Re: [Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
On Apr 7, 2008, at 10:30 AM, Jay K wrote:
Hi Ashley,
Sorry for the delay, It sounds quite interesting. Are you working off
of the auth module in svn at the moment, or the released version. I
ask because there are changes in svn that might make it easier to
implement. I'm in the process of documenting those changes for a
release soon. Namely, the realm has much more control (more hook
points) in the auth process - might be useful.
Anyway - let me know if I can help in any way.
Working from the CPAN version.
http://search.cpan.org/dist/Catalyst-Authentication-Credential-OpenID/
(Ignore the extra Documentation link, I left a trash copy of the
file in there and need to get it out; I'll try tonight when I've got
time; I notice another mistake -- I left the store class in the
sample config but it doesn't exist yet.)
I'd love to see your new stuff. I'll take a look later. I am
already basically using the realm for everything. Don't know
what the new looks like but the old was pretty easy to follow
and I was grateful for the internals info you put in the POD.
The only current real configuration option, for example, is that
you can set your own user agent and pass it arguments. From the POD-
Plugin::Authentication:
default_realm: members
realms:
openid:
credential:
class: OpenID
ua_class: LWPx::ParanoidAgent
ua_args:
whitelisted_hosts:
- 127.0.0.1
- localhost
On Apr 5, 2008, at 10:11 PM, Ashley wrote:
On Apr 5, 2008, at 8:44 PM, J. Shirley wrote:
On Wed, Apr 2, 2008 at 9:38 PM, Ashley [EMAIL PROTECTED] wrote:
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge
of the
Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on
docs and
trying to making it tested and bomb-proof I want to check with all
y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from
Tatsuhiko Miyagawa
and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
This sounds like the right direction to me. I'm eager to see the
new
work, as well. Do you have a dev package available?
Great. I worked on it a bunch today and got a working test app with
it running a provider and a consumer along with some plain text
inline Auth so it can test itself. I managed to use some of JRock's
test stuff + some of JK's to write a live test that I *think* is
okay. It's difficult to know because the test server has to run with
forking so it can answer its own requests but it's passing in my env
on OS X at least. It's minimal but there is a working OpenID server
example in the t/TestApp code.
I'm trying to do some reasonable POD right now and I was hoping to
get a slightly messy 0.01 on the CPAN tonight (missing the OpenID
store class which I'd really like to have but that's another day+ to
write and test which might push it off a week or more). I have my
own svn server but since it's just me, it's messy with poor revision
messages and I check in broken stuff so I can get it between my
machines... that said, if you can't wait or I'm too slow: http://
dev.perlperl.com/cpan/trunk/CA-OpenID/
(that should be open for checkouts; I just flipped it to public).
Also, if you need proper commit bits to the main Catalyst repos
please let me know
and I'll get that sorted out for you.
I would love that. If nothing else, I'd be glad to tackle typo/small-
fish bugs and help update some of the document drift in
authentication stuff.
I'm getting ready to start working on another OpenID consumer
application, and would like to use your work.
I hope you do and please if any room for improvement jumps out at
you, don't be shy. I worked a bunch with OpenID last year on a
contract but I'm no guru with it.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
---
Those who can make you believe absurdities can make you commit
atrocities. --Voltaire
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
On Wed, Apr 2, 2008 at 9:38 PM, Ashley [EMAIL PROTECTED] wrote:
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge of the
Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on docs and
trying to making it tested and bomb-proof I want to check with all y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from Tatsuhiko Miyagawa
and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
I considered including the legacy parts of CPA::Credential::OpenID,
specifically authenticate_openid(), but have come out against it as too
confusing without a big enough user base to justify it. Contrary arguments
are welcome.
The docs and error feedback will note that the store class Null (with user
class User::Hash) is the only built-in supported one. I plan to add a
namespace-preserving data slurp on the OpenID stuff (though I haven't looked
at how/where this will work so it might be wishful thinking for now) so that
arbitrary things like Simple Registration will be brought in as a
sub-hash-ref instead of multiple key-val pairs at the top of the user
object. Perhaps this is where a user class for OpenID should happen; it
would follow the OpenId spec and refuse to find_user unless the required
fields were present.
So, that would mean the package (with two classes, credential and user)
would be released together under the otherwise empty namespace
Catalyst::Authentication::OpenID(???).
Also, OpenID stuff can be difficult, to put it mildly, to debug so I'd like
to put in lots of debug statements. What is (or which module represents) the
current best practice for per module debug handling so it can be toggled (in
the config?)?
Related:
http://openid.net/specs/openid-simple-registration-extension-1_0.html
Do the name change and general direction sound right?
-Ashley
--
PS: 바보 to that thread.
Hey Ashley,
This sounds like the right direction to me. I'm eager to see the new
work, as well. Do you have a dev package available? Also, if you
need proper commit bits to the main Catalyst repos please let me know
and I'll get that sorted out for you.
I'm getting ready to start working on another OpenID consumer
application, and would like to use your work.
Thanks,
-Jay
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
On Apr 5, 2008, at 8:44 PM, J. Shirley wrote:
On Wed, Apr 2, 2008 at 9:38 PM, Ashley [EMAIL PROTECTED] wrote:
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge
of the
Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on
docs and
trying to making it tested and bomb-proof I want to check with all
y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from
Tatsuhiko Miyagawa
and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
This sounds like the right direction to me. I'm eager to see the new
work, as well. Do you have a dev package available?
Great. I worked on it a bunch today and got a working test app with
it running a provider and a consumer along with some plain text
inline Auth so it can test itself. I managed to use some of JRock's
test stuff + some of JK's to write a live test that I *think* is
okay. It's difficult to know because the test server has to run with
forking so it can answer its own requests but it's passing in my env
on OS X at least. It's minimal but there is a working OpenID server
example in the t/TestApp code.
I'm trying to do some reasonable POD right now and I was hoping to
get a slightly messy 0.01 on the CPAN tonight (missing the OpenID
store class which I'd really like to have but that's another day+ to
write and test which might push it off a week or more). I have my own
svn server but since it's just me, it's messy with poor revision
messages and I check in broken stuff so I can get it between my
machines... that said, if you can't wait or I'm too slow: http://
dev.perlperl.com/cpan/trunk/CA-OpenID/ (that should be open for
checkouts; I just flipped it to public).
Also, if you need proper commit bits to the main Catalyst repos
please let me know
and I'll get that sorted out for you.
I would love that. If nothing else, I'd be glad to tackle typo/small-
fish bugs and help update some of the document drift in
authentication stuff.
I'm getting ready to start working on another OpenID consumer
application, and would like to use your work.
I hope you do and please if any room for improvement jumps out at
you, don't be shy. I worked a bunch with OpenID last year on a
contract but I'm no guru with it.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge of
the Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on docs
and trying to making it tested and bomb-proof I want to check with
all y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from Tatsuhiko
Miyagawa and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
I considered including the legacy parts of CPA::Credential::OpenID,
specifically authenticate_openid(), but have come out against it as
too confusing without a big enough user base to justify it. Contrary
arguments are welcome.
The docs and error feedback will note that the store class Null (with
user class User::Hash) is the only built-in supported one. I plan to
add a namespace-preserving data slurp on the OpenID stuff (though I
haven't looked at how/where this will work so it might be wishful
thinking for now) so that arbitrary things like Simple Registration
will be brought in as a sub-hash-ref instead of multiple key-val
pairs at the top of the user object. Perhaps this is where a user
class for OpenID should happen; it would follow the OpenId spec and
refuse to find_user unless the required fields were present.
So, that would mean the package (with two classes, credential and
user) would be released together under the otherwise empty namespace
Catalyst::Authentication::OpenID(???).
Also, OpenID stuff can be difficult, to put it mildly, to debug so
I'd like to put in lots of debug statements. What is (or which module
represents) the current best practice for per module debug handling
so it can be toggled (in the config?)?
Related:
http://openid.net/specs/openid-simple-registration-extension-1_0.html
Do the name change and general direction sound right?
-Ashley
--
PS: 바보 to that thread.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
