IRC Log for #openid on 2008-06-18

• Index
• Next: 2008-06-19
• Previous: 2008-06-17

Timestamps are in UTC.

1. [00:50:56] * flaccid (n=flaccid@121.216.28.237) has joined #openid
2. [00:50:56] <jibot> flaccid is an OpenID enthusiast
3. [01:03:03] * shigeta (n=shigeta@124.32.114.226) has joined #openid
4. [01:03:19] * jroysdon (n=jroysdon@brhm-wlan0.home.roysdon.modesto.ca.us) has joined #openid
5. [01:03:46] <jroysdon> I'm trying to get delegation to work as outlined here: http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers
6. [01:04:18] <jroysdon> I've added the link rel statements (I'm not 100% sure of the openid.server) here at my own website (jason.roysdon.net) but it doesn't seem to work.. any idea?
7. [01:04:34] * MacTed (n=Thud@dhcp64-134-213-170.nyrh.nyc.wayport.net) has joined #openid
8. [01:04:34] <jibot> MacTed is a Technology Evangelist from http://www.openlinksw.com/ and a Troublemaker from Way Back
9. [01:04:42] <jroysdon> (I would expect it to take me to the pip.verisignlabs.com page asking me if I want to trust this site)
10. [01:06:17] <jroysdon> ah, figured it out... my server was listed wrong
11. [01:06:47] <jroysdon> some sites want http:// in front of your openid, and some don't care
12. [01:07:40] * desudesu (n=me@unaffiliated/desu) has joined #openid
13. [01:07:41] <flaccid> ah. yeah the site should support no http:// and i think thats even in the spec
14. [01:08:20] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
15. [01:08:24] * desudesu is now known as desu
16. [01:08:51] <jroysdon> ooh, I'm loving openid and my $5 paypal versign id protector
17. [01:09:03] <jroysdon> I can safely openid from any public terminal now ;-)
18. [01:09:56] <flaccid> id protector, what does that do?
19. [01:10:06] <jroysdon> (is this a safe assumption? short of verisign's servers getting cracked, i'm safe, right?)
20. [01:10:22] <flaccid> lol nobody is ever safe
21. [01:11:06] <jroysdon> well, of course not, but I'm talking about "safe" as in logging in from a public terminal to post comments on a blog or something, using a verisign key fob
22. [01:11:34] <jroysdon> One problem I see is a lot of sites don't have an easy way to delete/remove/merge openids
23. [01:12:31] <notjosh> that's why your openid should be jroysdon.com, not jroysdon.idprovider.com
24. [01:13:33] <jroysdon> notjosh, well, right, I just learned that 10 minutes ago reading http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers
25. [01:13:48] <jroysdon> but the providers don't tell you that.... they want you tied in to them ;-)
26. [01:13:57] <notjosh> of course
27. [01:14:05] <notjosh> can't blame them, really
28. [01:14:12] <notjosh> can, but can't, if you know what i mean :)
29. [01:14:25] <jroysdon> yup, yup, can't complain about free bad service ;-p
30. [01:14:50] <jroysdon> When I use this paypal key fob at pip.verisignlabs.com, does it talk to paypal at all?
31. [01:15:03] <notjosh> no idea
32. [01:15:12] <jroysdon> (I mean, I never told them my paypal login/password, so I don't see how they could), but it's just interesting that it just worked
33. [01:15:19] <notjosh> i'd assume so, but i don't know what the keyfob actually is/does :)
34. [01:15:21] <jroysdon> I'm assuming it is because the device is made by Verisign
35. [01:15:33] <jroysdon> it's one of those random-numberish 6-digit things
36. [01:15:37] <jroysdon> $5 through paypal
37. [01:15:51] <jroysdon> but then you can tie your pip.verisignlabs.com openid to it
38. [01:16:16] <jroysdon> https://www.paypal.com/securitykey
39. [01:16:50] <jroysdon> but basically, if I login "in the wild" and someone grabs my username/password, it doesn't do any good since the key fob is only good for 30 seconds
40. [01:16:57] <notjosh> nod
41. [01:17:07] <jroysdon> (unless they login right then and there, and verisignlabs has a log of where you logged in and what time)
42. [01:17:26] <notjosh> i get the idea of them, just wasn't sure the relationship/implementation between paypal/verisign
43. [01:17:27] <jroysdon> with seatbelt for firefox, I don't login except for when I first start my browser
44. [01:17:39] <jroysdon> ah, I think it is just that it is a verisign device
45. [01:18:05] <jroysdon> so it works at paypal.com as paypal intended, but also at pip.verisignlabs.com, which they probably didn't intend
46. [01:18:17] <notjosh> yep
47. [01:18:20] <jroysdon> (but I'm curious if my using it at VS is hitting PP's server at all)
48. [01:20:53] <flaccid> well delegation is basic and yes an extra secure token or information card is good security...
49. [01:22:21] <jroysdon> I mean, otherwise I'd never login at a public terminal
50. [01:22:59] <jroysdon> (presently I just won't use them other than to check the news or things I don't need to login for, and I rarely do that now that I have a blackberry with unlimited data)
51. [01:23:13] <flaccid> in your case jroysdon sounds like a temporal key
52. [01:23:31] <jroysdon> Just trying to think it through and see if it's leaving me open for problems. Yup, it's a temporary key to allow access to my openid provider
53. [01:24:18] <jroysdon> of course with keyloggers and such, even an ssl login to your openid provider isn't safe on a public terminal... but so long as they don't use the info right away (30 seconds), I'm safe, I'm thinking
54. [01:24:38] <jroysdon> the only problem would be if it was an instant keylogger and they instantly logged in with the same credentials
55. [01:24:59] <flaccid> there might be a measure to prevent that but not sure
56. [01:25:03] <jroysdon> (there are ways around that... cut and paste the url you want to log into and move the letters around, etc)
57. [01:25:52] <jroysdon> short of a human watching and understanding it all, I don't think a normal program is going to be able to solve it (unless they watch mouse clicks too and understand cut and paste menus)
58. [01:26:56] <flaccid> its verisign so i mean it has to be decent..
59. [01:27:41] <jroysdon> ok, thanks
60. [01:27:43] * jroysdon (n=jroysdon@brhm-wlan0.home.roysdon.modesto.ca.us) Quit ("ttfn")
61. [01:42:18] * darrenb (n=dbounds@c-76-18-200-33.hsd1.fl.comcast.net) has joined #openid
62. [01:42:25] <darrenb> hello
63. [01:45:30] * darrenb (n=dbounds@c-76-18-200-33.hsd1.fl.comcast.net) Quit ("Changing server")
64. [02:10:54] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
65. [02:19:47] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) has joined #openid
66. [02:22:07] * desudesu (n=me@unaffiliated/desu) has joined #openid
67. [02:22:45] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
68. [02:22:47] * desudesu is now known as desu
69. [02:36:53] * desudesu (n=me@unaffiliated/desu) has joined #openid
70. [02:37:23] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
71. [02:37:27] * desudesu is now known as desu
72. [02:42:01] * desudesu (n=me@unaffiliated/desu) has joined #openid
73. [02:43:11] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
74. [02:43:39] * desudesu is now known as desu
75. [02:49:55] * desu (n=me@unaffiliated/desu) Quit ("Connection reset by peer pressure")
76. [03:08:33] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) has joined #openid
77. [04:27:08] * SvenDowideit_ (n=SvenDowi@twiki/developer/SvenDowideit) Quit (Read error: 60 (Operation timed out))
78. [04:41:17] * SvenDowideit__ (n=SvenDowi@124-171-7-237.dyn.iinet.net.au) has joined #openid
79. [05:07:06] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
80. [05:12:12] * SvenDowideit_ (n=SvenDowi@twiki/developer/SvenDowideit) has joined #openid
81. [05:14:07] * SvenDowideit__ (n=SvenDowi@124-171-7-237.dyn.iinet.net.au) Quit (Read error: 101 (Network is unreachable))
82. [05:28:16] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) Quit ()
83. [05:58:27] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) Quit ("Leaving...")
84. [06:21:51] * desu (n=me@unaffiliated/desu) has joined #openid
85. [06:25:02] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) has joined #openid
86. [06:51:02] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) Quit ()
87. [06:59:08] * slango (n=slango@d192-24-63-123.try.wideopenwest.com) Quit ()
88. [07:03:00] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) has joined #openid
89. [07:35:37] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) Quit ()
90. [07:37:51] * hillsy|fail is now known as hillsy
91. [07:40:12] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
92. [07:40:53] * desu (n=me@unaffiliated/desu) has joined #openid
93. [07:59:48] * bens_ (n=bens@gateb.mh.bbc.co.uk) has joined #openid
94. [08:04:20] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
95. [08:28:01] * xpo (n=xpo@nat/af83/x-2ab9bd6cf00a9595) has joined #openid
96. [08:50:32] * flaccid (n=flaccid@121.216.28.237) Quit ("Konversation terminated!")
97. [09:11:36] * desu (n=me@unaffiliated/desu) Quit ("Connection reset by peer pressure")
98. [09:27:53] * MrTopf (i=hidden-u@oecher.info) has joined #openid
99. [09:31:29] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) has joined #openid
100. [09:32:02] * MrTopf_ (i=hidden-u@oecher.info) has joined #openid
101. [09:45:16] * MrTopf (i=hidden-u@oecher.info) Quit (Connection timed out)
102. [09:48:47] * MrTopf_ (i=hidden-u@oecher.info) Quit (Connection timed out)
103. [10:09:32] * xpo (n=xpo@nat/af83/x-2ab9bd6cf00a9595) Quit ()
104. [10:11:15] * xpo (n=xpo@nat/af83/x-dbe91996f6bc3908) has joined #openid
105. [10:22:00] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
106. [10:22:54] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) has joined #openid
107. [10:46:40] * MacTed (n=Thud@dhcp64-134-213-170.nyrh.nyc.wayport.net) Quit ()
108. [11:03:54] * stub (n=stub@ppp-58-8-211-175.revip2.asianet.co.th) has joined #openid
109. [11:13:44] * SvenDowideit__ (n=SvenDowi@203-214-150-86.perm.iinet.net.au) has joined #openid
110. [11:16:04] * MrTopf (i=hidden-u@oecher.info) has joined #openid
111. [11:20:01] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) Quit (Read error: 110 (Connection timed out))
112. [11:30:51] * SvenDowideit_ (n=SvenDowi@twiki/developer/SvenDowideit) Quit (Read error: 101 (Network is unreachable))
113. [11:55:44] * singpolyma (n=singpoly@auth2-39.uwaterloo.ca) has joined #openid
114. [11:55:44] <jibot> singpolyma is Stephen Paul Weber <http://singpolyma.net> #diso
115. [12:03:36] * MrTopf (i=hidden-u@oecher.info) Quit ()
116. [12:22:35] * singpolyma (n=singpoly@auth2-39.uwaterloo.ca) Quit ("Lost terminal")
117. [12:26:27] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) Quit (Read error: 104 (Connection reset by peer))
118. [12:26:50] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) has joined #openid
119. [12:29:55] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) Quit (Client Quit)
120. [12:32:52] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) has joined #openid
121. [12:37:13] * shigeta (n=shigeta@124.32.114.226) Quit ("Leaving...")
122. [13:02:29] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) Quit ("Reboot...")
123. [13:18:08] * slango (n=slango@d192-24-63-123.try.wideopenwest.com) has joined #openid
124. [13:28:27] * xpo (n=xpo@nat/af83/x-dbe91996f6bc3908) Quit (Read error: 113 (No route to host))
125. [13:52:09] * xpo (n=xpo@nat/af83/x-8af401ec1014714d) has joined #openid
126. [14:30:36] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
127. [14:52:56] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) Quit ("Leaving...")
128. [14:54:49] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) has joined #openid
129. [14:56:02] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) Quit (Client Quit)
130. [15:00:38] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) has joined #openid
131. [15:00:38] <jibot> metadaddy is Pat Patterson - http://blogs.sun.com/superpat/ - federation architect at http://www.sun.com/identity/ and Sun's 'community guy' on http://opensso.dev.java.net/
132. [15:02:28] <metadaddy> ?forgetme
133. [15:02:28] <jibot> I have expunged metadaddy from my mind
134. [15:02:39] <metadaddy> jibot - you said that last time!
135. [15:27:10] * singpolyma (n=singpoly@auth2-165.uwaterloo.ca) has joined #openid
136. [15:27:10] <jibot> singpolyma is Stephen Paul Weber <http://singpolyma.net> #diso
137. [15:32:41] * samsm (n=samsm@75.131.196.140) has joined #openid
138. [15:50:47] * bens_ (n=bens@gateb.mh.bbc.co.uk) Quit (Remote closed the connection)
139. [15:51:18] * samsm (n=samsm@75.131.196.140) Quit ("Leaving...")
140. [16:09:58] * samsm (n=samsm@75.131.196.140) has joined #openid
141. [16:33:00] * singpolyma (n=singpoly@auth2-165.uwaterloo.ca) Quit ("Lost terminal")
142. [16:38:49] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) Quit (Read error: 104 (Connection reset by peer))
143. [16:38:59] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) has joined #openid
144. [16:54:23] * samsm (n=samsm@75.131.196.140) Quit ()
145. [16:56:47] * hillsy (n=shhi2@npfit3.dh.bytemark.co.uk) Quit ("Leaving")
146. [17:01:09] * samsm (n=samsm@75.131.196.140) has joined #openid
147. [17:14:42] * jpwatts (n=joel@c-98-200-119-206.hsd1.tx.comcast.net) has joined #openid
148. [17:27:55] * desu (n=me@unaffiliated/desu) has joined #openid
149. [17:33:08] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) has joined #openid
150. [17:33:13] <doctormo> Hey all
151. [17:33:29] <doctormo> I need some help on how to get openid working the way I want it to
152. [17:34:00] <doctormo> Instead of offering a box for people to type in a site openid address, I'm just going to tie it directly into launchpad
153. [17:34:32] <johill> doctormo: what language?
154. [17:34:32] <doctormo> But all the expamples show how to do the box, and I'm still trying to get my head around the ideas.
155. [17:34:38] <doctormo> johill: python, django
156. [17:34:45] <johill> doctormo: look at moin moin 1.7
157. [17:34:56] <johill> doctormo: its openid RP code supports such a use case
158. [17:35:15] <johill> basically launchpad has to implement directed identities
159. [17:35:25] <johill> and then you just hard-code the select identity
160. [17:35:50] <johill> or you just do discovery on launchpad and hope its front page advertises the select capability
161. [17:38:33] * mtrichardson (n=michaelr@70.99.220.242) has joined #openid
162. [17:50:11] <_keturn> yeah, I don't remember at the moment if Launchpad's provider support is v2.0. If it is, you would be able to to just hardcode the value of the box to be "https://launchpad.net/" or whatever
163. [17:51:07] <_keturn> (except they don't actually advertise discovery info on that address, so that doesn't quite work yet. But it'd be a reasonable thing to ask the OpenID team at launchpad for.)
164. [17:53:07] <doctormo> _keturn: it is
165. [17:53:27] <doctormo> Version 2.0 I should say
166. [17:56:48] <johill> _keturn: they don't want to advertise it
167. [17:57:11] <johill> but you can of course just hard-code it, I even have sample code somewhere
168. [17:57:24] <doctormo> So when someone comes to my website, I do a discovery with launchpad (somehow) and find out if their logged in. Using whatever variables I get to identify them locally.
169. [17:57:58] <_keturn> wha? it'd make what doctormo wants to do really easy, and what doctormo wants to do is why launchpad wanted to be an OP in the first place (i.e. be an auth server for their loco sites)
170. [17:57:58] <johill> http://moinmo.in/HelpOnAuthentication#AdvancedOpenIDRPconfiguration
171. [17:59:03] <johill> I'm pretty sure they told me that once
172. [18:00:12] <johill> http://master17.moinmo.in/HelpOnAuthentication#AdvancedOpenIDRPconfiguration has a corrected example now
173. [18:00:26] * mtrichardson (n=michaelr@70.99.220.242) Quit ()
174. [18:12:08] * jpwatts (n=joel@c-98-200-119-206.hsd1.tx.comcast.net) Quit ()
175. [18:16:27] * stub (n=stub@ppp-58-8-211-175.revip2.asianet.co.th) has joined #openid
176. [18:18:24] * MrTopf (i=hidden-u@oecher.info) has joined #openid
177. [18:22:45] * samsm (n=samsm@75.131.196.140) Quit ("Leaving...")
178. [18:26:39] * MrTopf (i=hidden-u@oecher.info) Quit ()
179. [18:30:31] * xpo (n=xpo@nat/af83/x-8af401ec1014714d) Quit ()
180. [18:36:16] <doctormo> johill: from your link's example, there are a couple of things I need to understand
181. [18:36:52] <doctormo> the fs.server_url would obviously be launchpad. what would fs.claimed_id be? my local address or launchpad?
182. [18:37:20] <johill> umm, no, it would be the select identifier id
183. [18:37:32] <doctormo> or would it just be set to fs.claimed_id = 'http://specs.openid.net/auth/2.0/identifier_select'
184. [18:37:35] <johill> as my sample says
185. [18:38:13] <doctormo> johill: I don't know yet what a select identifier is.
186. [18:39:29] <johill> well that one is it
187. [18:43:23] <doctormo> OpenIDAuth, isn't a method in the openid python objects I have. I'm going to have to convert it?
188. [18:43:41] <johill> that's a class in the moin code
189. [18:43:55] <johill> you're going to have to read the moin code and understand where it uses the forced_service variable
190. [18:44:07] <johill> sorry, I can't really write your code for you now :)
191. [18:44:47] <doctormo> johill: OK well you've sorted out where I need to look, I was getting confuised because the example code I'm looking at is so different
192. [18:47:56] <johill> http://hg.moinmo.in/moin/1.7/file/tip/MoinMoin/auth/openidrp.py
193. [18:48:08] <doctormo> johill: have you got a link to the svn/csv code? having a hard time looking for it.... never mind you reempted me ;-)
194. [18:48:45] * OliverK (n=Miranda@dhcp-224-150.svcc.edu) has joined #openid
195. [18:54:10] * samsm (n=samsm@75.131.196.140) has joined #openid
196. [18:55:34] <OliverK> how would I sign an installer with openid?
197. [18:56:09] <johill> that question doesn't make sense to me
198. [18:56:20] <johill> openid doesn't sign anything?
199. [18:57:13] <OliverK> ah
200. [18:57:38] <OliverK> oops
201. [18:57:44] <OliverK> i need open pgp
202. [19:02:10] * OliverK (n=Miranda@dhcp-224-150.svcc.edu) has left #openid
203. [19:02:42] <johill> I doubt it. I think he needs a plan what he'd sign :)
204. [19:04:02] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) has joined #openid
205. [19:04:38] * SvenDowideit (n=SvenDowi@twiki/developer/SvenDowideit) has joined #openid
206. [19:10:01] <doctormo> johill: is it a good idea to use the store to store the information?
207. [19:10:31] <johill> umm what?
208. [19:13:07] <doctormo> johill: both the django example and your moinmoin example use a class which inherits OpenIDStore, was just wondering if I should create a similar class or use OpenIDStore directly
209. [19:18:27] * metadaddy is now known as metadaddy_lunch
210. [19:21:07] * SvenDowideit__ (n=SvenDowi@203-214-150-86.perm.iinet.net.au) Quit (Read error: 101 (Network is unreachable))
211. [19:21:49] <doctormo> johill: for now I'll use directly, until I see a point in it
212. [19:32:41] <doctormo> NotImplementedError <- hmm do I take it to mean that launchpad hasn't implimented this feature?
213. [19:32:58] <doctormo> I pretty much use:
214. [19:33:00] <doctormo> auth_request = consumer.beginWithoutDiscovery(server)
215. [19:33:53] <doctormo> Ah no, it's because I didn't write that OpenIDStore class..
216. [19:40:04] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) has joined #openid
217. [19:47:37] * ian_` (n=ian@blk-222-164-177.eastlink.ca) has joined #openid
218. [19:54:32] <doctormo> http://pastebin.com/m7f3d6fb4 my code doesn't seem to work yet, it just returns the http request that you get in a browser.
219. [19:54:35] <doctormo> Seomthing is wrong
220. [19:54:43] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
221. [19:55:07] * ian_` (n=ian@blk-222-164-177.eastlink.ca) Quit (Read error: 60 (Operation timed out))
222. [20:12:50] * metadaddy_lunch is now known as metadaddy
223. [20:15:49] <doctormo> johill: You said you wouldn't write my code for me, is there anythign that would change your mind? ;-)
224. [20:16:01] <johill> heh, not really
225. [20:16:06] <johill> :)
226. [20:16:11] <doctormo> I'm just getting so demoralised with openid. No one will answer questions
227. [20:16:28] <johill> I'm busy learning about distributions and fourier transforms and sobolev spaces and ...
228. [20:17:54] <johill> well you need to imlement a storage I guess
229. [20:17:54] <doctormo> Well it's not just in this channel, the darth of people saying anything in #launchpad and #django is anoying too. perhaps the subject is poorly understood
230. [20:18:10] <johill> let me look at your code
231. [20:18:18] <doctormo> johill: I got past the storage part, got it into the database.
232. [20:18:24] <johill> ok
233. [20:19:13] <johill> have you ever tried with known working code?
234. [20:19:30] <johill> i.e. that launchpad actually supports what you need
235. [20:19:38] <doctormo> http://pastebin.com/d320adce5
236. [20:20:16] <doctormo> johill: I got it to work with PBWiki which is one of the examples they give
237. [20:20:51] * mtrichardson (n=michaelr@70.99.220.242) has joined #openid
238. [20:21:03] <johill> ok
239. [20:21:21] <johill> I wouldn't call the result of 'beginWithoutDiscovery' 'auth' but rather 'req'
240. [20:21:32] <johill> I suppose you get to 'we got something interesting'?
241. [20:21:37] <doctormo> yes
242. [20:21:49] <doctormo> put stderr is chock full of html
243. [20:21:52] <doctormo> but*
244. [20:22:32] <johill> yeah the object doesn't lend itself to printing
245. [20:22:49] <johill> look at lines 280ff on my code
246. [20:23:45] <doctormo> http://moinmo.in/HelpOnAuthentication#AdvancedOpenIDRPconfiguration <- your code or the http://hg.moinmo.in/moin/1.7/file/tip/MoinMoin/auth/openidrp.py?
247. [20:23:50] <johill> you do understand that you have to redirect the browser after you have started?
248. [20:23:52] <johill> the latter
249. [20:24:54] <johill> have you looked at the example that ships with pyopenid? it's easier
250. [20:25:11] <doctormo> I understand that if launchpad thinks I'm logged in then I need to go to their site and authorise the openid
251. [20:25:12] <johill> and you only need to substitute beginWithoutDiscovery() for begin()
252. [20:25:36] <johill> no, at begin() you don't have any decision yet whether you're logged in or not
253. [20:25:48] <johill> at begin() you only set up the session between your app and launchpad
254. [20:25:55] <doctormo> Ok
255. [20:25:55] <johill> then you need to redirect the user's browser
256. [20:26:07] <doctormo> Always?
257. [20:26:13] <johill> because that browser is actually responsible for transfering any data about auth between you and launchpad
258. [20:26:16] <johill> yes, always
259. [20:26:24] <doctormo> ok
260. [20:26:46] <johill> let me see if there are any good diagrams on the site
261. [20:27:14] <doctormo> Regardless of where I deicide to get the site to do this auth
262. [20:27:36] <doctormo> I can have a link or what ever is best.
263. [20:28:22] <johill> ?
264. [20:28:45] <johill> you either have to use a POST form ("please press this button to continue") or a GET form (depending on the other side)
265. [20:29:10] <doctormo> The redirect being the get form
266. [20:29:46] <johill> http://leancode.com/2007/02/23/openid-protocol-diagram/
267. [20:29:48] <doctormo> I understand
268. [20:29:50] <johill> or the post
269. [20:30:52] <doctormo> So
270. [20:30:59] <johill> you have to understand that your app cannot verify the credentials as it doesn't even get them
271. [20:31:13] <johill> it can only ask the provider (launchpad) whether it could verify them or not
272. [20:31:32] <johill> and most communication has to be across the user's browser for that so the user can sign in/assert his identity
273. [20:31:46] <doctormo> Someone comes onto my website, they are not identified. There is a link to login, the user clicks it
274. [20:32:19] <doctormo> It effectivly redirects them to launchpad to authorise, where they say if they are who they say they are and who we are.
275. [20:32:39] <doctormo> This is after we've asked launchpad to share some sort of key.
276. [20:33:01] <johill> yeah. then launchpad redirects them back to you and that crypto stuff ensures it's all the right thing
277. [20:33:27] <doctormo> Right, then the information we get comes from the users request back to us.
278. [20:33:45] <doctormo> Which tells us hopefully something about them.
279. [20:34:12] <johill> yeah
280. [20:34:26] <johill> so in your code, you have so far gotten to 'share some sort of key'
281. [20:35:36] <johill> so your next step is to set up the return_to url and redirect the user to the provider
282. [20:36:15] <doctormo> ok I think I know where I'm going with this
283. [20:36:34] <doctormo> thanks you for your help johill
284. [20:36:41] <johill> and wait for them to come back to your return_to url
285. [20:37:08] * SvenDowideit_ (n=SvenDowi@twiki/developer/SvenDowideit) has joined #openid
286. [20:38:23] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) Quit ()
287. [20:53:22] * SvenDowideit (n=SvenDowi@twiki/developer/SvenDowideit) Quit (Read error: 101 (Network is unreachable))
288. [21:59:20] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) Quit (No route to host)
289. [22:08:23] * doctormo (n=doctormo@pool-68-163-139-10.bos.east.verizon.net) has joined #openid
290. [22:44:55] * samsm (n=samsm@75.131.196.140) Quit ("Leaving...")
291. [23:05:20] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) Quit ("see yas")
292. [23:27:37] * desudesu (n=me@unaffiliated/desu) has joined #openid
293. [23:29:25] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
294. [23:29:27] * desudesu is now known as desu
295. [23:49:36] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) has joined #openid

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.