git.gnu.io has moved to IP address 209.51.188.249 -- please double check where you are logging in.

Commit 1179ecd1 authored by Evan Prodromou's avatar Evan Prodromou

Fix nonce usage in OAuth store

The OAuth store was failing on getting a request token, because the
token value was forced to be non-null in the DB. Let this value be
null, and use the correct primary key (consumer, timestamp, nonce).
Drop the reference to token table, and don't ever use it.
parent 22742c3b
......@@ -4,22 +4,21 @@
*/
require_once INSTALLDIR.'/classes/Memcached_DataObject.php';
class Nonce extends Memcached_DataObject
class Nonce extends Memcached_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'nonce'; // table name
public $consumer_key; // varchar(255) primary_key not_null
public $tok; // char(32) primary_key not_null
public $tok; // char(32)
public $nonce; // char(32) primary_key not_null
public $ts; // datetime() not_null
public $ts; // datetime() primary_key not_null
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
/* Static get */
function staticGet($k,$v=null)
{ return Memcached_DataObject::staticGet('Nonce',$k,$v); }
function staticGet($k,$v=NULL) { return Memcached_DataObject::staticGet('Nonce',$k,$v); }
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
......
......@@ -145,7 +145,7 @@ id = N
[nonce]
consumer_key = 130
tok = 130
tok = 2
nonce = 130
ts = 142
created = 142
......@@ -153,8 +153,8 @@ modified = 384
[nonce__keys]
consumer_key = K
tok = K
nonce = K
ts = K
[notice]
id = 129
......
......@@ -181,15 +181,14 @@ create table token (
create table nonce (
consumer_key varchar(255) not null comment 'unique identifier, root URL',
tok char(32) not null comment 'identifying value',
tok char(32) null comment 'buggy old value, ignored',
nonce char(32) not null comment 'nonce',
ts datetime not null comment 'timestamp sent',
created datetime not null comment 'date this record was created',
modified timestamp comment 'date this record was modified',
constraint primary key (consumer_key, tok, nonce),
constraint foreign key (consumer_key, tok) references token (consumer_key, tok)
constraint primary key (consumer_key, ts, nonce)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
/* One-to-many relationship of user to openid_url */
......
......@@ -58,12 +58,11 @@ class LaconicaOAuthDataStore extends OAuthDataStore
{
$n = new Nonce();
$n->consumer_key = $consumer->key;
$n->tok = $token->key;
$n->ts = $timestamp;
$n->nonce = $nonce;
if ($n->find(true)) {
return true;
} else {
$n->ts = $timestamp;
$n->created = DB_DataObject_Cast::dateTime();
$n->insert();
return false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment