IRC Log for #openid on 2007-12-16

Timestamps are in UTC.

  1. [00:36:37] * peace-keeper (n=peace-ke@c-24-91-177-185.hsd1.ma.comcast.net) has joined #openid
  2. [01:49:48] * priidu (n=aa@58.246.249.128) has joined #openid
  3. [02:17:28] <Peng> Pibb: ping
  4. [02:18:27] * Peng reloads Pibb.
  5. [02:20:10] <Peng> Oh, the Pibb bot is down. Right.
  6. [02:27:24] * tjohns (n=tjohns@cpe-76-170-58-80.socal.res.rr.com) Quit ()
  7. [03:36:43] <radix> So, I'm trying to figure out how to unit test some code that uses the python-openid package.
  8. [03:37:48] <radix> Does it provides fakes or something that allow me to simulate requests to an OpenID provider?
  9. [03:40:48] <radix> hmm. maybe that StubConsumer thing in test_consumer.
  10. [03:41:07] <radix> (by the way, it is really bizarre that there are two things called "consumer" in python-openid.)
  11. [03:42:57] <radix> I would rather not make my own full Consumer fake, because then I'm risking unnoticed incompatibilities.
  12. [03:44:00] * radix wonders if he should bother talking while the Pibb bot is down.
  13. [03:50:26] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Read error: 110 (Connection timed out))
  14. [03:53:28] * radix emails.
  15. [03:58:42] <keturn> two things called consumer? other than the fact that we do openid.consumer.consumer.Consumer
  16. [04:00:42] <radix> keturn: heh.
  17. [04:00:53] <radix> keturn: I don't mind the fact that package and module names are the same as class names.
  18. [04:01:03] <radix> keturn: but it's really the openid.consumer.consumer.Consumer.consumer that gets me.
  19. [04:01:28] <keturn> understandable
  20. [04:02:40] <keturn> but I'm a little confused at your question. Confused in the "I've never heard anyone ask that question of a software maintainer before" kind of way.
  21. [04:03:18] <radix> keturn: I am a demanding user.
  22. [04:03:24] <radix> keturn: Think of twisted.internet.task.Clock.
  23. [04:04:59] * keturn thinks of Clock.
  24. [04:05:15] <radix> keturn: it is a supported Fake for IReactorTime
  25. [04:06:12] <keturn> I guess I don't understand quite which things you want to define as being compatible while being fake
  26. [04:06:42] <keturn> or as fake while being compatible
  27. [04:06:44] <radix> keturn: generally, the behavior, but with pre-specified results and no HTTP communication
  28. [04:07:03] <radix> keturn: what I want to remain compatible is the signatures, basically. Like, if you rename begin to start, I need my unit tests to fail.
  29. [04:07:23] <radix> Or if you make one of the methods return an object with subtly different behavior, etc.
  30. [04:07:44] <radix> I assume that the python-openid unit tests themselves have such fakes.
  31. [04:08:09] <radix> keturn: Admittedly, this *is* pretty demanding. I'm only asking because I expect that it actually exists, perhaps just in a test_ module.
  32. [04:08:41] <radix> Writing my own fake is actually pretty reasonable, if you guys offer decent API compatibility, which I think you do.
  33. [04:08:46] <radix> But if you have one already, I'd like to use it.
  34. [04:09:02] <keturn> we probably have like six
  35. [04:09:14] <radix> :-)
  36. [04:09:18] <keturn> depending on just how fake we needed something during whatever test we happened to be writing at the time
  37. [04:09:36] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) has joined #openid
  38. [04:10:17] <keturn> there are probably three that return object() and two that return 'http://unittest.invalid/'
  39. [04:10:56] <radix> It'd be nice to have one that simulates failure to authenticate, success in authentication, and arbitrary metadata (or whatever you guys call stuff like "Real name").
  40. [04:11:05] <radix> Or the ability for me to specify those things.
  41. [04:11:19] <keturn> and one that's just a Consumer instantiated with a MemoryStore and a faked-out Fetcher
  42. [04:12:13] <radix> a faked Fetcher would also be fine as well. I also see this ConsumerStub thing (which is a stub of the object at Consumer.consumer, not Consumer itself).
  43. [04:12:57] <radix> in test_consumer.py, that is.
  44. [04:13:14] <keturn> that would be what we named GenericConsumer
  45. [04:13:33] <radix> noted :)
  46. [04:16:33] * peace-keeper (n=peace-ke@c-24-91-177-185.hsd1.ma.comcast.net) Quit (Connection timed out)
  47. [04:20:02] * keturn does a grep class test/*.py
  48. [04:20:37] <keturn> ok, I might have overestimated the number of fake consumers by a few, but the 9 fake fetchers make up for it
  49. [04:21:49] <radix> keturn: so how about stepping back
  50. [04:22:09] <radix> keturn: what would you probably do if you were writing a library that used openid? How would you probably unit test it?
  51. [04:24:17] <radix> I'm really only interacting with the library in the way "HOW TO USE THIS LIBRARY" in consumer.py's docstring describes.
  52. [04:24:28] <radix> sorry, "USING THIS LIBRARY".
  53. [04:29:10] * radix remembers that he has half an hour to pay the rent.
  54. [04:29:31] <keturn> I guess what you want is a set of AuthRequest and Response objects that are known to be internally consistent
  55. [04:33:34] <radix> aw, hell. that should be easy enough to make a fake Consumer.
  56. [04:33:49] <radix> I just hope I get it right. :)
  57. [04:35:37] <keturn> keep me posted.
  58. [04:36:21] <keturn> meanwhile, Rudy makes a pretty good pizza. Which is good, because they talked me in to getting a Large.
  59. [04:54:58] * priidu (n=aa@58.246.249.128) Quit (Read error: 110 (Connection timed out))
  60. [05:04:09] * priidu (n=aa@58.246.249.128) has joined #openid
  61. [05:11:20] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Read error: 110 (Connection timed out))
  62. [05:12:14] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) has joined #openid
  63. [05:39:39] * tlrobinson_ (n=tlrobins@vpn-208-087.usc.edu) Quit (Read error: 110 (Connection timed out))
  64. [06:04:16] * Roebot (n=AaronF@ip68-101-200-165.sd.sd.cox.net) has joined #openid
  65. [06:08:15] <radix> oh wow
  66. [06:08:23] <radix> a unit test that passed
  67. [06:09:26] <radix> and it was only 43 lines
  68. [06:09:40] <radix> and it's the worst unit test in the world
  69. [06:09:45] <radix> but it's green! so I'll go to bed.
  70. [06:23:22] * johnjay (n=r2d2@pdpc/supporter/active/johnjay) Quit (Remote closed the connection)
  71. [06:23:27] * johnjay (n=r2d2@pdpc/supporter/active/johnjay) has joined #openid
  72. [06:34:02] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Read error: 110 (Connection timed out))
  73. [06:35:23] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) has joined #openid
  74. [06:52:54] * johnjay (n=r2d2@pdpc/supporter/active/johnjay) Quit (Remote closed the connection)
  75. [07:01:08] * johnjay (n=r2d2@pdpc/supporter/active/johnjay) has joined #openid
  76. [07:05:30] * priidu (n=aa@58.246.249.128) Quit (Remote closed the connection)
  77. [07:09:56] * priidu_ (n=aa@58.246.249.128) has joined #openid
  78. [07:49:06] * MakenshiFox (n=makenshi@makenshi.at.furry.be) has joined #openid
  79. [07:49:25] * Makenshi (n=makenshi@makenshi.at.furry.be) Quit (Read error: 104 (Connection reset by peer))
  80. [09:03:59] * Roebot (n=AaronF@ip68-101-200-165.sd.sd.cox.net) Quit (Read error: 110 (Connection timed out))
  81. [10:34:21] * pvandewyngaerde (n=pvandewy@226.229-240-81.adsl-dyn.isp.belgacom.be) has joined #openid
  82. [11:34:35] * Mitsu (n=Nightmar@45.Red-81-44-40.dynamicIP.rima-tde.net) has joined #openID
  83. [11:37:00] * Mitsurugi (n=Nightmar@174.Red-83-34-147.dynamicIP.rima-tde.net) Quit (Read error: 110 (Connection timed out))
  84. [12:41:18] * MakenshiFox (n=makenshi@makenshi.at.furry.be) Quit (Remote closed the connection)
  85. [12:41:50] * MakenshiFox (n=makenshi@makenshi.at.furry.be) has joined #openid
  86. [12:43:16] * Mitsu (n=Nightmar@45.Red-81-44-40.dynamicIP.rima-tde.net) Quit ("http://niorcs.com · tecnologia lliure per a un món lliure")
  87. [12:43:21] * Mitsurugi (n=Nightmar@45.Red-81-44-40.dynamicIP.rima-tde.net) has joined #openID
  88. [14:02:36] * peace-keeper (n=peace-ke@c-24-91-177-185.hsd1.ma.comcast.net) has joined #openid
  89. [14:07:03] <MakenshiFox> Does anyone know of an online organizer (aka personal information management) service that supports openid?
  90. [14:20:28] * Skwid_ (n=skwid@lau06-1-82-228-247-28.fbx.proxad.net) has joined #openid
  91. [14:20:28] <jibot> Skwid_ is cool
  92. [14:35:57] * Skwid_ (n=skwid@lau06-1-82-228-247-28.fbx.proxad.net) Quit ("Leaving.")
  93. [15:29:04] * Roebot (n=AaronF@ip68-101-200-165.sd.sd.cox.net) has joined #openid
  94. [15:46:42] * evanpro (n=evanpro@pdpc/supporter/silver/evanpro) has left #openid
  95. [15:57:04] * Skwid_ (n=skwid@lau06-1-82-228-247-28.fbx.proxad.net) has joined #openid
  96. [15:57:04] <jibot> Skwid_ is cool
  97. [16:23:12] * radix thinks about how to make this unit test less horrible.
  98. [16:23:52] * radix starts commenting out code that it doesn't actually test.
  99. [16:30:26] * jamesh__ (n=james@canonical/launchpad/jamesh) has joined #openid
  100. [16:51:14] * jamesh_ (n=james@canonical/launchpad/jamesh) Quit (Read error: 101 (Network is unreachable))
  101. [17:07:32] * jamesh_ (n=james@canonical/launchpad/jamesh) has joined #openid
  102. [17:27:27] * jamesh (n=james@canonical/launchpad/jamesh) has joined #openid
  103. [17:27:42] * quirim_ is now known as quirim
  104. [17:28:56] * jamesh__ (n=james@canonical/launchpad/jamesh) Quit (Read error: 110 (Connection timed out))
  105. [17:39:39] * priidu_ (n=aa@58.246.249.128) Quit (Read error: 110 (Connection timed out))
  106. [17:41:00] <radix> keturn: redirectURL doesn't block, right?
  107. [17:42:06] * priidu_ (n=aa@58.246.249.128) has joined #openid
  108. [17:47:41] <keturn> right
  109. [17:48:08] <radix> okie doke
  110. [17:48:20] * jamesh_ (n=james@canonical/launchpad/jamesh) Quit (Read error: 110 (Connection timed out))
  111. [17:48:43] <radix> I ended up faking way more than I want to, like the AuthRequest and Response objects themselves. I think I need to do something about that.
  112. [17:50:04] <keturn> huh. yeah. because those are, for the most part, simple data structures with some formatting methods
  113. [17:51:23] * priidu_ (n=aa@58.246.249.128) Quit (Remote closed the connection)
  114. [17:53:48] <radix> the thing is, since I faked Consumer, and Consumer creates all the data that eventually gets passed to those objects, I couldn't really rely on the library to create them for me.
  115. [17:54:39] <radix> so now I'm thinking of those Fetchers again...
  116. [17:55:30] <radix> One of my goals is to be able to use the real implementation of complete(), so that I can make sure I'm passing the right data to it.
  117. [17:58:25] * Thinapps (n=pierre@ron34-1-82-224-149-53.fbx.proxad.net) has joined #openid
  118. [18:02:27] <Thinapps> Hi everybody, I got a question regarding openid. I have an ldap server which is in charge of keeping user account information (login/password). For all our web apps, I thought of an openid system which enable user to sign once. Is there any way to "tell" openid server to lookup in ldap for user account ?
  119. [18:04:01] <donomo> i believe for the existing openid modules
  120. [18:04:11] <donomo> the local record storage is left to the implementor
  121. [18:05:32] <Thinapps> I thought of using php-openid server with ldap as a backend ... ? would it be possible ?
  122. [18:05:48] <Thinapps> I'm quite a newbie with openID, sorry
  123. [18:08:08] <keturn> assuming there's an ldap client for php. and I expect there is.
  124. [18:09:12] <Thinapps> You mean, I need to tell openID server to fetch data from ldap server by writing small piece of code to do that job (php side) ?
  125. [18:09:15] <Thinapps> right ?
  126. [18:09:26] <keturn> right
  127. [18:09:35] * pvandewyngaerde (n=pvandewy@226.229-240-81.adsl-dyn.isp.belgacom.be) Quit (Remote closed the connection)
  128. [18:10:11] <Thinapps> Okay
  129. [18:10:34] <Thinapps> Thanks for your help, I'm gonna try that
  130. [18:13:45] * Thinapps (n=pierre@ron34-1-82-224-149-53.fbx.proxad.net) has left #openid
  131. [18:18:39] <keturn> radix: basically, I have the problem you're having now whenever I write code that invokes a foreign interface
  132. [18:43:38] * michelp (n=michelp@69-30-72-119.dq1sf.easystreet.com) has joined #openid
  133. [19:27:20] * keturn (n=kevint@pdpc/supporter/sustaining/keturn) Quit ("Client exiting")
  134. [20:16:31] * MakenshiFox is now known as Makenshi
  135. [20:40:22] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Remote closed the connection)
  136. [20:46:46] * MvdS (n=moshe@82-204-31-38.dsl.bbeyond.nl) has joined #openid
  137. [20:50:21] <MvdS> Hello, is there a way to ask a openid provider to verify some credentials without redirecting the user agent to it?
  138. [20:51:45] <johill> yes, but they can return "can't do it"
  139. [20:52:09] <MvdS> thats fine
  140. [20:52:15] <johill> iirc
  141. [20:52:41] <johill> "immediate request"
  142. [20:52:47] <johill> 9.3. Immediate Requests
  143. [20:52:56] <johill> When requesting authentication, the Relying Party MAY request that the OP not interact with the end user. In this case the OP MUST respond immediately with either an assertion that authentication is successful, or a response indicating that the request cannot be completed without further user interaction. This is accomplished by an authentication request with "openid.mode" set to "checkid_immediate".
  144. [20:53:01] <MvdS> I've read some about checkid_immediate, but as I can understand, it still redirects the user agent
  145. [20:53:12] <johill> of course
  146. [20:53:26] <johill> that's the only way it can verify anything
  147. [20:53:38] <johill> you as the openid consumer never hold any credentials
  148. [20:53:44] <johill> so you can't ask them to verify any
  149. [20:53:53] <MvdS> well, I like to connect some IRC programs to use openid as authentication
  150. [20:54:08] <johill> then you have to implement http redirect
  151. [20:54:09] <MvdS> so I cant redirect the user anywhere
  152. [20:54:11] <johill> and POST
  153. [20:54:17] <johill> but that's not going to work anyway
  154. [20:54:23] <johill> because where should crednetials come from?
  155. [20:54:46] <johill> typically, in immediate requests, a session cookie is checked and if its good it rerturns "all ok" otherwise "no idea"
  156. [20:54:57] <MvdS> well, the hostmask is a valid credential for the purpose of irc
  157. [20:54:57] <johill> obviously the irc program has no session cookie, no credentials at all
  158. [20:55:00] <johill> so how would it work?
  159. [20:55:28] <johill> but then the openid provider would have to know about irc?
  160. [20:55:39] <johill> honestly, I think you're a bit confused about what openid is and what it isn't
  161. [20:55:46] <MvdS> well, with checkid_immediate, it has to
  162. [20:55:55] <johill> no
  163. [20:56:03] <johill> typically it'll verify whatever credentials it thinks are appropriate
  164. [20:56:33] <johill> you can't communicate with an openid provider without a user to forward the communication anyway
  165. [20:57:02] <MvdS> I do understand openid, but wondered if there would be a way to do check credentials by the consumer
  166. [20:57:57] <johill> of course not
  167. [20:58:11] <MvdS> I know it isn't half as sane as letting the provider talk to the user agent, but with irc, a hostmask check is secure enough
  168. [20:58:29] <johill> still
  169. [20:58:43] <johill> you need something like a "hostmask verifier" rather than openid
  170. [20:58:54] <johill> it's completely out of scope imho
  171. [20:59:14] <MvdS> well, thats what I wanted to know
  172. [20:59:38] <MvdS> as I imagined it might have fitted a bit
  173. [21:00:06] <MvdS> I figured checkid_immediate would not work
  174. [21:00:32] <Makenshi> Could you not extend both the server and client for passing the tokens?
  175. [21:00:32] * keturn (n=kevint@pdpc/supporter/sustaining/keturn) has joined #openid
  176. [21:00:32] <jibot> keturn is Kevin Turner
  177. [21:00:48] <Makenshi> (bastardizing the spec of course)
  178. [21:00:54] <johill> Makenshi: yeah implement basic http redirect stuff in the client would work
  179. [21:01:09] <johill> no actually, it wouldn't
  180. [21:01:23] <johill> because you want to pass the credentials from the RP to the OP
  181. [21:01:28] <johill> which is totally not something openid does
  182. [21:18:32] * Skwid_ (n=skwid@lau06-1-82-228-247-28.fbx.proxad.net) Quit ("Leaving.")
  183. [21:30:04] * MvdS (n=moshe@82-204-31-38.dsl.bbeyond.nl) Quit ("Ex-Chat")
  184. [21:49:19] * Roebot (n=AaronF@ip68-101-200-165.sd.sd.cox.net) Quit (Read error: 110 (Connection timed out))
  185. [22:11:04] * robertj_ (n=robertj@97-81-109-148.dhcp.athn.ga.charter.com) has joined #openid
  186. [22:11:42] <robertj_> hey all, are there any sizable sites showcasing Attribute Exchange yet?
  187. [22:16:10] * peace-keeper (n=peace-ke@c-24-91-177-185.hsd1.ma.comcast.net) Quit (Success)
  188. [22:49:51] <radix> hmm. fake fetcher.
  189. [22:59:36] * pvandewyngaerde (n=pvandewy@124.69-200-80.adsl-dyn.isp.belgacom.be) has joined #openid
  190. [23:02:15] <radix> I'm going to try that.
  191. [23:13:16] * pvandewyngaerde (n=pvandewy@124.69-200-80.adsl-dyn.isp.belgacom.be) Quit (Remote closed the connection)
  192. [23:27:20] * Skwid_ (n=skwid@lau06-1-82-228-247-28.fbx.proxad.net) has joined #openid
  193. [23:27:20] <jibot> Skwid_ is cool
  194. [23:46:43] * jamesh (n=james@canonical/launchpad/jamesh) Quit (brown.freenode.net irc.freenode.net)
  195. [23:52:42] * jamesh (n=james@canonical/launchpad/jamesh) has joined #openid

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.