[jira] Resolved: (SHINDIG-1111) override host name when behind a reverse proxy

[Chris Chabot (JIRA)]

     [ 
https://issues.apache.org/jira/browse/SHINDIG-1111?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Chris Chabot resolved SHINDIG-1111.
-----------------------------------

       Resolution: Fixed
    Fix Version/s: 1.1-M1
         Assignee: Chris Chabot

Hey Loic,

A side note first, can you please attach actual patch files to JIRA (I know 
it's a bit quirky to see that option you first need to create the issue and 
then you see the upload file option). It makes applying a patch a lot easier, 
and the second and much more important reasons is that when uploading a patch 
you get a 'I grant the ASF full rights to this code' checkbox ... without that 
there could be some confusion about the legal status of your contributions and 
we couldn't use them.

The patch it's self looks good, the only issue is that a NULL default key 
caused a 'Invalid config key' error, using 'false' as a default value does work 
correctly though.

It's been committed to the trunk. Thanks!

> override host name when behind a reverse proxy
> ----------------------------------------------
>
>                 Key: SHINDIG-1111
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1111
>             Project: Shindig
>          Issue Type: Bug
>          Components: PHP
>    Affects Versions: 1.0
>         Environment: GNU/Linux
>            Reporter: Loic Dachary
>            Assignee: Chris Chabot
>             Fix For: 1.1-M1
>
>
> When the shindig server sits behind a reverse proxy, OAuthRequest will be 
> built using the host name used by the reverse proxy instead of the extrenal 
> name. A configuration parameter is added (with the following tentative patch) 
> to allow overriding this default with a known domain name. If this can't be 
> done the signature will always be wrong ( because the hostname is part of the 
> base_string ).
> diff -r ef48cba39a7d usr/src/shindig-1.0-incubating-php/config/container.php
> --- a/usr/src/shindig-1.0-incubating-php/config/container.php   Sun Jul 12 
> 17:08:43 2009 +0200
> +++ b/usr/src/shindig-1.0-incubating-php/config/container.php   Mon Jul 13 
> 23:37:13 2009 +0200
> @@ -137,5 +137,6 @@
>    'proxy' => '',
>    // If your server is behind a reverse proxy, set the real hostname here
> +  'http_host' => NULL
> +  // 'http_host' => 'shindig.opensocial.dachary.org'
>  );
> diff -r ef48cba39a7d 
> usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php
> --- a/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php    
>   Sun Jul 12 17:08:43 2009 +0200
> +++ b/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php    
>   Mon Jul 13 23:37:13 2009 +0200
> @@ -75,7 +75,9 @@
>    public function getSecurityToken() {
>      // see if we have an OAuth request
> -    $request = OAuthRequest::from_request();
> +    $scheme = (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 
> 'http' : 'https';
> +    $http_url = $scheme . '://' . ( Config::get('http_host') ? 
> Config::get('http_host') : $_SERVER['HTTP_HOST']) . $_SERVER['REQUEST_URI'];
> +    $request = OAuthRequest::from_request(NULL, $http_url , NULL);
>      $appUrl = $request->get_parameter('oauth_consumer_key');
>      $userId = $request->get_parameter('xoauth_requestor_id'); // from 
> Consumer Request extension (2-legged OAuth)
>      $signature = $request->get_parameter('oauth_signature');

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.