supplying a bad TokenSecret causes a 500 error response
-------------------------------------------------------
Key: COUCHDB-522
URL: https://issues.apache.org/jira/browse/COUCHDB-522
Project: CouchDB
Issue Type: Bug
Components: HTTP Interface
Affects Versions: 0.10
Reporter: Adam Kocoloski
Assignee: Jason Davies
It seems that if a user tries to authenticate with OAuth using a token secret
that CouchDB doesn't know about, the result will be an Internal Server Error
and a traceback that looks like
[Thu, 08 Oct 2009 14:44:19 GMT] [info] [<0.1103.24>] Stacktrace:
[{oauth_uri,encode,[undefined,[]]},
{oauth_uri,'-calate/2-lc$^0/1-0-',1},
{oauth_uri,'-calate/2-lc$^0/1-0-',1},
{oauth_uri,calate,2},
{oauth_hmac_sha1,signature,3},
{oauth_hmac_sha1,verify,4},
{couch_httpd_oauth,'-oauth_authentication_handler/1-fun-0-',6},
{couch_httpd,authenticate_request,2}]
I think we could fix this by replacing
TokenSecret = couch_config:get("oauth_token_secrets", AccessToken),
with
TokenSecret = couch_config:get("oauth_token_secrets", AccessToken, ""),
or some other more appropriate default string.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
