desktopcouch

Code review comment for lp://staging/~sil/desktopcouch/create-oauth-tokens-startup

  1. create-oauth-tokens-startup
  2. Merge into trunk
Revision history for this message
Mark G. Saye (markgsaye) wrote :

> bzr merge lp:~sil/desktopcouch/create-oauth-tokens-startup
 M data/couchdb.tmpl
 M desktopcouch/start_local_couchdb.py
Text conflict in desktopcouch/start_local_couchdb.py
1 conflicts encountered.

> bzr diff desktopcouch/start_local_couchdb.py
=== modified file 'desktopcouch/start_local_couchdb.py'
--- desktopcouch/start_local_couchdb.py 2009-08-21 22:45:24 +0000
+++ desktopcouch/start_local_couchdb.py 2009-08-24 11:12:48 +0000
@@ -34,14 +34,16 @@
 """

 from __future__ import with_statement
-import os, subprocess, sys, glob
+import os, subprocess, sys, glob, random, string
 import desktopcouch
 from desktopcouch import local_files
 import xdg.BaseDirectory
 import errno
-import time
+import time, gtk, gnomekeyring
 from desktopcouch.records.server import CouchDatabase

+ACCEPTABLE_USERNAME_PASSWORD_CHARS = string.lowercase + string.uppercase
+
 def dump_ini(data, filename):
     """Dump INI data with sorted sections and keywords"""
     fd = open(filename, 'w')
@@ -60,9 +62,38 @@
         ini_path=local_files.FILE_INI, db_dir=local_files.DIR_DB,
         log_path=local_files.FILE_LOG, port="0"):
     """Write CouchDB ini file if not already present"""
+<<<<<<< TREE
     if os.path.exists(ini_path):
         return
     ini = {
+=======
+ if os.path.exists(local_files.FILE_INI):
+ # load the username and password from the keyring
+ try:
+ data = gnomekeyring.find_items_sync(gnomekeyring.ITEM_GENERIC_SECRET,
+ {'desktopcouch': 'basic'})
+ except gnomekeyring.NoMatchError:
+ data = None
+ if data:
+ username, password = data[0].secret.split(":")
+ return username, password
+ # otherwise fall through; for some reason the access details aren't
+ # in the keyring, so re-create the ini file and do it all again
+
+ # randomly generate tokens and usernames
+ def make_random_string(count):
+ return ''.join([random.choice(ACCEPTABLE_USERNAME_PASSWORD_CHARS)
+ for x in range(count)])
+
+ ADMIN_ACCOUNT_USERNAME = make_random_string(10)
+ ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD = make_random_string(10)
+ CONSUMER_KEY = make_random_string(10)
+ CONSUMER_SECRET = make_random_string(10)
+ TOKEN = make_random_string(10)
+ TOKEN_SECRET = make_random_string(10)
+
+ local = {
+>>>>>>> MERGE-SOURCE
         'couchdb': {
             'database_dir': db_dir,
             'view_index_dir': db_dir,
@@ -75,10 +106,51 @@
             'file': log_path,
             'level': 'info',
         },
+ 'admins': {
+ ADMIN_ACCOUNT_USERNAME: ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD
+ },
+ 'oauth_consumer_secrets': {
+ CONSUMER_KEY: CONSUMER_SECRET
+ },
+ 'oauth_token_secrets': {
+ TOKEN: TOKEN_SECRET
+ },
+ 'oauth_token_users': {
+ TOKEN: ADMIN_ACCOUNT_USERNAME
+ },
+ 'couch_httpd_auth': {
+ 'require_valid_user': 'true'
+ }
     }
+<<<<<<< TREE
     dump_ini(ini, ini_path)

 def run_couchdb(exec_command=local_files.COUCH_EXEC_COMMAND):
+=======
+
+ dump_ini(local, local_files.FILE_INI)
+ # save admin account details in keyring
+ item_id = gnomekeyring.item_create_sync(
+ None,
+ gnomekeyring.ITEM_GENERIC_SECRET,
+ 'Desktop Couch user authentication',
+ {'desktopcouch': 'basic'},
+ "%s:%s" % (ADMIN_ACCOUNT_USERNAME, ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD),
+ True)
+ # and oauth tokens
+ item_id = gnomekeyring.item_create_sync(
+ None,
+ gnomekeyring.ITEM_GENERIC_SECRET,
+ 'Desktop Couch user authentication',
+ {'desktopcouch': 'oauth'},
+ "%s:%s:%s:%s" % (CONSUMER_KEY, CONSUMER_SECRET, TOKEN, TOKEN_SECRET),
+ True)
+
+
+ return (ADMIN_ACCOUNT_USERNAME, ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD)
+
+def run_couchdb():
+>>>>>>> MERGE-SOURCE
     """Actually start the CouchDB process"""
     local_exec = exec_command + ['-b']
     try:
@@ -142,7 +214,7 @@
                 # than inefficiently just overwriting it regardless
                 db.add_view(view_name, mapjs, reducejs, dd_name)

-def write_bookmark_file():
+def write_bookmark_file(username, password):
     """Write out an HTML document that the user can bookmark to find their DB"""
     bookmark_file = os.path.join(local_files.DIR_DB, "couchdb.html")

@@ -182,21 +254,24 @@
             pass
     else:
         fp = open(bookmark_file, "w")
- fp.write(html.replace("[[COUCHDB_PORT]]", port))
+ out = html.replace("[[COUCHDB_PORT]]", port)
+ out = out.replace("[[COUCHDB_USERNAME]]", username)
+ out = out.replace("[[COUCHDB_PASSWORD]]", password)
+ fp.write(out)
         fp.close()
         print "Browse your desktop CouchDB at file://%s" % \
           os.path.realpath(bookmark_file)

 def start_couchdb():
     """Execute each step to start a desktop CouchDB"""
- create_ini_file()
+ username, password = create_ini_file()
     run_couchdb()
     # Note that we do not call update_design_documents here. This is because
     # Couch won't actually have started yet, so when update_design_documents
     # calls the Records API, that will call back into get_pid and we end up
     # starting Couch again. Instead, get_pid calls update_design_documents
     # *after* Couch startup has occurred.
- write_bookmark_file()
+ write_bookmark_file(username, password)

 if __name__ == "__main__":

review: Needs Fixing

« Back to merge proposal