> bzr merge lp:~sil/desktopcouch/create-oauth-tokens-startup
 M  data/couchdb.tmpl                                                          
 M  desktopcouch/start_local_couchdb.py
Text conflict in desktopcouch/start_local_couchdb.py
1 conflicts encountered.                                                       

> bzr diff desktopcouch/start_local_couchdb.py
=== modified file 'desktopcouch/start_local_couchdb.py'
--- desktopcouch/start_local_couchdb.py	2009-08-21 22:45:24 +0000
+++ desktopcouch/start_local_couchdb.py	2009-08-24 11:12:48 +0000
@@ -34,14 +34,16 @@
 """
 
 from __future__ import with_statement
-import os, subprocess, sys, glob
+import os, subprocess, sys, glob, random, string
 import desktopcouch
 from desktopcouch import local_files
 import xdg.BaseDirectory
 import errno
-import time
+import time, gtk, gnomekeyring
 from desktopcouch.records.server import CouchDatabase
 
+ACCEPTABLE_USERNAME_PASSWORD_CHARS = string.lowercase + string.uppercase
+
 def dump_ini(data, filename):
     """Dump INI data with sorted sections and keywords"""
     fd = open(filename, 'w')
@@ -60,9 +62,38 @@
         ini_path=local_files.FILE_INI, db_dir=local_files.DIR_DB,
         log_path=local_files.FILE_LOG, port="0"):
     """Write CouchDB ini file if not already present"""
+<<<<<<< TREE
     if os.path.exists(ini_path):
         return
     ini = {
+=======
+    if os.path.exists(local_files.FILE_INI):
+        # load the username and password from the keyring
+        try:
+            data = gnomekeyring.find_items_sync(gnomekeyring.ITEM_GENERIC_SECRET,
+                                            {'desktopcouch': 'basic'})
+        except gnomekeyring.NoMatchError:
+            data = None
+        if data:
+            username, password = data[0].secret.split(":")
+            return username, password
+        # otherwise fall through; for some reason the access details aren't
+        # in the keyring, so re-create the ini file and do it all again
+    
+    # randomly generate tokens and usernames
+    def make_random_string(count):
+        return ''.join([random.choice(ACCEPTABLE_USERNAME_PASSWORD_CHARS)
+                        for x in range(count)])
+    
+    ADMIN_ACCOUNT_USERNAME = make_random_string(10)
+    ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD = make_random_string(10)
+    CONSUMER_KEY = make_random_string(10)
+    CONSUMER_SECRET = make_random_string(10)
+    TOKEN = make_random_string(10)
+    TOKEN_SECRET = make_random_string(10)
+    
+    local = {
+>>>>>>> MERGE-SOURCE
         'couchdb': {
             'database_dir': db_dir,
             'view_index_dir': db_dir,
@@ -75,10 +106,51 @@
             'file': log_path,
             'level': 'info',
         },
+        'admins': {
+            ADMIN_ACCOUNT_USERNAME: ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD
+        },
+        'oauth_consumer_secrets': {
+            CONSUMER_KEY: CONSUMER_SECRET
+        },
+        'oauth_token_secrets': {
+            TOKEN: TOKEN_SECRET
+        },
+        'oauth_token_users': {
+            TOKEN: ADMIN_ACCOUNT_USERNAME
+        },
+        'couch_httpd_auth': {
+            'require_valid_user': 'true'
+        }
     }
+<<<<<<< TREE
     dump_ini(ini, ini_path)
 
 def run_couchdb(exec_command=local_files.COUCH_EXEC_COMMAND):
+=======
+
+    dump_ini(local, local_files.FILE_INI)
+    # save admin account details in keyring
+    item_id = gnomekeyring.item_create_sync(
+            None,
+            gnomekeyring.ITEM_GENERIC_SECRET,
+            'Desktop Couch user authentication',
+            {'desktopcouch': 'basic'},
+            "%s:%s" % (ADMIN_ACCOUNT_USERNAME, ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD),
+            True)
+    # and oauth tokens
+    item_id = gnomekeyring.item_create_sync(
+            None,
+            gnomekeyring.ITEM_GENERIC_SECRET,
+            'Desktop Couch user authentication',
+            {'desktopcouch': 'oauth'},
+            "%s:%s:%s:%s" % (CONSUMER_KEY, CONSUMER_SECRET, TOKEN, TOKEN_SECRET),
+            True)
+    
+
+    return (ADMIN_ACCOUNT_USERNAME, ADMIN_ACCOUNT_BASIC_AUTH_PASSWORD)
+
+def run_couchdb():
+>>>>>>> MERGE-SOURCE
     """Actually start the CouchDB process"""
     local_exec = exec_command + ['-b']
     try:
@@ -142,7 +214,7 @@
                 # than inefficiently just overwriting it regardless
                 db.add_view(view_name, mapjs, reducejs, dd_name)
 
-def write_bookmark_file():
+def write_bookmark_file(username, password):
     """Write out an HTML document that the user can bookmark to find their DB"""
     bookmark_file = os.path.join(local_files.DIR_DB, "couchdb.html")
 
@@ -182,21 +254,24 @@
             pass
     else:
         fp = open(bookmark_file, "w")
-        fp.write(html.replace("[[COUCHDB_PORT]]", port))
+        out = html.replace("[[COUCHDB_PORT]]", port)
+        out = out.replace("[[COUCHDB_USERNAME]]", username)
+        out = out.replace("[[COUCHDB_PASSWORD]]", password)
+        fp.write(out)
         fp.close()
         print "Browse your desktop CouchDB at file://%s" % \
           os.path.realpath(bookmark_file)
 
 def start_couchdb():
     """Execute each step to start a desktop CouchDB"""
-    create_ini_file()
+    username, password = create_ini_file()
     run_couchdb()
     # Note that we do not call update_design_documents here. This is because
     # Couch won't actually have started yet, so when update_design_documents
     # calls the Records API, that will call back into get_pid and we end up
     # starting Couch again. Instead, get_pid calls update_design_documents
     # *after* Couch startup has occurred.
-    write_bookmark_file()
+    write_bookmark_file(username, password)
 
 
 if __name__ == "__main__":