IRC Log for #openid on 2009-06-21

Timestamps are in UTC.

  1. [00:35:30] * Tykling (i=tykling@gibfest.dk) has left #openid
  2. [00:49:01] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) has joined #openid
  3. [01:49:00] * Osurac (n=mikeg@adsl-074-182-167-053.sip.hsv.bellsouth.net) has joined #openid
  4. [02:29:11] * jonathanzenor (n=chatzill@97-112-132-8.clsp.qwest.net) Quit ("ChatZilla 0.9.85 [Firefox 3.0.11/2009060214]")
  5. [03:52:44] * MasterZ (n=JonZ@97-112-132-8.clsp.qwest.net) has joined #openid
  6. [03:53:00] <MasterZ> Hey guys, this is JonathanZenor that has been in here a couple times today
  7. [03:53:08] <MasterZ> finally logged in with my own account :p
  8. [04:02:51] * singpoly1a (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) has joined #openid
  9. [04:03:34] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) Quit (Read error: 54 (Connection reset by peer))
  10. [04:53:18] <flaccid> MasterZ tip don't change nicknames :)
  11. [05:02:22] <MasterZ> lol
  12. [05:02:35] <MasterZ> Before I logged in from the web app
  13. [05:02:41] <MasterZ> which choose my name for me
  14. [05:03:01] <MasterZ> once I logged in with my IRC client, I logged in with my already existing account
  15. [05:03:59] <MasterZ> Got the basics of my site done!
  16. [05:05:13] <flaccid> cool
  17. [05:05:45] <MasterZ> Login & register with OpenID, register as many openID accounts as you want, set up a delegate site and use a simple url as an open id
  18. [05:05:59] <MasterZ> and that's about all it does right now, lol
  19. [05:06:33] <flaccid> are you sure you want to encourage more than 1 identity per user?
  20. [05:07:09] <MasterZ> You can register all of hte OpenID URL's under one account, one username
  21. [05:08:31] <MasterZ> it isn't secure by any means though, I need to add input validation
  22. [05:08:34] <MasterZ> that will be next week's task
  23. [05:09:00] <flaccid> the point of openid is one identity, thus one identity URL
  24. [05:10:17] <MasterZ> yeah, but many people have multiple identities
  25. [05:10:33] <MasterZ> I have blogger, myopenid, then I decided to use Verisign
  26. [05:10:47] <MasterZ> I only use one at a time, but having a page that lists them all is benefitial
  27. [05:10:48] <MasterZ> plus
  28. [05:11:08] <MasterZ> I was told htat part of the openID standard is to allow multiple OpenID URL's to be tied to one account
  29. [05:11:25] <MasterZ> also helps in case one URL goes down, you have another to use already associated with the site
  30. [05:17:01] <MasterZ> well, Night everyone
  31. [05:17:46] * MasterZ (n=JonZ@97-112-132-8.clsp.qwest.net) Quit ()
  32. [05:22:13] <flaccid> yes multiple ids with different sites, not on 1 site. the reason we have to allow this is because of the wrong activity by these sites
  33. [05:22:36] <flaccid> i'll have to let him know later because that is insane
  34. [06:41:06] * singpoly1a (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) Quit ("Lost terminal")
  35. [08:59:29] * Tykling (i=tykling@gibfest.dk) has joined #openid
  36. [09:18:48] * Osurac (n=mikeg@adsl-074-182-167-053.sip.hsv.bellsouth.net) Quit (Read error: 60 (Operation timed out))
  37. [09:49:12] * jochen (n=jochen@91.182.171.129) has joined #openid
  38. [10:37:35] * xpo (n=xpo@bearstech/xpo) has joined #openid
  39. [10:41:28] * qwp0 (n=qwp0@gw.localnet.sk) has joined #openid
  40. [11:09:44] * qwp0 (n=qwp0@gw.localnet.sk) Quit (Remote closed the connection)
  41. [11:11:24] * qwp0 (n=qwp0@gw.localnet.sk) has joined #openid
  42. [11:32:48] * qwp0 (n=qwp0@gw.localnet.sk) Quit (Remote closed the connection)
  43. [11:43:27] * qwp0 (n=qwp0@gw.localnet.sk) has joined #openid
  44. [11:45:55] * jochen (n=jochen@91.182.171.129) Quit (verne.freenode.net irc.freenode.net)
  45. [11:45:55] * asjo (n=asjo@1303ds1-by.0.fullrate.dk) Quit (verne.freenode.net irc.freenode.net)
  46. [11:46:11] * jochen (n=jochen@91.182.171.129) has joined #openid
  47. [11:46:11] * asjo (n=asjo@1303ds1-by.0.fullrate.dk) has joined #openid
  48. [11:47:30] * qwp0 (n=qwp0@gw.localnet.sk) Quit (Remote closed the connection)
  49. [11:48:11] * qwp0 (n=qwp0@gw.localnet.sk) has joined #openid
  50. [12:28:51] * qwp0 (n=qwp0@gw.localnet.sk) Quit (Read error: 113 (No route to host))
  51. [12:29:18] * Osurac (n=mikeg@adsl-074-182-167-053.sip.hsv.bellsouth.net) has joined #openid
  52. [13:18:21] * qwp0 (n=qwp0@gw.localnet.sk) has joined #openid
  53. [14:05:27] * flaccid_ (n=chris@127.185.233.220.static.exetel.com.au) has joined #openid
  54. [14:19:12] * flaccid (n=chris@127.185.233.220.static.exetel.com.au) Quit (Read error: 110 (Connection timed out))
  55. [14:25:08] * flaccid_ is now known as flaccid
  56. [14:30:49] * Orango|Mobile (n=s-e@wikimedia/Orango) has joined #openid
  57. [14:31:23] * Orango|Mobile (n=s-e@wikimedia/Orango) Quit (Client Quit)
  58. [14:34:01] * jochen (n=jochen@91.182.171.129) Quit (Read error: 104 (Connection reset by peer))
  59. [14:34:16] * jochen (n=jochen@91.182.171.129) has joined #openid
  60. [15:44:53] * Orango (n=s-e@wikimedia/Orango) has joined #openid
  61. [15:46:01] * Orango (n=s-e@wikimedia/Orango) Quit (Client Quit)
  62. [15:51:23] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) has joined #openid
  63. [16:26:05] * Peng_ (n=mnordhof@tick.mattnordhoff.com) Quit (Read error: 60 (Operation timed out))
  64. [16:37:52] * Peng_ (n=mnordhof@cheezum.mattnordhoff.com) has joined #openid
  65. [16:41:21] <flaccid> facebook linked accounts thinks my wp delegation is openid 1.0 wtf
  66. [16:56:38] <flaccid> bah http://bugs.developers.facebook.com/show_bug.cgi?id=5414
  67. [16:56:50] <flaccid> how can a multi-billion dollar site be so amateurish ????
  68. [17:51:17] * qwp0 (n=qwp0@gw.localnet.sk) Quit (Remote closed the connection)
  69. [17:54:31] <Politoed> flaccid, MasterZ was right about that multiple openids
  70. [17:55:16] <flaccid> in what respect ?
  71. [17:58:09] <Politoed> I mean, I think he's right
  72. [17:59:13] <Politoed> about letting a user associate multiple openIDs to one account, as a way to prevent if you lose access to an account for some reason
  73. [17:59:32] <flaccid> sure
  74. [17:59:39] <flaccid> but his example was on this singular site.
  75. [18:00:40] <Politoed> I know
  76. [18:00:59] <flaccid> i'll rest my case then :)
  77. [18:01:07] <Politoed> ?
  78. [18:01:12] <Politoed> stackoverflow, for example, allows you to associate multiple identities to a single account
  79. [18:01:49] <flaccid> and so do i
  80. [18:02:05] <Politoed> isn't this what he was talking about?
  81. [18:02:10] <flaccid> nah
  82. [18:02:24] <flaccid> he was talking about hosting multiple delegated IDs for no reason
  83. [18:02:31] <flaccid> foo.bar.com
  84. [18:02:35] <flaccid> morefoo.bar.com
  85. [18:02:39] <flaccid> extrafoo.bar.com
  86. [18:02:45] <flaccid> then the server goes down...
  87. [18:03:21] <flaccid> 1. no point having multiple identities, it reduced integrity entirely. 2. server or domain goes down, all goes down
  88. [18:06:41] <Politoed> ok, now that looks silly
  89. [18:06:47] <Politoed> I guess I missunderstood what he said
  90. [18:07:45] <flaccid> all good :)
  91. [19:08:00] * MrTopf (n=cs@p5B3D7293.dip.t-dialin.net) has joined #openid
  92. [19:57:57] * Orango (n=s-e@wikimedia/Orango) has joined #openid
  93. [20:52:40] * MasterZ (n=JonZ@97-112-132-8.clsp.qwest.net) has joined #openid
  94. [20:53:07] <MasterZ> Hey everyone
  95. [20:53:22] <Politoed> hi.
  96. [20:53:34] <MasterZ> how is everyone today?
  97. [20:57:14] <MasterZ> Got a question.. I'm using the Janrain PHP libraries, after a url is submitted and authenticated, how do I get the user's OpenID URL from the data that is returned from the OP?
  98. [20:57:53] * dblick (n=blick@c-24-18-234-107.hsd1.wa.comcast.net) has joined #openid
  99. [20:59:02] <MasterZ> anyone know?
  100. [21:02:48] * dblick (n=blick@c-24-18-234-107.hsd1.wa.comcast.net) Quit ("Leaving.")
  101. [21:06:10] <flaccid> hi MasterZ
  102. [21:06:31] <MasterZ> Hello flaccid
  103. [21:07:44] <MasterZ> did you see hte question I asked earlier?
  104. [21:07:54] <flaccid> yeah but it is confusing
  105. [21:08:07] <MasterZ> here is how I discovered it
  106. [21:08:27] <MasterZ> my website, it saves the url that the user enters into the openid_url text box
  107. [21:08:49] <MasterZ> now, if I enter Yahoo's openid url: www.yahoo.com
  108. [21:08:56] <MasterZ> there is no username or anything associated with it
  109. [21:09:09] <flaccid> yeah thats check_immediate iirc
  110. [21:09:14] <MasterZ> yahoo sends the user's real url back to the RP
  111. [21:12:27] <MasterZ> where is the documentation on the libraries? I can't seem to find it on the website
  112. [21:14:54] <flaccid> which library ?
  113. [21:15:03] <MasterZ> PHP OpenID Library
  114. [21:15:38] <flaccid> MasterZ http://openidenabled.com/files/php-openid/docs/2.1.3/
  115. [21:16:45] <MasterZ> don't see anything mentioning check_immediate
  116. [21:17:07] <flaccid> thats covered in the spec
  117. [21:17:57] <MasterZ> but how do I fetch it from the class?
  118. [21:18:29] <flaccid> fetch what sorry?
  119. [21:19:40] <MasterZ> When Yahoo sends the url back, I want to use that URL instead of the URL that the person entered into the login form
  120. [21:20:41] <flaccid> ok so post normalisation. there is nothing stopping you from doing that with php-openid. the example shows that
  121. [21:21:03] <MasterZ> k, I'll go through the example again
  122. [21:21:33] <MasterZ> wait, normalization is the url being formatted in a standard way, right?
  123. [21:21:42] <flaccid> yeawh
  124. [21:21:54] <MasterZ> that's not what I mean
  125. [21:22:08] <MasterZ> if I enter "http://www.yahoo.com" into my form to login
  126. [21:22:23] <MasterZ> then I login to yahoo
  127. [21:22:31] <MasterZ> yahoo sends back a different login url, which is my proper url
  128. [21:22:36] <flaccid> i think you need to read up on how check_immediate is meant to work in the spec
  129. [21:22:43] <flaccid> yep
  130. [21:22:47] <flaccid> and..
  131. [21:23:21] <flaccid> 'i want to use that URL'... thats your control
  132. [21:23:52] <MasterZ> found my yahoo login url
  133. [21:23:54] <MasterZ> https://me.yahoo.com/a/vTQApHAzsNQ5FaVdKRJxJlLlt0Yp
  134. [21:24:12] <MasterZ> that is the url that yahoo returns, which my script needs to save and use to login
  135. [21:24:22] <flaccid> oh
  136. [21:24:26] <flaccid> um
  137. [21:24:43] <flaccid> i have not experimented with yahoo so i am not sure i can help
  138. [21:25:09] <flaccid> i can have a look at the spec again but
  139. [21:25:37] <MasterZ> :( bummer, I'm sure it is built into the classes
  140. [21:26:21] <MasterZ> there has to be some way I can grab that info, it works in the wikimedia OpenID which looks like it uses the same class
  141. [21:26:29] <MasterZ> i'll just search the examples some more
  142. [21:26:44] <flaccid> MasterZ logic is not in the libs
  143. [21:26:58] <flaccid> thats not how it goes
  144. [21:27:06] <flaccid> i suggest you read the spec
  145. [21:27:33] <MasterZ> i've read it, but don't know how to put it into use :-/
  146. [21:27:56] <flaccid> ok
  147. [21:27:58] <flaccid> http://openid.net/specs/openid-authentication-2_0.html#anchor28
  148. [21:29:25] <flaccid> i might have to re-visit this one myslef tbh
  149. [21:29:40] <MasterZ> Methods of identifying authorized end users and obtaining approval to return an OpenID Authentication assertion are beyond the scope of this specification
  150. [21:30:13] <flaccid> yeah its server-side logic in that case
  151. [21:30:48] <MasterZ> it's got to be built into the library.. other people that use hte library use it that way... just need to figure out how
  152. [21:31:07] <flaccid> i disagree
  153. [21:31:28] <flaccid> the libs have no idea about any website's internal auth mechanism
  154. [21:31:41] <flaccid> the libs cannot assert any user
  155. [21:32:05] <MasterZ> but doesn't the libs handle information returned from the OP?
  156. [21:32:30] <flaccid> yes thats the next step in 10.
  157. [21:32:46] <MasterZ> next step in 10?
  158. [21:33:00] <flaccid> yeah
  159. [21:33:07] <MasterZ> what does that mean?
  160. [21:33:59] <flaccid> 10. Responding to Authentication Requests
  161. [21:37:59] <MasterZ> Hey flaccid
  162. [21:38:06] <MasterZ> do you have easy access to the examples?
  163. [21:38:44] <MasterZ> just downloaded the libs just to use the examples, /examples/consumer works
  164. [21:38:53] <MasterZ> type in yahoo.com and it returns my proper url
  165. [21:38:53] <flaccid> no i don't sorry
  166. [21:38:56] <MasterZ> https://me.yahoo.com/a/vTQApHAzsNQ5FaVdKRJxJlLlt0Yp
  167. [21:39:10] <flaccid> that may not be the libs doing that..
  168. [21:39:13] <flaccid> you should check
  169. [21:39:19] <MasterZ> yeah, I will
  170. [21:39:24] <flaccid> tbh i don't know crap in this area
  171. [21:40:03] <MasterZ> lol
  172. [21:41:33] <flaccid> good luck trying to wake up the people in this channel help that i have no idea with ...
  173. [21:41:46] <MasterZ> weird
  174. [21:42:05] <MasterZ> I type in yahoo.com in the consumer example and it returns this
  175. [21:42:07] <MasterZ> OpenID authentication failed: No OpenID information found at https://me.yahoo.com/a/vTQApHAzsNQ5FaVdKRJxJlLlt0Yp#5ab53
  176. [21:42:18] <MasterZ> returns proper url but failed
  177. [21:48:31] <MasterZ> this just doesn't like yahoo lol
  178. [21:49:11] <MasterZ> if I enter my yahoo id directly I get an error that it is not a valid OpenID
  179. [21:49:34] <MasterZ> if I enter yahoo.com it returns the proper address but says it failed
  180. [21:50:59] * Orango (n=s-e@wikimedia/Orango) Quit ("Leaving")
  181. [21:51:54] <MasterZ> so, anybody know this stuff real well?
  182. [21:52:20] * MrTopf (n=cs@p5B3D7293.dip.t-dialin.net) Quit ()
  183. [21:53:43] <MasterZ> sigh... why can't things just work right?
  184. [21:55:11] <flaccid> its not that simple.
  185. [21:55:19] <flaccid> its 8am and i have not slept
  186. [21:55:43] <flaccid> maybe i'll look at it later, but for now i have to sleep. good luck with anyone else responding.
  187. [21:56:47] <MasterZ> i'm not hte only one
  188. [21:56:49] <MasterZ> http://stackoverflow.com/questions/992682/janrains-php-openid-and-google-yahoo
  189. [21:56:50] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) Quit ("Lost terminal")
  190. [21:57:02] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) has joined #openid
  191. [21:57:54] <flaccid> pretty sure that aint news
  192. [21:58:37] <MasterZ> lol, thanks
  193. [21:58:42] <flaccid> i'll be back in 20 hours if nobody can help you. sorry i've been awake 30 hours
  194. [22:00:12] <MasterZ> lol
  195. [22:00:13] <MasterZ> get some sleep
  196. [22:00:20] <MasterZ> later, and thanks for the kind help flaccid
  197. [22:07:37] * jochen (n=jochen@91.182.171.129) Quit (Remote closed the connection)
  198. [22:23:40] * MrTopf (n=cs@p5B3D7293.dip.t-dialin.net) has joined #openid
  199. [22:28:25] * flaccid (n=chris@unaffiliated/flaccid) Quit (Read error: 113 (No route to host))
  200. [22:36:04] * singpolyma (n=singpoly@c-76-21-5-96.hsd1.ca.comcast.net) Quit ("Lost terminal")
  201. [22:54:10] * MrTopf (n=cs@p5B3D7293.dip.t-dialin.net) Quit ()
  202. [22:56:07] * dblick (n=blick@c-24-18-234-107.hsd1.wa.comcast.net) has joined #openid
  203. [22:56:41] * Orango (n=s-e@wikimedia/Orango) has joined #openid
  204. [23:00:34] <dblick> could anyone help me understand how POST and OpenID go together? i'm confused. suppose i want to authorize a POST request... my consumer sends a 307 redirect to the openid provider page... what happens to the post data?
  205. [23:06:10] <dblick> actually, i don't see how i can authorize a post request at all.
  206. [23:29:45] * benblack (n=bb@dsl254-017-242.sea1.dsl.speakeasy.net) Quit ("Leaving...")
  207. [23:51:32] <keturn> I'd store all the post data server-side and then process it as authorized once the openid finishes. then you'd need to add garbage collection for all the POSTs that happened but never had authorizations to finish them.
  208. [23:52:34] <dblick> it turns out i'm more confused than i thought... doesnt this require somewhere having a GET with side effects?
  209. [23:55:51] <keturn> when the user-agent comes back with the id_res response from the provider that might be a GET, yes
  210. [23:56:44] <dblick> drag...

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.