On May 18, 2012, at 8:54 PM, Jens Alfke wrote:
> There's a small bit in the wiki* that hints at a replication JSON parameter
> to set custom headers. One of the examples of a _replicate request shows the
> body:
>
>> {"source":{"url":"https://example.net:5984/db","headers":{"Authorization":"Basic
>> Ym9iQGV4YW1wbGUuY29tOnBhc3N3b3Jk"}}, "target":"local-db"}
>
> There's no further explanation; could someone clarify whether the 'headers'
> property can be used to add arbitrary HTTP headers to the requests sent by
> the replicator?
Yepper, that's all there is to it.
> A few paragraphs later is the statement:
>
>> Using a JSON hash (instead of a plain string) may also be used to specify
>> OAuth (by adding a "oauth" field to the hash).
>
> I don't understand this at all ('oauth' isn't an HTTP header, so does this
> mean to add it as a top-level property in the _replicate body? Or somewhere
> else? And what should its contents be?
>
> I'd like to know how OAuth is used to authenticate to CouchDB, but there's
> almost nothing about it in the wiki.
I had to read the code for this one. It looks like e.g. source.auth.oauth
would be a JSON object with "consumer_secret", "consumer_key", "token_secret",
and "token" fields (and an optional "signature_method" field). The
Authorization header would be computed by the replicator for each request using
this information. I'm no OAuth expert, though. Cheers,
Adam
> —Jens
>
> * http://wiki.apache.org/couchdb/Replication
