[jira] Created: (SHINDIG-1111) override host name when behind a reverse proxy

Mon, 13 Jul 2009 14:45:50 -0700 

override host name when behind a reverse proxy
----------------------------------------------

                 Key: SHINDIG-1111
                 URL: https://issues.apache.org/jira/browse/SHINDIG-1111
             Project: Shindig
          Issue Type: Bug
          Components: PHP
    Affects Versions: 1.0
         Environment: GNU/Linux
            Reporter: Loic Dachary


When the shindig server sits behind a reverse proxy, OAuthRequest will be built 
using the host name used by the reverse proxy instead of the extrenal name. A 
configuration parameter is added (with the following tentative patch) to allow 
overriding this default with a known domain name. If this can't be done the 
signature will always be wrong ( because the hostname is part of the 
base_string ).

diff -r ef48cba39a7d usr/src/shindig-1.0-incubating-php/config/container.php
--- a/usr/src/shindig-1.0-incubating-php/config/container.php   Sun Jul 12 
17:08:43 2009 +0200
+++ b/usr/src/shindig-1.0-incubating-php/config/container.php   Mon Jul 13 
23:37:13 2009 +0200
@@ -137,5 +137,6 @@
   'proxy' => '',

   // If your server is behind a reverse proxy, set the real hostname here
+  'http_host' => NULL
+  // 'http_host' => 'shindig.opensocial.dachary.org'
 );
diff -r ef48cba39a7d 
usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php
--- a/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php      
Sun Jul 12 17:08:43 2009 +0200
+++ b/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php      
Mon Jul 13 23:37:13 2009 +0200
@@ -75,7 +75,9 @@

   public function getSecurityToken() {
     // see if we have an OAuth request
-    $request = OAuthRequest::from_request();
+    $scheme = (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 
'http' : 'https';
+    $http_url = $scheme . '://' . ( Config::get('http_host') ? 
Config::get('http_host') : $_SERVER['HTTP_HOST']) . $_SERVER['REQUEST_URI'];
+    $request = OAuthRequest::from_request(NULL, $http_url , NULL);
     $appUrl = $request->get_parameter('oauth_consumer_key');
     $userId = $request->get_parameter('xoauth_requestor_id'); // from Consumer 
Request extension (2-legged OAuth)
     $signature = $request->get_parameter('oauth_signature');


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to