Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
2 weeks, but work is already done
Description
Add support for OAuth authentication, supporting these requirements:
a) - Support for three standard OAuth URIs
1) - request token URI
2) - authorization URI, presents authorization page if appropriate
3) - access token servlet URI
b) - Support for OAuth authentication in AtomPub servlet
c) - Ability to enable and disable AtomPut from Server Admin page
d) - Ability to choose either OAuth, BASIC, WSSE or authentication for AtomPub
e) - Addition of an OAuth page that appears when OAuth is enabled
1) allows users to access the key and secret they need to authorized AtomPub clients
2) allows admins to access the site-wide key and secret needed to authorize 3rd party sites
The implementation creates these new tables:
– each record is an OAuth consumer key and secret, can be tied to just one user
create table rol_oauthconsumer (
consumerkey varchar(48) not null primary key,
consumersecret varchar(48) not null,
username varchar(48)
);
create index oc_username_idx on rol_oauthconsumer( username$!db.INDEXSIZE );
create index oc_consumerkey_idx on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );
– each record is an OAuth accessor, always tied to just one user
create table rol_oauthaccessor (
consumerkey varchar(48) not null primary key,
requesttoken varchar(48),
accesstoken varchar(48),
tokensecret varchar(48),
created $db.TIMESTAMP_SQL_TYPE not null,
updated $db.TIMESTAMP_SQL_TYPE not null,
username varchar(48) not null,
authorized $db.BOOLEAN_SQL_TYPE_FALSE
);
create index oa_consumerkey_idx on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );
The implementation adds these new jars:
commons-httpclient-3.1.jar
httpclient-4.0-beta1.jar
httpcore-4.0-beta2.jar
oauth-core-20090121.jar