" value="https://graph.facebook.com/oauth/access_token"/> -<input type="hidden" name="mod_oauth_client_id" value="app1234"/> -<input type="hidden" name="mod_oauth_info" value="https://graph.facebook.com/me"/> +<input type="hidden" name="mod_oauth_authorize" value=""/> +<input type="hidden" name="mod_oauth_access_token" value=""/> +<input type="hidden" name="mod_oauth_client_id" value=""/> +<input type="hidden" name="mod_oauth_info" value=""/> <input type="hidden" name="mod_oauth_step" value="authorize"/> </form> diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html new file mode 100644 index 0000000000..16246cc621 --- /dev/null +++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html @@ -0,0 +1,158 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1> + +<script type="text/javascript"> +function queryParams() { + qp = new Array(); + qs = window.location.search.substring(1).split('&'); + for (i = 0; i < qs.length; i++) { + e = qs[i].indexOf('='); + if (e > 0) + qp[qs[i].substring(0, e)] = unescape(qs[i].substring(e + 1)); + } + return qp; +} + +function openauthReferrer() { + r = queryParams()['openauth_referrer']; + if (typeof(r) == 'undefined') + return r; + q = r.indexOf('?'); + if (q > 0) + return r.substring(0, q); + return r; +} + +if (typeof(openauthReferrer()) == 'undefined') { + document.location = '/'; +} + +function submitOpenIDSignin(w) { + document.openIDSignin.openid_identifier.value = w(); + document.openIDSignin.action = openauthReferrer(); + document.openIDSignin.submit(); +} + +function withGoogle() { + return 'https://www.google.com/accounts/o8/id'; +} + +function withYahoo() { + return 'https://me.yahoo.com/'; +} + +function withMyOpenID() { + return 'http://www.myopenid.com/xrds'; +} + +function withVerisign() { + return 'https://pip.verisignlabs.com/'; +} + +function withMySpace() { + return 'https://api.myspace.com/openid'; +} + +function withGoogleApps() { + return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value; +} + +function withLivejournal() { + return 'http://' + document.fields.ljuser.value + '.livejournal.com'; +} + +function withBlogspot() { + return 'http://' + document.fields.bsuser.value + '.blogspot.com'; +} + +function withBlogger() { + return 'http://' + document.fields.bguser.value + '.blogger.com'; +} + +function withXRDSEndpoint() { + return document.fields.endpoint.value; +} + +function submitOAuthSignin(w) { + parms = w(); + document.oauthSignin.mod_oauth_authorize.value = parms[0]; + document.oauthSignin.mod_oauth_access_token.value = parms[1]; + document.oauthSignin.mod_oauth_client_id.value = parms[2]; + document.oauthSignin.mod_oauth_info.value = parms[3]; + document.oauthSignin.action = openauthReferrer(); + document.oauthSignin.submit(); +} + +function withFacebook() { + var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me']; + return parms; +} + +function withGithub() { + var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show']; + return parms; +} +</script> + +<form name="fields"> +<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p> +<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p> +<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p> +<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p> +<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p> + +<p>Sign in with a Google apps domain<br/> +<input type="text" size="20" name="domain" value="example.com"/><br/> +<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p> + +<p>Sign in with your Livejournal account<br/> +<input type="text" size="10" name="ljuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p> + +<p>Sign in with your Blogspot account<br/> +<input type="text" size="10" name="bsuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p> + +<p>Sign in with your Blogger account<br/> +<input type="text" size="10" name="bguser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p> + +<p>Sign in with an OpenID endpoint<br/> +<input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/> +<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p> + +<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p> +<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p> +</form> + +<form name="openIDSignin" action="/" method="GET"> +<input type="hidden" name="openid_identifier" value=""/> +</form> + +<form name="oauthSignin" action="/" method="GET"> +<input type="hidden" name="mod_oauth_authorize" value=""/> +<input type="hidden" name="mod_oauth_access_token" value=""/> +<input type="hidden" name="mod_oauth_client_id" value=""/> +<input type="hidden" name="mod_oauth_info" value=""/> +<input type="hidden" name="mod_oauth_step" value="authorize"/> +</form> + +</body></html> diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp index 9a0c9aa078..9a93e6fb20 100644 --- a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp +++ b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp @@ -152,7 +152,7 @@ const failable<int> authenticated(const list<list<value> >& info, request_rec* r * Redirect to the configured login page. */ const failable<int> login(const string& page, request_rec* r) { - const list<list<value> > largs = mklist<list<value> >(mklist<value>("mod_oauth_referrer", httpd::escape(httpd::url(r->uri, r)))); + const list<list<value> > largs = mklist<list<value> >(mklist<value>("openauth_referrer", httpd::escape(httpd::url(r->uri, r)))); const string loc = httpd::url(page, r) + string("?") + httpd::queryString(largs); debug(loc, "modoauth::login::uri"); return httpd::externalRedirect(loc, r); @@ -220,6 +220,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, debug(tv, "modoauth::access_token::token"); // Request user info + // TODO Make this step configurable const list<list<value> > iargs = mklist<list<value> >(tv); const string iuri = httpd::unescape(cadr(info)) + string("?") + httpd::queryString(iargs); debug(iuri, "modoauth::access_token::infouri"); @@ -227,7 +228,7 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, debug(iv, "modoauth::access_token::info"); // Store user info in memcached keyed by session ID - const value sid = mkrand(); + const value sid = string("OAuth_") + mkrand(); memcache::put(mklist<value>("tuscanyOpenAuth", sid), content(iv), sc.mc); // Send session ID to the client in a cookie @@ -251,24 +252,36 @@ int handler(request_rec* r) { httpdDebugRequest(r, "modoauth::handler::input"); const ServerConf& sc = httpd::serverConf<ServerConf>(r, &mod_tuscany_oauth); - // Nothing to do if we're already authenticated + // Get session id from the request const maybe<string> sid = sessionID(r); if (hasContent(sid)) { + // Decline if the session id was not created by this module + if (substr(content(sid), 0, 6) != "OAuth_") + return DECLINED; + + // If we're authenticated store the user info in the request const failable<value> info = userInfo(content(sid), sc); if (hasContent(info)) return httpd::reportStatus(authenticated(content(info), r)); } - // Get the current protocol flow step from the query string + // Get the request args const list<list<value> > args = httpd::queryArgs(r); + + // Decline if the request is for OpenID authentication + if (!isNil(assoc<value>("openid_identifier", args))) + return DECLINED; + + // Determine the OAuth protocol flow step, conveniently passed + // around in a request arg const list<value> sl = assoc<value>("mod_oauth_step", args); const value step = !isNil(sl) && !isNil(cdr(sl))? cadr(sl) : ""; - // Handle an authorize request + // Handle OAuth authorize request step if (step == "authorize") return httpd::reportStatus(authorize(args, r)); - // Handle an access_token request + // Handle OAuth access_token request step if (step == "access_token") return httpd::reportStatus(access_token(args, r, sc)); @@ -347,8 +360,6 @@ const char* confEnabled(cmd_parms *cmd, void *c, const int arg) { gc_scoped_pool pool(cmd->pool); DirConf& dc = httpd::dirConf<DirConf>(c); dc.enabled = (bool)arg; - debug(dc.dir, "modoauth::confEnabled::dir"); - debug(dc.enabled, "modoauth::confEnabled::enabled"); return NULL; } const char* confLogin(cmd_parms *cmd, void *c, const char* arg) { @@ -394,7 +405,7 @@ void registerHooks(unused apr_pool_t *p) { ap_hook_post_config(postConfig, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_child_init(childInit, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_check_user_id(checkUserID, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_handler(handler, NULL, NULL, APR_HOOK_MIDDLE); + ap_hook_handler(handler, NULL, NULL, APR_HOOK_FIRST); } } diff --git a/sca-cpp/trunk/modules/oauth/start-mixed-test b/sca-cpp/trunk/modules/oauth/start-mixed-test new file mode 100755 index 0000000000..7a96773dd3 --- /dev/null +++ b/sca-cpp/trunk/modules/oauth/start-mixed-test @@ -0,0 +1,52 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Test supporting both OpenID and OAuth in the same app +here=`readlink -f $0`; here=`dirname $here` + +# Setup +../../components/cache/memcached-start 11212 +../../components/cache/memcached-start 11213 + +../../modules/http/ssl-ca-conf tmp localhost +../../modules/http/ssl-cert-conf tmp localhost +../../modules/http/httpd-conf tmp localhost 8090 htdocs +../../modules/http/httpd-ssl-conf tmp 8453 + +./oauth-conf tmp +./oauth-memcached-conf tmp localhost 11212 +./oauth-memcached-conf tmp localhost 11213 +./oauth-app-conf tmp app1234 secret6789 + +../openid/openid-conf tmp +../openid/openid-step2-conf tmp +../openid/openid-memcached-conf tmp localhost 11212 +../openid/openid-memcached-conf tmp localhost 11213 + +../../modules/server/server-conf tmp +../../modules/server/scheme-conf tmp +cat >>tmp/conf/httpd.conf <<EOF +SCAContribution `pwd`/ +SCAComposite oauth.composite + +Alias /login/index.html $here/htdocs/login/mixed.html +EOF + +../../modules/http/httpd-start tmp + diff --git a/sca-cpp/trunk/modules/openid/htdocs/login/index.html b/sca-cpp/trunk/modules/openid/htdocs/login/index.html index e6b8c6fce3..17e85ffd05 100644 --- a/sca-cpp/trunk/modules/openid/htdocs/login/index.html +++ b/sca-cpp/trunk/modules/openid/htdocs/login/index.html @@ -32,7 +32,7 @@ function queryParams() { } function openidReferrer() { - r = queryParams()['modauthopenid.referrer']; + r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return r; q = r.indexOf('?'); @@ -76,6 +76,18 @@ function withGoogleApps() { return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value; } +function withLivejournal() { + return 'http://' + document.fields.ljuser.value + '.livejournal.com'; +} + +function withBlogspot() { + return 'http://' + document.fields.bsuser.value + '.blogspot.com'; +} + +function withBlogger() { + return 'http://' + document.fields.bguser.value + '.blogger.com'; +} + function withXRDSEndpoint() { return document.fields.endpoint.value; } @@ -91,9 +103,23 @@ function withXRDSEndpoint() { <p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p> <p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p> <p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p> + <p>Sign in with a Google apps domain<br/> <input type="text" size="20" name="domain" value="example.com"/><br/> <input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p> + +<p>Sign in with your Livejournal account<br/> +<input type="text" size="10" name="ljuser" value=""/><br/> +<input type="button" onclick="submitSignin(withLivejournal)" value="Sign in"/></p> + +<p>Sign in with your Blogspot account<br/> +<input type="text" size="10" name="bsuser" value=""/><br/> +<input type="button" onclick="submitSignin(withBlogspot)" value="Sign in"/></p> + +<p>Sign in with your Blogger account<br/> +<input type="text" size="10" name="bguser" value=""/><br/> +<input type="button" onclick="submitSignin(withBlogger)" value="Sign in"/></p> + <p>Sign in with an OpenID endpoint<br/> <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/> <input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p> diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html index e6b8c6fce3..16246cc621 100644 --- a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html +++ b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/jane/login/index.html @@ -17,7 +17,7 @@ under the License. --> -<html><body><h1>Sign in with an OpenID provider</h1> +<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1> <script type="text/javascript"> function queryParams() { @@ -31,8 +31,8 @@ function queryParams() { return qp; } -function openidReferrer() { - r = queryParams()['modauthopenid.referrer']; +function openauthReferrer() { + r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return r; q = r.indexOf('?'); @@ -41,17 +41,16 @@ function openidReferrer() { return r; } -if (typeof(openidReferrer()) == 'undefined') { +if (typeof(openauthReferrer()) == 'undefined') { document.location = '/'; } -function submitSignin(w) { - document.signin.openid_identifier.value = w(); - document.signin.action = openidReferrer(); - document.signin.submit(); +function submitOpenIDSignin(w) { + document.openIDSignin.openid_identifier.value = w(); + document.openIDSignin.action = openauthReferrer(); + document.openIDSignin.submit(); } - function withGoogle() { return 'https://www.google.com/accounts/o8/id'; } @@ -76,27 +75,84 @@ function withGoogleApps() { return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value; } +function withLivejournal() { + return 'http://' + document.fields.ljuser.value + '.livejournal.com'; +} + +function withBlogspot() { + return 'http://' + document.fields.bsuser.value + '.blogspot.com'; +} + +function withBlogger() { + return 'http://' + document.fields.bguser.value + '.blogger.com'; +} + function withXRDSEndpoint() { return document.fields.endpoint.value; } -</script> -<form name="signin" action="/" method="GET"> -<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/> -</form> +function submitOAuthSignin(w) { + parms = w(); + document.oauthSignin.mod_oauth_authorize.value = parms[0]; + document.oauthSignin.mod_oauth_access_token.value = parms[1]; + document.oauthSignin.mod_oauth_client_id.value = parms[2]; + document.oauthSignin.mod_oauth_info.value = parms[3]; + document.oauthSignin.action = openauthReferrer(); + document.oauthSignin.submit(); +} + +function withFacebook() { + var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me']; + return parms; +} + +function withGithub() { + var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show']; + return parms; +} +</script> <form name="fields"> -<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p> -<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p> -<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p> -<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p> -<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p> +<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p> +<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p> +<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p> +<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p> +<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p> + <p>Sign in with a Google apps domain<br/> <input type="text" size="20" name="domain" value="example.com"/><br/> -<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p> + +<p>Sign in with your Livejournal account<br/> +<input type="text" size="10" name="ljuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p> + +<p>Sign in with your Blogspot account<br/> +<input type="text" size="10" name="bsuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p> + +<p>Sign in with your Blogger account<br/> +<input type="text" size="10" name="bguser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p> + <p>Sign in with an OpenID endpoint<br/> <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/> -<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p> + +<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p> +<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p> +</form> + +<form name="openIDSignin" action="/" method="GET"> +<input type="hidden" name="openid_identifier" value=""/> +</form> + +<form name="oauthSignin" action="/" method="GET"> +<input type="hidden" name="mod_oauth_authorize" value=""/> +<input type="hidden" name="mod_oauth_access_token" value=""/> +<input type="hidden" name="mod_oauth_client_id" value=""/> +<input type="hidden" name="mod_oauth_info" value=""/> +<input type="hidden" name="mod_oauth_step" value="authorize"/> </form> </body></html> diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html index e6b8c6fce3..16246cc621 100644 --- a/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html +++ b/sca-cpp/trunk/samples/store-cluster/htdocs/domains/joe/login/index.html @@ -17,7 +17,7 @@ under the License. --> -<html><body><h1>Sign in with an OpenID provider</h1> +<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1> <script type="text/javascript"> function queryParams() { @@ -31,8 +31,8 @@ function queryParams() { return qp; } -function openidReferrer() { - r = queryParams()['modauthopenid.referrer']; +function openauthReferrer() { + r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return r; q = r.indexOf('?'); @@ -41,17 +41,16 @@ function openidReferrer() { return r; } -if (typeof(openidReferrer()) == 'undefined') { +if (typeof(openauthReferrer()) == 'undefined') { document.location = '/'; } -function submitSignin(w) { - document.signin.openid_identifier.value = w(); - document.signin.action = openidReferrer(); - document.signin.submit(); +function submitOpenIDSignin(w) { + document.openIDSignin.openid_identifier.value = w(); + document.openIDSignin.action = openauthReferrer(); + document.openIDSignin.submit(); } - function withGoogle() { return 'https://www.google.com/accounts/o8/id'; } @@ -76,27 +75,84 @@ function withGoogleApps() { return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value; } +function withLivejournal() { + return 'http://' + document.fields.ljuser.value + '.livejournal.com'; +} + +function withBlogspot() { + return 'http://' + document.fields.bsuser.value + '.blogspot.com'; +} + +function withBlogger() { + return 'http://' + document.fields.bguser.value + '.blogger.com'; +} + function withXRDSEndpoint() { return document.fields.endpoint.value; } -</script> -<form name="signin" action="/" method="GET"> -<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/> -</form> +function submitOAuthSignin(w) { + parms = w(); + document.oauthSignin.mod_oauth_authorize.value = parms[0]; + document.oauthSignin.mod_oauth_access_token.value = parms[1]; + document.oauthSignin.mod_oauth_client_id.value = parms[2]; + document.oauthSignin.mod_oauth_info.value = parms[3]; + document.oauthSignin.action = openauthReferrer(); + document.oauthSignin.submit(); +} + +function withFacebook() { + var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me']; + return parms; +} + +function withGithub() { + var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show']; + return parms; +} +</script> <form name="fields"> -<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p> -<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p> -<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p> -<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p> -<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p> +<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p> +<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p> +<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p> +<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p> +<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p> + <p>Sign in with a Google apps domain<br/> <input type="text" size="20" name="domain" value="example.com"/><br/> -<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p> + +<p>Sign in with your Livejournal account<br/> +<input type="text" size="10" name="ljuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p> + +<p>Sign in with your Blogspot account<br/> +<input type="text" size="10" name="bsuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p> + +<p>Sign in with your Blogger account<br/> +<input type="text" size="10" name="bguser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p> + <p>Sign in with an OpenID endpoint<br/> <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/> -<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p> + +<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p> +<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p> +</form> + +<form name="openIDSignin" action="/" method="GET"> +<input type="hidden" name="openid_identifier" value=""/> +</form> + +<form name="oauthSignin" action="/" method="GET"> +<input type="hidden" name="mod_oauth_authorize" value=""/> +<input type="hidden" name="mod_oauth_access_token" value=""/> +<input type="hidden" name="mod_oauth_client_id" value=""/> +<input type="hidden" name="mod_oauth_info" value=""/> +<input type="hidden" name="mod_oauth_step" value="authorize"/> </form> </body></html> diff --git a/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html b/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html index e6b8c6fce3..16246cc621 100644 --- a/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html +++ b/sca-cpp/trunk/samples/store-cluster/htdocs/login/index.html @@ -17,7 +17,7 @@ under the License. --> -<html><body><h1>Sign in with an OpenID provider</h1> +<html><body><h1>Sign in with an OpenID or OAuth 2.0 provider</h1> <script type="text/javascript"> function queryParams() { @@ -31,8 +31,8 @@ function queryParams() { return qp; } -function openidReferrer() { - r = queryParams()['modauthopenid.referrer']; +function openauthReferrer() { + r = queryParams()['openauth_referrer']; if (typeof(r) == 'undefined') return r; q = r.indexOf('?'); @@ -41,17 +41,16 @@ function openidReferrer() { return r; } -if (typeof(openidReferrer()) == 'undefined') { +if (typeof(openauthReferrer()) == 'undefined') { document.location = '/'; } -function submitSignin(w) { - document.signin.openid_identifier.value = w(); - document.signin.action = openidReferrer(); - document.signin.submit(); +function submitOpenIDSignin(w) { + document.openIDSignin.openid_identifier.value = w(); + document.openIDSignin.action = openauthReferrer(); + document.openIDSignin.submit(); } - function withGoogle() { return 'https://www.google.com/accounts/o8/id'; } @@ -76,27 +75,84 @@ function withGoogleApps() { return 'https://www.google.com/accounts/o8/site-xrds?ns=2&hd=' + document.fields.domain.value; } +function withLivejournal() { + return 'http://' + document.fields.ljuser.value + '.livejournal.com'; +} + +function withBlogspot() { + return 'http://' + document.fields.bsuser.value + '.blogspot.com'; +} + +function withBlogger() { + return 'http://' + document.fields.bguser.value + '.blogger.com'; +} + function withXRDSEndpoint() { return document.fields.endpoint.value; } -</script> -<form name="signin" action="/" method="GET"> -<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/> -</form> +function submitOAuthSignin(w) { + parms = w(); + document.oauthSignin.mod_oauth_authorize.value = parms[0]; + document.oauthSignin.mod_oauth_access_token.value = parms[1]; + document.oauthSignin.mod_oauth_client_id.value = parms[2]; + document.oauthSignin.mod_oauth_info.value = parms[3]; + document.oauthSignin.action = openauthReferrer(); + document.oauthSignin.submit(); +} + +function withFacebook() { + var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'app1234', 'https://graph.facebook.com/me']; + return parms; +} + +function withGithub() { + var parms = ['https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/access_token', 'app2345', 'https://github.com/api/v2/json/user/show']; + return parms; +} +</script> <form name="fields"> -<p>Sign in with your Google account<br/><input type="button" onclick="submitSignin(withGoogle)" value="Sign in"/></p> -<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitSignin(withYahoo)" value="Sign in"/></p> -<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitSignin(withMyOpenID)" value="Sign in"/></p> -<p>Sign in with your Verisign account<br/><input type="button" onclick="submitSignin(withVerisign)" value="Sign in"/></p> -<p>Sign in with your MySpace account<br/><input type="button" onclick="submitSignin(withMySpace)" value="Sign in"/></p> +<p>Sign in with your Google account<br/><input type="button" onclick="submitOpenIDSignin(withGoogle)" value="Sign in"/></p> +<p>Sign in with your Yahoo account<br/><input type="button" onclick="submitOpenIDSignin(withYahoo)" value="Sign in"/></p> +<p>Sign in with your MyOpenID account<br/><input type="button" onclick="submitOpenIDSignin(withMyOpenID)" value="Sign in"/></p> +<p>Sign in with your Verisign account<br/><input type="button" onclick="submitOpenIDSignin(withVerisign)" value="Sign in"/></p> +<p>Sign in with your MySpace account<br/><input type="button" onclick="submitOpenIDSignin(withMySpace)" value="Sign in"/></p> + <p>Sign in with a Google apps domain<br/> <input type="text" size="20" name="domain" value="example.com"/><br/> -<input type="button" onclick="submitSignin(withGoogleApps)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withGoogleApps)" value="Sign in"/></p> + +<p>Sign in with your Livejournal account<br/> +<input type="text" size="10" name="ljuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withLivejournal)" value="Sign in"/></p> + +<p>Sign in with your Blogspot account<br/> +<input type="text" size="10" name="bsuser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogspot)" value="Sign in"/></p> + +<p>Sign in with your Blogger account<br/> +<input type="text" size="10" name="bguser" value=""/><br/> +<input type="button" onclick="submitOpenIDSignin(withBlogger)" value="Sign in"/></p> + <p>Sign in with an OpenID endpoint<br/> <input type="text" size="50" name="endpoint" value="https://www.google.com/accounts/o8/id"/><br/> -<input type="button" onclick="submitSignin(withXRDSEndpoint)" value="Sign in"/></p> +<input type="button" onclick="submitOpenIDSignin(withXRDSEndpoint)" value="Sign in"/></p> + +<p>Sign in with your Facebook account<br/><input type="button" onclick="submitOAuthSignin(withFacebook)" value="Sign in"/></p> +<p>Sign in with your Github account<br/><input type="button" onclick="submitOAuthSignin(withGithub)" value="Sign in"/></p> +</form> + +<form name="openIDSignin" action="/" method="GET"> +<input type="hidden" name="openid_identifier" value=""/> +</form> + +<form name="oauthSignin" action="/" method="GET"> +<input type="hidden" name="mod_oauth_authorize" value=""/> +<input type="hidden" name="mod_oauth_access_token" value=""/> +<input type="hidden" name="mod_oauth_client_id" value=""/> +<input type="hidden" name="mod_oauth_info" value=""/> +<input type="hidden" name="mod_oauth_step" value="authorize"/> </form> </body></html> diff --git a/sca-cpp/trunk/samples/store-cluster/server-ssl-conf b/sca-cpp/trunk/samples/store-cluster/server-ssl-conf index 37a654b805..0b54b5cbf3 100755 --- a/sca-cpp/trunk/samples/store-cluster/server-ssl-conf +++ b/sca-cpp/trunk/samples/store-cluster/server-ssl-conf @@ -32,6 +32,11 @@ tar -C tmp/ssl -c `../../modules/http/ssl-cert-find tmp/ssl` | tar -C $root -x ../../modules/http/vhost-ssl-conf $root #../../modules/http/httpd-auth-conf $root +../../modules/oauth/oauth-conf $root +../../modules/oauth/oauth-memcached-conf $root localhost 11211 +../../modules/oauth/oauth-memcached-conf $root localhost 11212 +../../modules/oauth/oauth-memcached-conf $root localhost 11213 +../../modules/oauth/oauth-app-conf $root app1234 secret6789 ../../modules/openid/openid-conf $root ../../modules/openid/openid-step2-conf $root ../../modules/openid/openid-memcached-conf $root localhost 11211 |