dobeywgrant: to use the u1 account on the phone for auth to launchpad in an app02:08
wgrantdobey: We're certainly never going to support validating tokens directly against SSO, but it may be acceptable to have a way to acquire a Launchpad one given an SSO one.02:41
wgrantBut then one must consider the security issues. SSO's OAuth model is very very broken.02:42
dobeySSO doesn't have an OAuth model02:45
wgrantIt does so.02:45
dobeyit has a token similar to an oauth token, and it supports oauth signatures, but it is not oauth02:46
* lifeless gets popcorn02:46
wgrantOAuth token02:46
wgrantAn OAuth token represents a token used to sign requests using the OAuth 1.0a spec.02:46
wgrantThe token acquisition method is thoroughly non-standard, but that doesn't matter here.02:47
dobeyyes, the token itself and the signing with hmac are the only parts of oauth that sso uses from oauth02:47
wgrantFundamentally, some random app on my phone that uses U1 for auth shouldn't also be able to log into LP as me.02:47
wgrantSSO OAuth model today does not support that.02:47
dobeywhy shouldn't it? if instead of an oauth token, the email/password were stored in the phone's keyring, an app could log into launchpad as you02:48
wgrantAnd if someone did that, they would be reckless.02:49
wgrantThis is why apps using SSO OAuth tokens directly is perilous.02:49
wgrantI actually only wanted to give the U1 app access to my U1 files, not root on every Ubuntu machine in the world.02:50
lifelessis this a time to trot out that authentication != authorisation - of the agent with the token02:50
wgrantThat's the problem.02:50
dobeythere is a big difference between u1 app access, and root on every machine in the world02:50
wgrantIn SSO authz == authn AFAIK.02:51
lifelessthe fact that it is a token is not sufficient to let it behave like you on every site that permits OAuth02:51
wgrantdobey: Right, but one needed an SSO OAuth token to access U1, and if that same token could be used to authenticate to LP...02:51
lifelessdobey: wgrant is arguing that if the same token from u1 app access can be given to LP to access LP's API, then for all the ubuntu core devs, it would be equivalent02:51
lifelessdobey: note not 'token from same source', but specifically 'same token'02:52
dobeylifeless, wgrant: note that i never suggested removing the additional level of access control on oauth tokens that launchpad has02:53
lifelessdobey: I'm not clear what you were proposing then02:53
lifelessdobey: (or what problem you're solving)02:54
dobeylifeless: launchpad's oauth token acquisition is also not strictly oauth1.0a either. if i could use the same token, using sso to do the validation and launchpad to control access, it would make it easier to provide a nice UX i think02:55
wgrantdobey: But that relies on SSO having token usage restrictions.02:58
wgrantIt does not today, so they cannot be acceptable for authentication to Launchpad.02:58
dobeywgrant: why? if launchpad keeps the token usage restriction it has now, on the lp side, sso itself doesn't need it, does it?02:59
wgrant(Launchpad can restrict the tokens all it likes, except how do you authorise them in the first place unless the token defaults to having token authorisation permissions, trivially defeating everything)02:59
wgrantTo authorise a token you need to authenticate yourself to LP. The way to do that today is through OpenID via SSO.03:00
wgrantSSO tokens are insufficiently secure to permit that, as unprivileged applications hold them.03:00
dobeywell, then i wonder how hard it would be to get oauth2 implemented on lp03:01
wgrantPrecisely describe the nature of the problem you're trying to resolve.03:01
dobeywriting an app that doesn't use the python library or gnome-keyring, but uses online-accounts03:02
dobeycurrently lp is oauth1.0a-but-not-quite, which makes it a bit more difficult than it should be03:03
wgrantWhat's the not quite bit?03:03
wgrantWe're almost exactly OAuth 1.0a03:03
wgrantUnlike SSO which has a totally different token acquisition dance.03:03
dobeyyes, almost exactly is not exactly :)03:03
wgrantI don't know of any material differences off-hand.03:04
dobeyempty consumer bits03:04
dobeyat least, the empty consumer bits was the issue i ran into last time i tried to make an online-accounts plug-in for lp03:05
wgrantRather than requiring explicit manual registration of each consumer, the consumer secret is always empty.03:05
wgrantGiven the consumer secret is usually hardcoded in the o-a plugin anyway, how does that complicate things?03:06
dobeyoh, looking at 1.0a spec again, it says consumer secrete may be empty, and that is the empty thing on lp, so maybe just a bug in online-accounts for that03:10
wgrantIf you can find the problem, we can examine how to fix it.03:11
wgrantBut SSO OAuth can never be used directly (it makes reliability impossible), and can't be used to generate new LP tokens directly due to the security design.03:11
dobeyanyway, i was just curious about sso as a means for majority of users to interact with bug reports and such. coredevs are obviously a special case03:12
wgrantBut core devs aren't a terribly special case.03:12
wgrantI also don't want a bug in my phone's U1 app to be able to compromise $important_trunk_branch.03:12
dobeyther eis no u1 app03:12
dobeythere is no u1 file sync or such any more03:13
wgrantThere was.03:13
dobeythere is only u1 the accounts system03:13
wgrantAnd there will probably be something similar again.03:13
dobeyand the account has always been separate from the file sync03:13
wgrantBut the token has not been.03:13
wgrantI remember SSO went down a few times because U1 started validating every request against it.03:13
wgrantAnyway, hopefully you can identify whatever it is that prevents o-a from working.03:22
=== Daryl_ is now known as Guest86047
ki7mtHello, do the personal +junk branches have an expiration set on them ?07:02
wgrantki7mt: No. They're just not associated with any particular project; they still stick around until you delete them.07:05
ki7mtwgrant, Ok, thanks.07:05
ki7mtwgrant, While Im here, I balled up when uploading a ppa, I added a package to the wrong PPA, now I have a PPA wiht two package, one correct and the other belongs to another PPA, how can I fix that?07:11
wgrantki7mt: On the PPA's page, click "View package details" then "Delete packages".07:13
ki7mtwgrant, :-) .. Yup I was just there, and added a Delete request. Should have looked better before asking. sri, been a long day.07:14
=== gcollura is now known as gcollura|brb
=== gcollura|brb is now known as gcollura
sergio-br2I have a armhf build that says "9 hours ago (estimated) "14:20
sergio-br2it's still building... is this normal?14:20
cjwatsonThe estimate's probably just gratuitously wrong because of insufficient data.  The build does appear to be making progress.14:22
cjwatson(As in, I've had the logtail change on reload)14:23
cjwatsonBig compiles under qemu can be not the fastest things in the world ever.14:24
=== charles_ is now known as charles
tewardcjwatson: ping, if you're around.15:52
tewardif you're in vacation mode still i'll leave you be, though.15:53
cjwatsonteward: I'm here15:54
tewardcjwatson: is there any way to confirm what you had said previously about non-alternate-arch PPAs being able to hold the alternate-arch packages?  Asked ahead of my requesting ARM builds on the PPAs I'm thinking about getting those builds on, to determine whether I have to deal with alternate-arch enablement on the production PPAs in addition to the staging PPAs.15:56
tewardyou had mentioned it should be easy to test...15:56
cjwatsonwell I already tested it15:57
cjwatsonI mean not with copies between two PPAs but that doesn't make a difference here15:57
cjwatsonyou only need to enable restricted architectures on the PPAs where you actually plan to build stuff15:57
tewardahhh, okay, awesome.  thanks :)15:58
=== gcollura_ is now known as gcollura
=== gcollura__ is now known as gcollura
Dry_LipsHi, is it possible to edit a comment I made on a bug report?21:06
cjwatsonDry_Lips: Not as such, but you can hide your own comment and post an improved version if you prefer.21:12
Dry_Lipswell, it was just a minor issue, one additional word that I would like to add if there was an easy way to edit my comment...21:13
cjwatsonI'm afraid not.  https://bugs.launchpad.net/launchpad/+bug/8089521:18
ubot5Ubuntu bug 80895 in Launchpad itself "comments on bugs/answers/merge proposals/etc cannot be edited" [Low,Triaged]21:18
cjwatsonIt would be a reasonable thing to have, but it's not a priority for the (stretched) core team at the moment.21:18
Dry_LipsYeah, that's something that I think many people would like to see implemented...21:24
Dry_LipsBut I understand that the team might not have resources to do something about it21:25

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!