FAQ
Hi there,

It seems that http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.05
fails on every front (and if you check the history it wasn't much
better in previous releases). So what you guys use as the LWP agent
for OpenID authentication?

Search Discussions

  • Bogdan Lucaciu at Jul 17, 2009 at 9:39 pm

    On Fri, Jul 17, 2009 at 11:33 PM, Zbigniew Lukasiak wrote:
    It seems that http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.05
    fails on every front (and if you check the history it wasn't much
    better in previous releases). ? So what you guys use as the LWP agent
    for OpenID authentication?
    Hey,

    I use the package in Debian
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bugQ8685
    From the changelog:
    * Explicitly require LWP::Debug so LWP::Debug::debug is available.
    From the diff file:
    --- liblwpx-paranoidagent-perl-1.04.orig/lib/LWPx/ParanoidAgent.pm
    +++ liblwpx-paranoidagent-perl-1.04/lib/LWPx/ParanoidAgent.pm
    @@ -1,5 +1,6 @@
    package LWPx::ParanoidAgent;
    require LWP::UserAgent;
    +require LWP::Debug;

    Enjoy :)

    --
    Bogdan Lucaciu
    Operations Manager, Sinapticode
    http://www.sinapticode.com
  • Ashley Pond V at Jul 18, 2009 at 12:16 am
    Yep. Sorry. I am working on a new one. Just keep getting stuck trying
    to update the tests to run correctly. I'll commit to getting a new
    one out this weekend even if I have to TODO the live tests for now.

    The real issue here though is that using LWP::UA instead of
    ParanoidAgent is a security problem. Someone can point your openid
    form at a tarpit "provider." So I would definitely *not* use this in
    production without it but recent updates to LWP broke ParanoidAgent
    which relies on some deprecated debug behavior.

    Brad Fitzpatrick and friends have done a great job getting these
    things together so I don't want to come off critical. The real answer
    here is to get ParanoidAgent fixed. If anyone can look at it and send
    a patch to that package, that would be the best thing. In the
    meanwhile I'll adjust the credential to at least be installable
    without failures.

    -Ashley
    On Jul 17, 2009, at 1:33 PM, Zbigniew Lukasiak wrote:

    Hi there,

    It seems that http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent
    +1.05
    fails on every front (and if you check the history it wasn't much
    better in previous releases). So what you guys use as the LWP agent
    for OpenID authentication?

    --
    Zbigniew Lukasiak
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/

    _______________________________________________
    List: Catalyst@lists.scsys.co.uk
    Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
    Searchable archive: http://www.mail-archive.com/
    catalyst@lists.scsys.co.uk/
    Dev site: http://dev.catalyst.perl.org/
  • Tatsuhiko Miyagawa at Jul 18, 2009 at 12:27 am
    I actually applied the same patch against its SVN repository a few
    weeks ago. I'll poke Brad to make a new release on CPAN.
    http://code.sixapart.com/svn/LWPx-ParanoidAgent/trunk/

    On Fri, Jul 17, 2009 at 5:17 PM, Ashleywrote:
    Brad Fitzpatrick and friends have done a great job getting these things
    together so I don't want to come off critical. The real answer here is to
    get ParanoidAgent fixed. If anyone can look at it and send a patch to that
    package, that would be the best thing. In the meanwhile I'll adjust the
    credential to at least be installable without failures.



    --
    Tatsuhiko Miyagawa
  • Zbigniew Lukasiak at Jul 18, 2009 at 6:16 am

    On Sat, Jul 18, 2009 at 2:27 AM, Tatsuhiko Miyagawawrote:
    I actually applied the same patch against its SVN repository a few
    weeks ago. I'll poke Brad to make a new release on CPAN.
    http://code.sixapart.com/svn/LWPx-ParanoidAgent/trunk/
    Thanks - that's great!

    While we are at it - it seems that there is also problem with the
    Crypt::DH package (which is another dependency)- this is nicely
    explained in DESCRIPTION in
    http://search.cpan.org/dist/Crypt-DH-GMP/lib/Crypt/DH/GMP.pm and it
    seems like a reasonable replacement.
  • Tatsuhiko Miyagawa at Jul 18, 2009 at 7:14 pm
    Brad just uploaded the module to CPAN.

    On Fri, Jul 17, 2009 at 5:27 PM, Tatsuhiko Miyagawawrote:
    I actually applied the same patch against its SVN repository a few
    weeks ago. I'll poke Brad to make a new release on CPAN.
    http://code.sixapart.com/svn/LWPx-ParanoidAgent/trunk/

    On Fri, Jul 17, 2009 at 5:17 PM, Ashleywrote:
    Brad Fitzpatrick and friends have done a great job getting these things
    together so I don't want to come off critical. The real answer here is to
    get ParanoidAgent fixed. If anyone can look at it and send a patch to that
    package, that would be the best thing. In the meanwhile I'll adjust the
    credential to at least be installable without failures.



    --
    Tatsuhiko Miyagawa


    --
    Tatsuhiko Miyagawa
  • Zbigniew Lukasiak at Jul 20, 2009 at 2:30 pm

    On Sat, Jul 18, 2009 at 9:14 PM, Tatsuhiko Miyagawawrote:
    Brad just uploaded the module to CPAN.
    Unfortunately it still fails everywhere:
    http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.06

    Here are my results:

    perl -Ilib t/00-all.t
    .
    .
    .
    Three 1-second redirect tarpits (tolerance 2)...
    2.008 secs
    ok 25
    ok 26
    ok 27
    5 second tarpit (tolerance 2)...
    not ok 28
    # Failed test at t/00-all.t line 180.
    3 second tarpit (tolerance 4)...
    ok 29
    Killing child pid: 7392
    # Looks like you failed 1 test of 29.

    I hope you can get in touch with Brad again. I understand that this
    is most probably just test error - and forcing the installation is not
    a problem for people who analyze it, but if I included this in other
    module - then the dependency would hide where the problem comes from.
    So I am still not ready to add OpenID to the CatalystX::SimpleLogin
    project.

    Cheers,
    Zbigniew
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/
  • Zbigniew Lukasiak at Jul 20, 2009 at 7:28 pm
    Next thing is that LWPx::ParanoidAgent does not set attributes from
    the call to 'new'. It is not documented there - so I guess this is
    fair from the side of LWPx::ParanoidAgent - but in line 62 in
    Catalyst::Authentication::Credential::OpenID there is:

    ua => $self->_config->{ua_class}->new(%{$self->_config->{ua_args} || {}}),

    so there is some misunderstanding between those two modules.

    But it would be nice if LWPx::ParanoidAgent did work like this.

    Cheers,
    Z.

    On Mon, Jul 20, 2009 at 4:30 PM, Zbigniew Lukasiakwrote:
    On Sat, Jul 18, 2009 at 9:14 PM, Tatsuhiko Miyagawawrote:
    Brad just uploaded the module to CPAN.
    Unfortunately it still fails everywhere:
    http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.06

    Here are my results:

    perl -Ilib t/00-all.t
    .
    .
    .
    Three 1-second redirect tarpits (tolerance 2)...
    ?2.008 secs
    ok 25
    ok 26
    ok 27
    5 second tarpit (tolerance 2)...
    not ok 28
    # ? Failed test at t/00-all.t line 180.
    3 second tarpit (tolerance 4)...
    ok 29
    Killing child pid: 7392
    # Looks like you failed 1 test of 29.

    I hope you can get in touch with Brad again. ?I understand that this
    is most probably just test error - and forcing the installation is not
    a problem for people who analyze it, but if I included this in other
    module - then the dependency would hide where the problem comes from.
    So I am still not ready to add OpenID to the CatalystX::SimpleLogin
    project.

    Cheers,
    Zbigniew
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/


    --
    Zbigniew Lukasiak
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/
  • Zbigniew Lukasiak at Jul 21, 2009 at 8:55 pm
    Sorry - OK - so this was not the really the problem, my analysis below
    was wrong. But still the tests of
    Catalyst-Authentication-Credential-OpenID fail and I would like
    someone to confirm that.

    zby@zby:~/progs/tmp/Catalyst-Authentication-Credential-OpenID-0.13$
    make test 2> errors
    PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e"
    "test_harness(0, 'inc', 'blib/lib', 'blib/arch')" t/00.load.t
    t/live_app.t t/pod-coverage.t t/pod.t
    t/00.load.t ....... ok
    t/live_app.t ...... Dubious, test returned 5 (wstat 1280, 0x500)
    Failed 5/17 subtests
    t/pod-coverage.t .. ok
    t/pod.t ........... ok

    Test Summary Report
    -------------------
    t/live_app.t (Wstat: 1280 Tests: 17 Failed: 5)
    Failed tests: 9-10, 12, 16-17
    Non-zero exit status: 5
    Files=4, Tests , 10 wallclock secs ( 0.05 usr 0.01 sys + 4.03 cusr
    0.34 csys = 4.43 CPU)
    Result: FAIL
    zby@zby:~/progs/tmp/Catalyst-Authentication-Credential-OpenID-0.13$

    The errors file is not attached - because it is above the quota and
    requires moderation - but I can send it to anyone off the list.

    The relevant versions prereqs:

    zby@zby:~/progs/tmp/Catalyst-Authentication-Credential-OpenID-0.13$
    perl Makefile.PL
    Cannot determine perl version info from
    lib/Catalyst/Authentication/Credential/OpenID.pm
    *** Module::AutoInstall version 1.03
    *** Checking for Perl dependencies...
    [Core Features]
    - LWPx::ParanoidAgent ...loaded. (1.06 >= 1.03)
    - Test::More ...loaded. (0.86 >= 0.42)
    - Net::OpenID::Server ...loaded. (1.02 >= 1.02)
    - Test::WWW::Mechanize ...loaded. (1.20 >= 1.20)
    - Net::DNS ...loaded. (0.63)
    - IO::Socket::INET ...loaded. (1.31)
    - parent ...loaded. (0.221 >= 0.2)
    - Class::Accessor::Fast ...loaded. (0.33)
    - HTML::Parser ...loaded. (3.60 >= 3)
    - LWP::UserAgent ...loaded. (5.824)
    - Cache::FastMmap ...loaded. (1.30 >= 1.28)
    - Catalyst ...loaded. (5.80007 >= 5.7)
    - Catalyst::Devel ...loaded. (1.17 >= 1)
    - Crypt::DH ...loaded. (0.06 >= 0.05)
    - Net::OpenID::Consumer ...loaded. (1.03 >= 1.03)
    - Catalyst::Authentication::User::Hash ...loaded. (0)
    - Catalyst::Plugin::Session::Store::FastMmap ...loaded. (0.11 >= 0.05)
    - Catalyst::Plugin::Session::State::Cookie ...loaded. (0.11 >= 0.08)
    - Catalyst::Engine::HTTP ...loaded. (0)
    *** Module::AutoInstall configuration finished.
    Writing Makefile for Catalyst::Authentication::Credential::OpenID
    zby@zby:~/progs/tmp/Catalyst-Authentication-Credential-OpenID-0.13$

    Cheers,
    Zbigniew

    On Mon, Jul 20, 2009 at 9:28 PM, Zbigniew Lukasiakwrote:
    Next thing is that LWPx::ParanoidAgent does not set attributes from
    the call to 'new'. ?It is not documented there - so I guess this is
    fair from the side of LWPx::ParanoidAgent - but in line 62 in
    Catalyst::Authentication::Credential::OpenID there is:

    ua => $self->_config->{ua_class}->new(%{$self->_config->{ua_args} || {}}),

    so there is some misunderstanding between those two modules.

    But it would be nice if LWPx::ParanoidAgent did work like this.

    Cheers,
    Z.

    On Mon, Jul 20, 2009 at 4:30 PM, Zbigniew Lukasiakwrote:
    On Sat, Jul 18, 2009 at 9:14 PM, Tatsuhiko Miyagawawrote:
    Brad just uploaded the module to CPAN.
    Unfortunately it still fails everywhere:
    http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.06

    Here are my results:

    perl -Ilib t/00-all.t
    .
    .
    .
    Three 1-second redirect tarpits (tolerance 2)...
    ?2.008 secs
    ok 25
    ok 26
    ok 27
    5 second tarpit (tolerance 2)...
    not ok 28
    # ? Failed test at t/00-all.t line 180.
    3 second tarpit (tolerance 4)...
    ok 29
    Killing child pid: 7392
    # Looks like you failed 1 test of 29.

    I hope you can get in touch with Brad again. ?I understand that this
    is most probably just test error - and forcing the installation is not
    a problem for people who analyze it, but if I included this in other
    module - then the dependency would hide where the problem comes from.
    So I am still not ready to add OpenID to the CatalystX::SimpleLogin
    project.

    Cheers,
    Zbigniew
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/


    --
    Zbigniew Lukasiak
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/


    --
    Zbigniew Lukasiak
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/
  • Zbigniew Lukasiak at Jul 31, 2009 at 7:08 am

    On Mon, Jul 20, 2009 at 4:30 PM, Zbigniew Lukasiakwrote:
    On Sat, Jul 18, 2009 at 9:14 PM, Tatsuhiko Miyagawawrote:
    Brad just uploaded the module to CPAN.
    Unfortunately it still fails everywhere:
    http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent+1.06
    I've analyzed the failure and posted a patch at:
    https://rt.cpan.org/Ticket/Display.html?idH345

    Cheers,
    Zbigniew
    http://brudnopis.blogspot.com/
    http://perlalchemy.blogspot.com/

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcatalyst @
categoriescatalyst, perl
postedJul 17, '09 at 8:33p
activeJul 31, '09 at 7:08a
posts10
users4
websitecatalystframework.org
irc#catalyst

People

Translate

site design / logo © 2021 Grokbase