Uploaded image for project: 'Apache Roller'
  1. Apache Roller
  2. ROL-1798

Support for OAuth authentication for AtomPub and other resources


    • Level of effort:
      2 weeks, but work is already done


      Add support for OAuth authentication, supporting these requirements:

      a) - Support for three standard OAuth URIs
      1) - request token URI
      2) - authorization URI, presents authorization page if appropriate
      3) - access token servlet URI

      b) - Support for OAuth authentication in AtomPub servlet

      c) - Ability to enable and disable AtomPut from Server Admin page

      d) - Ability to choose either OAuth, BASIC, WSSE or authentication for AtomPub

      e) - Addition of an OAuth page that appears when OAuth is enabled
      1) allows users to access the key and secret they need to authorized AtomPub clients
      2) allows admins to access the site-wide key and secret needed to authorize 3rd party sites

      The implementation creates these new tables:

      – each record is an OAuth consumer key and secret, can be tied to just one user
      create table rol_oauthconsumer (
      consumerkey varchar(48) not null primary key,
      consumersecret varchar(48) not null,
      username varchar(48)
      create index oc_username_idx on rol_oauthconsumer( username$!db.INDEXSIZE );
      create index oc_consumerkey_idx on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );

      – each record is an OAuth accessor, always tied to just one user
      create table rol_oauthaccessor (
      consumerkey varchar(48) not null primary key,
      requesttoken varchar(48),
      accesstoken varchar(48),
      tokensecret varchar(48),
      created $db.TIMESTAMP_SQL_TYPE not null,
      updated $db.TIMESTAMP_SQL_TYPE not null,
      username varchar(48) not null,
      authorized $db.BOOLEAN_SQL_TYPE_FALSE
      create index oa_consumerkey_idx on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );

      The implementation adds these new jars:


        1. OAuth authorize.jpg
          36 kB
          David Johnson
        2. OAuth credentials page.jpg
          102 kB
          David Johnson
        3. OAuth creds link.jpg
          43 kB
          David Johnson
        4. OAuth enable.jpg
          20 kB
          David Johnson
        5. rol1798-20090313.patch
          148 kB
          David Johnson



            • Assignee:
              djohnson David Johnson
              djohnson David Johnson
            • Votes:
              0 Vote for this issue
              1 Start watching this issue


              • Created: