Bug #4804
Exception thrown at /oauth2/auth
| Status: | Resolved | Start date: | 12/20/2013 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: | Sofia Papagiannaki | % Done: | 0% |
|
| Category: | Astakos | Spent time: | - | |
| Target version: | 0.15 |
Description
Perhaps not properly validating the length of the URL resource?
DatabaseError: value too long for type character varying(255)
<WSGIRequest
path:/oauth2/auth,
GET:<QueryDict: {u'scope': [u'/6c26d059-39c7-4d40-a595-a9696f996858/pithos/SUPER_LONG_NAME_REDACTED.pdf'], u'state': [u''],
u'redirect_uri': [u'https://pithos.okeanos.grnet.gr/ui/view/6c26d059-39c7-4d40-a595-a9696f996858/pithos/SUPER_LONG_NAME_REDACTED.pdf'], u'response_type': [u'code'], u'client_id': [u'pithos-view']}>,
Associated revisions
astakos oa2: Handle failures due to too long redirect urls
Change database field to TextField in order to avoid restrictions on the
redirect url lengths
Update tests
This fix introduces a database migration of the oa2 app
Refs: #4804
astakos oa2: Set a redirect URI length limit.
This limit is configurable and is applied in the api level.
Refs: #4804
astakos oa2: Restrict redirect URI length during client registration.
Apply the check in the oauth2-client-add snf-manage command.
Refs: #4804
History
#1 Updated by Sofia Papagiannaki over 9 years ago
We have to increase the length of the specific field (redirect_uri) in the Astakos database (It is really small)
and handle failures for resources exceeding this limit.
However, further consideration has to be made in order to decide which should be this limit
since this depends on the size of URI of the requested resource that theoretically is unbounded
http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1
- considering only the resource URIs which currently we are willing to serve (Pithos+ resource views) and also
- taking into account the limits defined in Openstack Storage API:
http://docs.openstack.org/api/openstack-object-storage/1.0/content/ch_object-storage-dev-api-storage.html
we can get a clue about the maximum length of the requested resources, however Astakos ought to be ignorant about this.
#2 Updated by Sofia Papagiannaki over 9 years ago
In order to avoid restrictions on the redirect URI lengths we will change the database field to text.
#3 Updated by Sofia Papagiannaki about 9 years ago
After additional considerations we concluded on the following scheme:
we respective column type will be text but the api will restrict it to a configurable value (default 5000 chars).
#4 Updated by Sofia Papagiannaki about 9 years ago
Sofia Papagiannaki wrote:
After additional considerations we concluded on the following scheme:
we respective column type will be text but the api will restrict it to a configurable value (default 5000 chars).
we --> the
#5 Updated by Sofia Papagiannaki about 9 years ago
- Status changed from Assigned to Resolved