Author: davisp
Date: Thu Oct 22 19:58:18 2009
New Revision: 828836
URL: http://svn.apache.org/viewvc?rev=828836&view=rev
Log:
Improve OAuth error message for missing tokens.
Added a test in oauth.js
Modified:
couchdb/trunk/share/www/script/test/oauth.js
couchdb/trunk/src/couchdb/couch_httpd_oauth.erl
Modified: couchdb/trunk/share/www/script/test/oauth.js
URL:
http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/oauth.js?rev=828836&r1=828835&r2=828836&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/test/oauth.js (original)
+++ couchdb/trunk/share/www/script/test/oauth.js Thu Oct 22 19:58:18 2009
@@ -196,6 +196,12 @@
T(data.name == "testadmin");
T(data.roles[0] == "_admin");
}
+
+ // Test when the user's token doesn't exist.
+ message.parameters.oauth_token = "not a token!";
+ xhr = oauthRequest("GET", "http://"; + host + "/_session?foo=bar",
+ message, adminAccessor);
+ T(xhr.status == 400, "Request should be invalid.");
}
}
} finally {
Modified: couchdb/trunk/src/couchdb/couch_httpd_oauth.erl
URL:
http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd_oauth.erl?rev=828836&r1=828835&r2=828836&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_httpd_oauth.erl (original)
+++ couchdb/trunk/src/couchdb/couch_httpd_oauth.erl Thu Oct 22 19:58:18 2009
@@ -38,7 +38,10 @@
set_user_ctx(Req, AccessToken) ->
DbName = couch_config:get("couch_httpd_auth", "authentication_db"),
{ok, _Db} = couch_httpd_auth:ensure_users_db_exists(?l2b(DbName)),
- Name = ?l2b(couch_config:get("oauth_token_users", AccessToken)),
+ Name = case couch_config:get("oauth_token_users", AccessToken) of
+ undefined -> throw({bad_request, unknown_oauth_token});
+ Value -> ?l2b(Value)
+ end,
case couch_httpd_auth:get_user(Name) of
nil -> Req;
User ->
