CouchDB
  1. CouchDB
  2. COUCHDB-1238

CouchDB uses _users db for storing oauth credentials

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.1
    • Fix Version/s: 1.2
    • Component/s: Database Core
    • Labels:
      None

      Description

      We want to store oauth credentials in the _users db, rather than in the .ini.

      1. git_commits_as_patch.zip
        16 kB
        Pete Vander Giessen
      2. oauth_users_db_patch.zip
        11 kB
        Pete Vander Giessen

        Activity

        Hide
        Pete Vander Giessen added a comment -

        Attached are a series of patches representing a git merge of fdmanana's work to the 1.1.x tree, followed by a rebase, and another merge, to catch up to commits made after I had done the initial merge.

        I also set couch to use the handler fdmanana created by default.

        Show
        Pete Vander Giessen added a comment - Attached are a series of patches representing a git merge of fdmanana's work to the 1.1.x tree, followed by a rebase, and another merge, to catch up to commits made after I had done the initial merge. I also set couch to use the handler fdmanana created by default.
        Hide
        Paul Joseph Davis added a comment -

        Can this get cleaned up to a patch or two? Or even a GitHub compare view link to see it as a single diff to get a first impression?

        Show
        Paul Joseph Davis added a comment - Can this get cleaned up to a patch or two? Or even a GitHub compare view link to see it as a single diff to get a first impression?
        Hide
        Filipe Manana added a comment -

        Pete,
        Thank you very much for doing it and testing it on the field.
        I'll look at the patches soon and on no objections I'll commit them to trunk only (it's quite a big new feature for 1.1.1).

        Show
        Filipe Manana added a comment - Pete, Thank you very much for doing it and testing it on the field. I'll look at the patches soon and on no objections I'll commit them to trunk only (it's quite a big new feature for 1.1.1).
        Hide
        Robert Newson added a comment -

        clarifying that new features go to 1.2, not 1.1.x

        Show
        Robert Newson added a comment - clarifying that new features go to 1.2, not 1.1.x
        Hide
        Filipe Manana added a comment -

        Pete, I had a quick look at them.

        It seems you extracted an early version that uses 2 separate views. Later on (and after having added other ubuntuone specific features), it was simplified to use a single view, that maps consumer key and access token to secrets and username. The relevant commit, branch oauth_delegation, is this one:

        https://github.com/fdmanana/ubuntuone-couchdb-server/commit/83d5045f867d019345fc5fd078710eb83189b12b#L2R405

        Do you think you can integrate it as well? Anything that's related to delegation should go away, as it's a completely different feature. I know it might be hairy to extract this optimization from the branch
        Thanks a lot, and let me know if you need some guidance

        Show
        Filipe Manana added a comment - Pete, I had a quick look at them. It seems you extracted an early version that uses 2 separate views. Later on (and after having added other ubuntuone specific features), it was simplified to use a single view, that maps consumer key and access token to secrets and username. The relevant commit, branch oauth_delegation, is this one: https://github.com/fdmanana/ubuntuone-couchdb-server/commit/83d5045f867d019345fc5fd078710eb83189b12b#L2R405 Do you think you can integrate it as well? Anything that's related to delegation should go away, as it's a completely different feature. I know it might be hairy to extract this optimization from the branch Thanks a lot, and let me know if you need some guidance
        Hide
        Pete Vander Giessen added a comment -

        I promised Jan that I'd work on this today. It looks like the scope has exploded a bit, though :-p

        Filipe's more elegant solution is probably the one to use, but it is in a codebase that won't merge cleanly with the main project. I'd be happy to make a go at doing a merge by hand at some point, but I'm crunching for a deadline at work. My brain is pretty melty tonight, and may be pretty melty for the rest of the week ... sorry about that :-/

        Show
        Pete Vander Giessen added a comment - I promised Jan that I'd work on this today. It looks like the scope has exploded a bit, though :-p Filipe's more elegant solution is probably the one to use, but it is in a codebase that won't merge cleanly with the main project. I'd be happy to make a go at doing a merge by hand at some point, but I'm crunching for a deadline at work. My brain is pretty melty tonight, and may be pretty melty for the rest of the week ... sorry about that :-/
        Hide
        Filipe Manana added a comment -

        Thanks again Pete.
        Yes, a manual merge is going to be needed in order to extract that optimization

        Show
        Filipe Manana added a comment - Thanks again Pete. Yes, a manual merge is going to be needed in order to extract that optimization
        Hide
        Pete Vander Giessen added a comment - - edited

        Per request, I ported Filipe's oauth users db code from ubuntuone to couch. In the attached zip (oauth_uses_db_patch.zip) is an updated couch_httpd_oauth.erl, a .patch of the changes, and a test file called oauth_users_db.js.

        What this code is: Filipe's code, with the ubuntuone specific delegation stuff stripped out. My Erlang fu is still pretty weak, so I may have done slightly naive stuff. Filipe: if you'd give it a once over to make sure nothing looks too terrible, I'd appreciate it.

        Note: I was having a hard time getting the new spidermonkey to compile on my box (OSX Snow Leopard). If anybody has any pointers to useful tips on getting it to work, I'd really appreciate them, too. Since there aren't any differences between trunk and 1.1.x in couch_httpd_oauth.erl, I went ahead and wrote and tested this against 1.1.x. It should work just fine in trunk. I'm going to work on getting trunk to compile to make doubly sure, but since the code very probably works just fine, I wanted to get it posted here, without further delay.

        Show
        Pete Vander Giessen added a comment - - edited Per request, I ported Filipe's oauth users db code from ubuntuone to couch. In the attached zip (oauth_uses_db_patch.zip) is an updated couch_httpd_oauth.erl, a .patch of the changes, and a test file called oauth_users_db.js. What this code is: Filipe's code, with the ubuntuone specific delegation stuff stripped out. My Erlang fu is still pretty weak, so I may have done slightly naive stuff. Filipe: if you'd give it a once over to make sure nothing looks too terrible, I'd appreciate it. Note: I was having a hard time getting the new spidermonkey to compile on my box (OSX Snow Leopard). If anybody has any pointers to useful tips on getting it to work, I'd really appreciate them, too. Since there aren't any differences between trunk and 1.1.x in couch_httpd_oauth.erl, I went ahead and wrote and tested this against 1.1.x. It should work just fine in trunk. I'm going to work on getting trunk to compile to make doubly sure, but since the code very probably works just fine, I wanted to get it posted here, without further delay.
        Hide
        Filipe Manana added a comment -

        Thanks Pete, you're help is very much appreciated
        I'll have a look at it soon.

        Show
        Filipe Manana added a comment - Thanks Pete, you're help is very much appreciated I'll have a look at it soon.
        Hide
        Filipe Manana added a comment -

        Pete, I rebased the patch with latest trunk and made some necessary small reorganizations to make it more compliant with the current codebase.
        Let me know if you agree with it.

        I also added a documentation comment in the .ini file.
        Here's the modified patch:
        https://github.com/fdmanana/couchdb/compare/oauth_users_db

        I'll wait for peer review

        Show
        Filipe Manana added a comment - Pete, I rebased the patch with latest trunk and made some necessary small reorganizations to make it more compliant with the current codebase. Let me know if you agree with it. I also added a documentation comment in the .ini file. Here's the modified patch: https://github.com/fdmanana/couchdb/compare/oauth_users_db I'll wait for peer review
        Hide
        Pete Vander Giessen added a comment -

        @Filipe (just realized that I misspelled your name twice in my last comment; fixed now – sorry): you are the expert. Any changes that you deem necessary are fine by me (And reading through the code, it looks like all the changes you made make things better.)

        Let me know if I need to do anything else on this one – happy to help in any way I can.

        Show
        Pete Vander Giessen added a comment - @Filipe (just realized that I misspelled your name twice in my last comment; fixed now – sorry): you are the expert. Any changes that you deem necessary are fine by me (And reading through the code, it looks like all the changes you made make things better.) Let me know if I need to do anything else on this one – happy to help in any way I can.
        Hide
        Filipe Manana added a comment -

        Applied to master and branch 1.2.x (revisions d01faab3f464ff0806f4ad9f4166ca7a498a4866 and e768eb2d504824fa209cc19330850dd2244e541b).

        Some documentation left in the commit message and soon more to be added to the wiki.

        Show
        Filipe Manana added a comment - Applied to master and branch 1.2.x (revisions d01faab3f464ff0806f4ad9f4166ca7a498a4866 and e768eb2d504824fa209cc19330850dd2244e541b). Some documentation left in the commit message and soon more to be added to the wiki.

          People

          • Assignee:
            Filipe Manana
            Reporter:
            Pete Vander Giessen
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development