archive/apache-tuscany
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Change authentication scheme from Form based auth to OpenID + OAuth.

Browse source 
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1201614 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
jsdelfino 2011-11-14 07:10:15 +00:00
commit 4bf0a7052b
39 changed files with 267 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

6
sca-cpp/trunk/.gitignore vendored
View file

@ -56,7 +56,7 @@ m4/
config.guess
config.sub
config.status
*config.js
config.js
all.js
*-min.html
*-min.js
@ -93,7 +93,7 @@ doxygen
*.jar
*.prefix
*.crt
*.patch
/*.patch
index.yaml
core
gen-cpp/
@ -135,7 +135,7 @@ scribe-cat
js-test
js-eval
file-test
test-start
test-start*
xml-value
value-xml
json-value

9
sca-cpp/trunk/README
View file

@ -15,9 +15,9 @@ can be used to help assemble distributed SCA composite applications:
Cache: key/value memory cache, using Memcached;
Chat: XMPP chat, using Apache Vysper and Libstrophe;
Constdb: fast persistent store for mostly constant data, using TinyCDB;
Filedb: key/value 'NoSQL' persistent store, using plain files;
Filedb: key/value persistent store, using plain files;
Http: HTTP client, using Libcurl;
Kvdb: fast key/value 'NoSQL' persistent store, using LevelDB;
Kvdb: fast key/value persistent store, using LevelDB;
Log: distributed logger, using Facebook Scribe;
Queue: AMQP queuing, using Apache Qpid/C;
Sqldb: SQL database, using PostgreSQL;
@ -77,9 +77,9 @@ Here's a rough guide to the Tuscany SCA source tree:
| | |-- cache Memcached key/value cache
| | |-- chat XMPP chat
| | |-- constdb TinyCDB constant persistent store
| | |-- filedb Plain file NoSQL persistent store
| | |-- filedb Plain file persistent store
| | |-- http HTTP client
| | |-- kvdb LevelDB NoSQL persistent store
| | |-- kvdb LevelDB key/value persistent store
| | |-- log Scribe logger
| | |-- queue AMQP message queue
| | |-- sqldb PostgreSQL database
@ -98,6 +98,7 @@ Here's a rough guide to the Tuscany SCA source tree:
| |
| |-- macos Automated install on Mac OS X 10.1.7
| |-- ubuntu Automated install on Ubuntu 10.10
| |-- patches Temporary patches to some of the dependencies
|
|-- branches Topic and release branches
|

16
sca-cpp/trunk/macos/macos-install
View file

@ -105,7 +105,8 @@ curl -OL http://memcached.googlecode.com/files/memcached-1.4.7.tar.gz
tar xzf memcached-1.4.7.tar.gz
cd memcached-1.4.7
# http://code.google.com/p/memcached/issues/detail?id=218
patch -p0<$build/../memcached-1.4.7.patch
curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/memcached-1.4.7.patch
patch -p0 <memcached-1.4.7.patch
autoreconf --install
./configure --with-libevent=$build/libevent-2.0.13-stable-bin --prefix=$build/memcached-1.4.7-bin
make
@ -265,10 +266,13 @@ if [ "$?" != "0" ]; then
exit $?
fi
cd $build
curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.1.tar.gz/download -o modsecurity-crs_2.2.1.tar.gz
tar xzf modsecurity-crs_2.2.1.tar.gz
cp -R $build/modsecurity-crs_2.2.1/base_rules $build/modsecurity-apache-2.6.1-bin
cp -R $build/modsecurity-crs_2.2.1/optional_rules $build/modsecurity-apache-2.6.1-bin
curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz/download -o modsecurity-crs_2.2.2.tar.gz
tar xzf modsecurity-crs_2.2.2.tar.gz
cd modsecurity-crs_2.2.2
curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
patch -p0 <modsecurity-crs_2.2.2.patch
cp -R base_rules $build/modsecurity-apache-2.6.1-bin
cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
if [ "$?" != "0" ]; then
exit $?
fi
@ -305,7 +309,7 @@ fi
cd $build
# Create src archive
tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.1 modsecurity-crs_2.2.1.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin
tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.2 modsecurity-crs_2.2.2.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin
# Create bin archive
tar czf tuscany-sca-cpp-1.0.tar.gz apr-1.4.x-bin curl-7.19.5-bin expat-2.0.1-bin htmltidy-bin httpd-2.3.15-bin js-1.8.5-bin libcloud-0.4.2-bin libevent-2.0.13-stable-bin liboauth-0.9.1-bin libopkele-bin libstrophe-bin libxml2-2.7.7-bin memcached-1.4.7-bin mod-auth-openid-bin modsecurity-apache-2.6.1-bin nspr-4.8.8-bin nuvem/nuvem-parallel pcre-8.12-bin tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin

14
sca-cpp/trunk/modules/edit/Makefile.am
View file

@ -20,16 +20,16 @@ if WANT_PYTHON
moddir = $(prefix)/modules/edit
dist_mod_SCRIPTS = start stop ssl-start mkapplinks
BUILT_SOURCES = htdocs/headconfig.js htdocs/footconfig.js
htdocs/headconfig.js:
touch htdocs/headconfig.js
BUILT_SOURCES = htdocs/config.js htdocs/public/config.js
htdocs/config.js:
touch htdocs/config.js
htdocs/footconfig.js:
touch htdocs/footconfig.js
htdocs/public/config.js:
touch htdocs/public/config.js
not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/notfound/index.html htdocs/oops/index.html htdocs/graph/index.html htdocs/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/headconfig.js htdocs/footconfig.js
not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/public/notfound/index.html htdocs/public/oops/index.html htdocs/graph/index.html htdocs/public/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/public/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/config.js htdocs/public/config.js
minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/notfound/index-min.html htdocs/oops/index-min.html htdocs/graph/index-min.html htdocs/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/headconfig-min.js htdocs/footconfig-min.js
minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/public/notfound/index-min.html htdocs/public/oops/index-min.html htdocs/graph/index-min.html htdocs/public/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/public/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/config-min.js htdocs/public/config-min.js
resources = edit.composite *.py htdocs/*.cmf htdocs/*.ico htdocs/home/*.png htdocs/app/*.cmf htdocs/home/*.b64 htdocs/*.txt htdocs/public/*.png htdocs/public/*.b64 palettes/*/palette.composite accounts/*/*.account apps/*/app.composite apps/*/app.stats apps/*/htdocs/app.html dashboards/*/user.apps store/*/store.apps ${not_minified} ${minified}

2
sca-cpp/trunk/modules/edit/accounts.py
View file

@ -25,7 +25,7 @@ def accountid(user):
# Get the current user's account
def get(id, user, cache):
account = cache.get(accountid(user))
if isNil(account):
if isNil(account) or account is None:
return ()
return account

2
sca-cpp/trunk/modules/edit/apps.py
View file

@ -56,7 +56,7 @@ def get(id, cache, store, composites, pages):
if isNil(id):
return (("'feed", ("'title", "Apps"), ("'id", "apps")),)
app = cache.get(appid(id));
if (isNil(app) or app is None):
if isNil(app) or app is None:
return (("'entry", ("'title", car(id)), ("'id", car(id))),)
return app

2
sca-cpp/trunk/modules/edit/composites.py
View file

@ -33,7 +33,7 @@ def get(id, cache):
if isNil(id):
return (("'feed", ("'title", "Composites"), ("'id", "composites")),)
app = cache.get(appid(id));
if (isNil(app) or app is None):
if isNil(app) or app is None:
return (("'entry", ("'title", car(id)), ("'id", car(id))),)
return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(app))),)

2
sca-cpp/trunk/modules/edit/dashboards.py
View file

@ -25,7 +25,7 @@ def dashboardid(user):
# Get a dashboard from the cache
def getdashboard(id, cache):
dashboard = cache.get(id)
if isNil(dashboard):
if isNil(dashboard) or dashboard is None:
return ()
return dashboard

8
sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf
View file

@ -4,12 +4,12 @@ CACHE MANIFEST
# App resources
/favicon.ico
/notauth/
/notfound/
/notyet/
/oops/
/public/iframe-min.html
/public/img.png
/public/notauth/
/public/notfound/
/public/notyet/
/public/oops/
/public/touchicon.png
NETWORK:

20
sca-cpp/trunk/modules/edit/htdocs/app/index.html
View file

@ -48,6 +48,8 @@ appcache.get = function(uri) {
if (http.status == 200) {
if (http.getResponseHeader("X-Login") != null) {
if (log) log('http error', u, 'X-Login');
// Redirect to login page if not signed in
document.location = '/login/';
return null;
} else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) {
if (log) log('http error', u, 'No-Content');
@ -57,6 +59,9 @@ appcache.get = function(uri) {
return http.responseText;
}
if (log) log('http error', u, http.status, http.statusText);
// Redirect to login page if not signed in
if (http.status == 403)
document.location = '/login/';
return null;
};
@ -69,6 +74,10 @@ appcache.get = function(uri) {
document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
})();
// Redirect to login page if not signed in
if (document.location.protocol == 'https:' && !ui.signedin())
document.location = '/login/';
</script>
</head>
<body class="delayed" onload="onload();">
@ -77,7 +86,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js')));
})();
</script>
</div>
@ -117,8 +126,8 @@ var locationcomp = sca.httpclient('location', '/' + appname + '/location');
var appresources = [
['/all-min.js'],
['/ui-min.css'],
['/footconfig-min.js'],
['/headconfig-min.js'],
['/config-min.js'],
['/public/config-min.js']
];
/**
@ -889,11 +898,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

8
sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf
View file

@ -5,12 +5,12 @@ CACHE MANIFEST
# App resources
/
/favicon.ico
/notauth/
/notfound/
/notyet/
/oops/
/public/iframe-min.html
/public/img.png
/public/notauth/
/public/notfound/
/public/notyet/
/public/oops/
/public/touchicon.png
NETWORK:

24
sca-cpp/trunk/modules/edit/htdocs/index.html
View file

@ -48,6 +48,8 @@ appcache.get = function(uri) {
if (http.status == 200) {
if (http.getResponseHeader("X-Login") != null) {
if (log) log('http error', u, 'X-Login');
// Redirect to login page if not signed in
document.location = '/login/';
return null;
} else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) {
if (log) log('http error', u, 'No-Content');
@ -57,6 +59,9 @@ appcache.get = function(uri) {
return http.responseText;
}
if (log) log('http error', u, http.status, http.statusText);
// Redirect to login page if not signed in
if (http.status == 403)
document.location = '/login/';
return null;
};
@ -69,6 +74,10 @@ appcache.get = function(uri) {
document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
})();
// Redirect to login page if not signed in
if (document.location.protocol == 'https:' && !ui.signedin())
document.location = '/login/';
</script>
</head>
<body class="delayed" onload="onload();">
@ -77,7 +86,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js')));
})();
</script>
</div>
@ -117,13 +126,13 @@ var appresources = [
['/account/', 'flip'],
['/clone/', 'flip'],
['/create/', 'flip'],
['/footconfig-min.js'],
['/graph/', 'flip'],
['/headconfig-min.js'],
['/config-min.js'],
['/home/', 'right'],
['/home/home.b64'],
['/page/', 'flip'],
['/public/app.b64'],
['/public/config-min.js'],
['/public/grid72.b64'],
['/public/iframe-min.html'],
['/public/img.b64'],
@ -249,7 +258,9 @@ function showmenu(mdiv, view, appname) {
ui.menu('Stats', '/#view=stats&app=' + appname, '_view', view == 'stats'),
ui.menu('Page', '/#view=page&app=' + appname, '_view', view == 'page'),
ui.menu(isNil(config.compose)? 'Composition' : config.compose, '/#view=graph&app=' + appname, '_view', view == 'graph'))),
mklist(ui.menu('Account', '/#view=account', '_view', view == 'account'), ui.menu('Sign out', '/logout/', '_self', false)));
mklist(
ui.menu('Account', '/#view=account', '_view', view == 'account'),
ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
/**
@ -486,11 +497,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

97
sca-cpp/trunk/modules/edit/htdocs/login/index.html
View file

@ -32,7 +32,8 @@
<h1>Sign in</h1>
<form name="formSignin" onsubmit="submitSignin();" method="POST" action="/login/dologin/">
<!--
<form name="passwordSignin" onsubmit="submitPasswordSignin();" method="POST" action="/login/dologin/">
<table border="0">
<tr><td><b>Username:</b></td></tr>
<tr><td><input type="text" id="httpd_username" name="httpd_username" value="" size="15" autocapitalize="off" placeholder="Enter your user name" style="width: 300px;"/></td></tr>
@ -42,6 +43,33 @@
</table>
<input type="hidden" name="httpd_location" value="/"/>
</form>
-->
<form name="openIDForm">
<table border="0">
<tr><td><b>Sign in with your Google account</b></td></tr>
<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOpenIDSignin(withGoogle)"/></td></tr>
</table>
</form>
<form name="oauth2Form">
<table border="0">
<tr><td><b>Sign in with your Facebook account</b></td></tr>
<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withFacebook)"/></td></tr>
</table>
</form>
<form name="openIDSignin" action="/" method="GET">
<input type="hidden" name="openid_identifier" value=""/>
</form>
<form name="oauth2Signin" action="/" method="GET">
<input type="hidden" name="mod_oauth2_authorize" value=""/>
<input type="hidden" name="mod_oauth2_access_token" value=""/>
<input type="hidden" name="mod_oauth2_client_id" value=""/>
<input type="hidden" name="mod_oauth2_info" value=""/>
<input type="hidden" name="mod_oauth2_step" value="authorize"/>
</form>
<script type="text/javascript">
function queryParams() {
@ -55,7 +83,7 @@ function queryParams() {
return qp;
}
function oauthReferrer() {
function formReferrer() {
r = queryParams()['openauth_referrer'];
if (typeof(r) == 'undefined')
return '/';
@ -68,11 +96,68 @@ function oauthReferrer() {
return r;
}
function submitSignin() {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/';
function openauthReferrer() {
r = queryParams()['openauth_referrer'];
if (typeof(r) == 'undefined')
return '/';
q = r.indexOf('?');
if (q > 0)
return r.substring(0, q);
return r;
}
/**
* Signin with a userid and password.
*/
function submitPasswordSignin() {
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
document.cookie = reset;
document.formSignin.httpd_location.value = oauthReferrer();
document.formSignin.submit();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
document.passwordSignin.httpd_location.value = formReferrer();
document.passwordSignin.submit();
}
/**
* Signin with OpenID.
*/
function submitOpenIDSignin(w) {
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
document.cookie = reset;
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
document.openIDSignin.openid_identifier.value = w();
document.openIDSignin.action = openauthReferrer();
document.openIDSignin.submit();
}
function withGoogle() {
return 'https://www.google.com/accounts/o8/id';
}
/**
* Signin with OAuth 2.0.
*/
function submitOAuth2Signin(w) {
parms = w();
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
document.cookie = reset;
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
document.oauth2Signin.mod_oauth2_client_id.value = parms[2];
document.oauth2Signin.mod_oauth2_info.value = parms[3];
document.oauth2Signin.action = openauthReferrer();
document.oauth2Signin.submit();
}
function withFacebook() {
var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'facebook.com', 'https://graph.facebook.com/me'];
return parms;
}
/**

8
sca-cpp/trunk/modules/edit/htdocs/logout/index.html
View file

@ -32,16 +32,18 @@
<h1>Sign out</h1>
<form name="signout" onsubmit="submitSignout();" action="/" method="GET">
<form name="signout" onsubmit="submitSignout();" action="/login/" method="GET">
<input type="submit" id="signOut" value="Sign out" class="graybutton" style="font-weight: bold"/>
</form>
<script type="text/javascript">
function submitSignout() {
// Clear session cookie and local storage
// Clear session cookie and user-specific local storage entries
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
document.cookie = reset;
localStorage.clear();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
document.signout.submit();
return true;
}

11
sca-cpp/trunk/modules/edit/htdocs/notauth/index.html → sca-cpp/trunk/modules/edit/htdocs/public/notauth/index.html
View file

@ -76,7 +76,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
})();
</script>
</div>
@ -109,8 +109,8 @@ var cdiv = $('content');
*/
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
mklist(ui.menu('Home', '/', '_view', false)),
mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@ -145,11 +145,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

11
sca-cpp/trunk/modules/edit/htdocs/notfound/index.html → sca-cpp/trunk/modules/edit/htdocs/public/notfound/index.html
View file

@ -76,7 +76,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
})();
</script>
</div>
@ -110,8 +110,8 @@ var cdiv = $('content');
*/
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
mklist(ui.menu('Home', '/', '_view', false)),
mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@ -146,11 +146,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

11
sca-cpp/trunk/modules/edit/htdocs/notyet/index.html → sca-cpp/trunk/modules/edit/htdocs/public/notyet/index.html
View file

@ -76,7 +76,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
})();
</script>
</div>
@ -110,8 +110,8 @@ var cdiv = $('content');
*/
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
mklist(ui.menu('Home', '/', '_view', false)),
mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@ -146,11 +146,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

11
sca-cpp/trunk/modules/edit/htdocs/oops/index.html → sca-cpp/trunk/modules/edit/htdocs/public/oops/index.html
View file

@ -76,7 +76,7 @@ appcache.get = function(uri) {
<div id="headdiv" class="hsection">
<script type="text/javascript">
(function() {
$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
})();
</script>
</div>
@ -109,8 +109,8 @@ var cdiv = $('content');
*/
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
mklist(ui.menu('Home', '/', '_view', false)),
mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@ -145,11 +145,6 @@ function onload() {
</script>
<div id="footdiv" class="fsection">
<script type="text/javascript">
(function() {
$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
})();
</script>
</div>
</div>

2
sca-cpp/trunk/modules/edit/pages.py
View file

@ -33,7 +33,7 @@ def get(id, cache):
if isNil(id):
return (("'feed", ("'title", "Pages"), ("'id", "pages")),)
xhtml = cache.get(appid(id))
if (isNil(xhtml) or xhtml is None):
if isNil(xhtml) or xhtml is None:
return (("'entry", ("'title", car(id)), ("'id", car(id))),)
return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(xhtml))),)

41
sca-cpp/trunk/modules/edit/ssl-start
View file

@ -32,11 +32,30 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
../../modules/http/httpd-event-conf tmp
../../modules/http/httpd-ssl-conf tmp 8453
# Configure authentication
../../modules/http/open-auth-conf tmp
../../modules/http/passwd-auth-conf tmp john john
../../modules/http/passwd-auth-conf tmp jane jane
../../modules/http/passwd-auth-conf tmp admin admin
# Configure password authentication
#../../modules/http/open-auth-conf tmp
#../../modules/http/passwd-auth-conf tmp john john
#../../modules/http/passwd-auth-conf tmp jane jane
#../../modules/http/passwd-auth-conf tmp admin admin
# Configure OAuth authentication
# Configure your OAuth app keys here
../../modules/oauth/oauth-conf tmp
../../modules/oauth/oauth-memcached-conf tmp sca-store.com 11212
../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890
# Configure OpenID step2 authentication
../../modules/openid/openid-conf tmp
../../modules/openid/openid-step2-conf tmp
../../modules/openid/openid-memcached-conf tmp sca-store.com 11212
# Configure authorized users
#../../modules/http/group-auth-conf tmp john
#../../modules/http/group-auth-conf tmp jane
#../../modules/http/group-auth-conf tmp admin
# Configure your OpenID and OAuth ids here
../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=45678
../../modules/http/group-auth-conf tmp 23456789
# Configure mod-security
../../modules/http/mod-security-conf tmp
@ -48,9 +67,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
# Configure error pages
cat >>tmp/conf/svhost-ssl.conf <<EOF
# Error pages
ErrorDocument 404 /notfound/
ErrorDocument 401 /notauth/
ErrorDocument 500 /oops/
ErrorDocument 404 /public/notfound/
ErrorDocument 401 /public/notauth/
ErrorDocument 500 /public/oops/
ErrorDocument 405 /public/oops/
EOF
@ -100,8 +120,9 @@ EOF
mkdir -p tmp/appdata/filedb
# Start memcached
../../components/cache/memcached-start
../../components/cache/memcached-start 11211
../../components/cache/memcached-start 11212
# Start server
../http/httpd-start tmp
../../modules/http/httpd-start tmp

10
sca-cpp/trunk/modules/edit/start
View file

@ -34,9 +34,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
# Configure error pages
cat >>tmp/conf/svhost.conf <<EOF
# Error pages
ErrorDocument 404 /notfound/
ErrorDocument 401 /notauth/
ErrorDocument 500 /oops/
ErrorDocument 404 /public/notfound/
ErrorDocument 401 /public/notauth/
ErrorDocument 500 /public/oops/
ErrorDocument 405 /public/oops/
EOF
@ -86,7 +87,8 @@ mkdir -p tmp/appdata/filedb
# Start memcached
../../components/cache/memcached-start 11211
../../components/cache/memcached-start 11212
# Start server
../http/httpd-start tmp
../../modules/http/httpd-start tmp

3
sca-cpp/trunk/modules/edit/stop
View file

@ -17,6 +17,7 @@
# specific language governing permissions and limitations
# under the License.
../http/httpd-stop tmp
../../modules/http/httpd-stop tmp
../../components/cache/memcached-stop 11211
../../components/cache/memcached-stop 11212

2
sca-cpp/trunk/modules/edit/store.py
View file

@ -25,7 +25,7 @@ def storeid(tag):
# Get a store from the cache
def getstore(id, cache):
store = cache.get(id)
if isNil(store):
if isNil(store) or store is None:
return ()
return store

5
sca-cpp/trunk/modules/http/httpd-conf
View file

@ -267,6 +267,11 @@ AuthUserFile "$root/conf/httpd.passwd"
Require all granted
</Location>
# Mark login page with a header
<Location /login>
Header set X-Login open-auth
</Location>
EOF
# Create password and group files

1
sca-cpp/trunk/modules/http/httpd.hpp
View file

@ -603,6 +603,7 @@ const int externalRedirect(const string& uri, request_rec* r) {
debug(uri, "httpd::externalRedirect");
r->status = HTTP_MOVED_TEMPORARILY;
apr_table_setn(r->headers_out, "Location", apr_pstrdup(r->pool, c_str(uri)));
apr_table_setn(r->headers_out, "Cache-Control", "no-cache");
r->filename = apr_pstrdup(r->pool, c_str(string("/redirect:/") + uri));
return HTTP_MOVED_TEMPORARILY;
}

7
sca-cpp/trunk/modules/http/open-auth-conf
View file

@ -35,7 +35,7 @@ cat >>$root/conf/auth.conf <<EOF
AuthType Open
AuthName "$host"
Session On
SessionCookieName TuscanyOpenAuth domain=.$host; path=/; max-age=31556926
SessionCookieName TuscanyOpenAuth domain=.$host; path=/
SessionCryptoPassphrase $pw
AuthOpenAuth On
AuthOpenAuthLoginPage /login
@ -53,10 +53,5 @@ Require valid-user
SetHandler form-login-handler
</Location>
# Mark login page with a header
<Location /login>
Header set X-Login open-auth
</Location>
EOF

2
sca-cpp/trunk/modules/http/openauth.hpp
View file

@ -77,7 +77,7 @@ const string cookie(const string& sid, const string& domain) {
const time_t t = time(NULL) + 86400;
char exp[32];
strftime(exp, 32, "%a, %d-%b-%Y %H:%M:%S GMT", gmtime(&t));
const string c = string("TuscanyOpenAuth=") + sid + ";domain=." + domain + ";path=/;expires=" + string(exp) + ";secure=TRUE";
const string c = string("TuscanyOpenAuth=") + sid + "; expires=" + string(exp) + "; domain=." + domain + "; path=/";
debug(c, "openauth::cookie");
return c;
}

7
sca-cpp/trunk/modules/js/htdocs/ui.js
View file

@ -192,6 +192,13 @@ ui.windowtitle = function(host) {
return d.substr(0, 1).toUpperCase() + d.substr(1);
};
/**
* Return true if the session cookie contains signin information.
*/
ui.signedin = function() {
return !isNil(document.cookie) && document.cookie.indexOf('TuscanyOpenAuth=') != -1;
};
/**
* Convert a CSS position to a numeric position.
*/

4
sca-cpp/trunk/modules/oauth/htdocs/login/index.html
View file

@ -57,7 +57,7 @@ if (typeof(oauthReferrer()) == 'undefined') {
function submitSignin2(w) {
parms = w();
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.signin2.mod_oauth2_authorize.value = parms[0];
document.signin2.mod_oauth2_access_token.value = parms[1];
@ -79,7 +79,7 @@ function withGithub() {
function submitSignin1(w) {
parms = w();
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.signin1.mod_oauth1_request_token.value = parms[0];
document.signin1.mod_oauth1_authorize.value = parms[1];

8
sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
View file

@ -30,7 +30,7 @@
<script type="text/javascript">
function submitFormSignin() {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.formSignin.httpd_location.value = '/';
document.formSignin.submit();
@ -62,7 +62,7 @@ if (typeof(openauthReferrer()) == 'undefined') {
}
function submitOpenIDSignin(w) {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.openIDSignin.openid_identifier.value = w();
document.openIDSignin.action = openauthReferrer();
@ -111,7 +111,7 @@ function withXRDSEndpoint() {
function submitOAuth2Signin(w) {
parms = w();
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
@ -133,7 +133,7 @@ function withGithub() {
function submitOAuth1Signin(w) {
parms = w();
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.oauth1Signin.mod_oauth1_request_token.value = parms[0];
document.oauth1Signin.mod_oauth1_authorize.value = parms[1];

2
sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
View file

@ -32,7 +32,7 @@
<form name="signout" action="/login" method="GET">
<script type="text/javascript">
function submitSignout() {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + window.location.hostname + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.signout.submit();
return true;

19
sca-cpp/trunk/modules/oauth/oauth-conf
View file

@ -41,6 +41,12 @@ LoadModule mod_tuscany_oauth2 $here/libmod_tuscany_oauth2$libsuffix
EOF
cat >$root/cert/oauth-keys.conf <<EOF
# Generated by: oauth-conf $*
# OAuth App keys
EOF
cat >>$root/conf/auth.conf <<EOF
# Generated by: oauth-conf $*
# Enable OAuth authentication
@ -54,13 +60,14 @@ Require valid-user
# Configure OAuth App keys
Include $root/cert/oauth-keys.conf
EOF
if [ -d "$HOME/.oauth" ]; then
cat >>$root/conf/auth.conf <<EOF
# Configure OAuth App keys
Include $HOME/.oauth/*-key.conf
EOF
cat >$root/cert/oauth-keys.conf <<EOF
# Generated by: oauth-conf $*
# OAuth App keys
EOF
fi

2
sca-cpp/trunk/modules/openid/htdocs/login/index.html
View file

@ -56,7 +56,7 @@ if (typeof(openidReferrer()) == 'undefined') {
}
function submitSignin(w) {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.signin.openid_identifier.value = w();
document.signin.action = openidReferrer();

2
sca-cpp/trunk/modules/openid/htdocs/logout/index.html
View file

@ -32,7 +32,7 @@
<form name="signout" action="/login" method="GET">
<script type="text/javascript">
function submitSignout() {
var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
document.cookie = reset;
document.signout.submit();
return true;

3
sca-cpp/trunk/modules/openid/openid-conf
View file

@ -44,8 +44,7 @@ Require valid-user
AuthOpenIDEnabled On
AuthOpenIDCookiePath /
AuthOpenIDCookieName TuscanyOpenAuth
AuthOpenIDSecureCookie On
AuthOpenIDLoginPage /login
AuthOpenIDLoginPage /login/
AuthOpenIDAXAdd EMAIL http://axschema.org/contact/email
AuthOpenIDAXAdd FULLNAME http://axschema.org/namePerson
AuthOpenIDAXAdd NICKNAME http://axschema.org/namePerson/friendly

0
sca-cpp/trunk/macos/memcached-1.4.7.patch → sca-cpp/trunk/patches/memcached-1.4.7.patch
View file

8
sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch Normal file
View file

@ -0,0 +1,8 @@
--- base_rules/modsecurity_crs_40_generic_attacks.conf
+++ base_rules/modsecurity_crs_40_generic_attacks.conf
164,165c164,165
< SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
< "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"
---
> #SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
> # "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"

7
sca-cpp/trunk/ubuntu/ubuntu-install
View file

@ -237,8 +237,11 @@ fi
cd $build
curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz
tar xzf modsecurity-crs_2.2.2.tar.gz
cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin
cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin
cd modsecurity-crs_2.2.2
curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
patch -p0 <modsecurity-crs_2.2.2.patch
cp -R base_rules $build/modsecurity-apache-2.6.1-bin
cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
if [ "$?" != "0" ]; then
exit $?
fi

7
sca-cpp/trunk/ubuntu/ubuntu-install-all
View file

@ -291,8 +291,11 @@ fi
cd $build
curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz
tar xzf modsecurity-crs_2.2.2.tar.gz
cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin
cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin
cd modsecurity-crs_2.2.2
curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
patch -p0 <modsecurity-crs_2.2.2.patch
cp -R base_rules $build/modsecurity-apache-2.6.1-bin
cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
if [ "$?" != "0" ]; then
exit $?
fi