[COUCHDB-1321] Vars in Rewrite rules break OAuth authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.1
Fix Version/s: 1.2, 1.3
Component/s: HTTP Interface
Labels:
None
Environment:

Ubuntu

Description

When a rewrite rule containing a var ( such as /:name/myfunction ) matches an incoming request then an additional query param gets created. Unfortunately this new query param gets included in the Signature Base String when the OAuth code generates its version of the request signature to validate the incoming request it causing authentication to fail.

To fix this isn't straightforward. When a VHost is configured there is a handy copy of the original URL in (x-couchdb-vhost-path) that can be used to generate the Signature Base String, unfortunately if there isn't a VHost no such copy exists.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-Fix-OAuth-that-broke-with-parameters-in-rewrites.patch
12/Nov/11 23:51
5 kB
Klaus Trainer

Activity

People

Assignee:: Unassigned

Reporter:: Martin Higham

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 28/Oct/11 14:53

Updated:: 13/Nov/11 12:30

Resolved:: 13/Nov/11 12:30