Ringobot log - RingoJS IRC channel: #ringojs on irc.freenode.net
2010-08-28:
[6:12] <oberhamsi> hannesw, yes there are some nice oauth libs for nodejs.. tried to port them[6:12] <hannesw> oberhamsi did it work?
[6:13] <oberhamsi> no too much work..
[6:14] <oberhamsi> all those little utility functions to parse/encode queryparams.. and then figuring out javax.crypto which i found underdocumented
[6:16] <hannesw> i see
[6:19] <oberhamsi> i started with that http://github.com/ciaranj/node-oauth
[6:19] <hannesw> interesting, thanks
[6:20] <hannesw> regarding 0.6 - should we delay that or push it?
[6:21] <hannesw> I'm away for a week starting on monday
[6:22] <hannesw> I also thought about the whole websocket/comet thing yesterday
[6:22] <hannesw> came to the conclusion that we should include jetty-websocket by default (only 20 kB)
[6:23] <hannesw> and that cometd (the dojo foundation project, not comet the technology) probably is in fact too heavyweight for many
[6:24] <hannesw> so I'm considering building a ringo backend to Socket.IO http://github.com/LearnBoost/Socket.IO
[6:25] <hannesw> with native WebSocket support and everything else built in JS using async JSGI
[6:52] <oberhamsi> interesting
[6:53] <oberhamsi> re 0.6 i have updated my stuff, but probably better if you around after release.. new people showing up
[7:00] <oberhamsi> +1 jetty-websocket
[16:27] <robi42_> hannesw oberhamsi fyi: guess these link hrefs should be swapped -> http://github.com/ringo/ringojs/blob/master/docs/index.html#L12-L13
[16:28] <earl> feel free to push a fix :)
[16:32] <ringostarr> 1d57cc9 Robert Thurnher: Fix JS/Java API docs link hrefs (swap).
[16:32] <robi42_> well, done. :)
[17:41] <hannesw> robi42_ thanks
[18:26] <robi42_> hannesw, there's something wrong with profiler middleware? http://ringojs.org/demo/logging?profile=1
[18:27] <hannesw> no, just with that demo
[18:27] <robi42_> ok
[18:27] <hannesw> the code is all compiled, therefore no profiler results
[18:27] <hannesw> maybe putting some of the code into a separate module would help
[18:28] <robi42_> i see
[19:08] <mcepl> I have updated my blogging project to the latest RingoJS, but I somehow broke authentication ... suddenly I can access http://localhost:8080/admin/ without any questions are asked.
[19:08] <mcepl> any ideas anybody (http://gitorious.org/coelodonta/coelodonta/trees/master)
[19:13] <emilis_info> is it possible to include some functions in all modules, but not add them to every object?
[19:17] <mcepl> sorry, unping, I have commented out wrong line
[19:55] <ringostarr> f4af32a Hannes Walln?fer: Add initial WebSocket support
[19:58] <ringostarr> 75af29a Hannes Walln?fer: Fix overlooked usage of Array.prototype.peek()
[19:58] <ringostarr> 1d57cc9 Robert Thurnher: Fix JS/Java API docs link hrefs (swap).
[19:58] <ringostarr> f4af32a Hannes Walln?fer: Add initial WebSocket support
[20:05] <hannesw> oberhamsi looks like the deploy hook doesn't really update the git repo
[20:05] <hannesw> well the versions are there, but the repo is dirty and doesn't actually have the changes from the update
[20:05] <hannesw> strange...
[20:06] <ringostarr> 75af29a Hannes Walln?fer: Fix overlooked usage of Array.prototype.peek()
[20:06] <ringostarr> 1d57cc9 Robert Thurnher: Fix JS/Java API docs link hrefs (swap).
[20:06] <ringostarr> f4af32a Hannes Walln?fer: Add initial WebSocket support
[20:06] <ringostarr> 75af29a Hannes Walln?fer: Fix overlooked usage of Array.prototype.peek()
[20:07] <ringostarr> 1d57cc9 Robert Thurnher: Fix JS/Java API docs link hrefs (swap).
[20:07] <ringostarr> f4af32a Hannes Walln?fer: Add initial WebSocket support
[20:07] <mcepl> all: could somebody show me an example how to make ringojs app work with https? Where to put certificates, etc? Per default I get "ssl_error_rx_record_too_long"
[20:08] <mcepl> I see http://docs.codehaus.org/display/JETTY/How+to+configure+SSL, but how to apply this to ringojs?
[20:22] <hannesw> mcepl I've never done this
[20:23] <hannesw> as for step 4, the configuration file is in config/jetty.xml (or modules/config/jetty.xml if your app doesn't have its own)
[20:23] <mcepl> OK
[20:23] <mcepl> yes, I will try it
[20:24] <hannesw> connectors are defined right on top of that file
[20:26] <mcepl> you mean there has never been a production version of helmang/ringojs app? (I guess when doing a production environment you get into doing at least some https) Sobering thought.
[20:28] <hannesw> well ringojs is pretty young, we're at version 0.5
[20:28] <hannesw> also, not every site uses https
[20:28] <mcepl> OK
[20:28] <mcepl> anyway, what about this http://fpaste.org/oM2s/ ?
[20:29] <robi42_> mcepl, there've been (are) several helma apps using ssl in production. :)
[20:29] <mcepl> ufff
[20:30] <robi42_> and jdk keytool / jetty config & co.'s the way to go, yes
[20:30] <hannesw> ah, i guess you need to add some jetty jar file
[20:32] <hannesw> no, the class should be in jetty-server.jar... strange
[20:34] <hannesw> now i know - this is the old class name - it's now called org.eclipse.jetty.server.ssl.SslSocketConnector
[20:34] <mcepl> yeah, looks so
[20:34] <hannesw> maybe there's an up-to-date version of this page on the eclipse-jetty wiki...
[20:35] <hannesw> bingo:
[20:35] <hannesw> http://wiki.eclipse.org/Jetty/Reference/SSL_Connectors
[20:41] <mcepl> what is the order in which middleware in require("config").middleware is processed?
[20:41] <hannesw> from first to last
[20:43] <mcepl> damn, then there is something wrong with my onlyhttps middleware :(
[20:53] <mcepl> http://gitorious.org/coelodonta/coelodonta/blobs/master/middleware/onlyhttps.js ... this must be broken then :(
[20:54] <mcepl> how does try/catch/throw work in ringoJS?
[20:55] <mcepl> I mean how to correctly restart whole process ?
[20:56] <hannesw> mcepl what do you mean by restarting the whole process?
[20:57] <mcepl> well, whole middleware should be "if using http protocol, go to the same URL but with https instead"
[20:58] <mcepl> so, if I go to http://localhost:8080/admin/ it would terminate whole process of going through middleware and app and restart it with https://localhost:8443/admin/
[20:59] <hannesw> yes, if you throw the redirect execution of middleware is interrupted
[21:00] <hannesw> and then when the browser requests the https URL it starts from scratch
[21:00] <hannesw> is the redirect not working? does it show an error/exception?
[21:01] <hannesw> I think the ability to throw redirects may be a ringo/webapp-only feature
[21:01] <hannesw> (it's not part of JSGI)
[21:02] <mcepl> no, it just goes through as if my middleware wasn't there
[21:02] <hannesw> i see
[21:03] <mcepl> OK, I will debug whether it does what I think it should
[21:06] <mcepl> moreover, it does so without hitting basicauth apparently
[21:16] <earl> ok, let's start with the most trivial middleware: http://gist.github.com/555639
[21:17] <earl> when i hook this up into config.js, i get a nice "httpsonly: http" log output
[21:17] <earl> next step: get jetty working with ssl
[21:23] <earl> for that generate a keystore with `keytool -keystore keystore -alias jetty -genkey -keyalg RSA
[21:23] <earl> `
[21:24] <earl> in the config/ directory
[21:25] <earl> and add an appropriate stanza to config/jetty.xml:
[21:25] <earl> http://gist.github.com/555639#file_jetty.xml
[21:25] <earl> with that in place, access via https://localhost:8443/ will work and give "httpsonly: https" as log output
[21:29] <earl> final step: check for http and redirect to https when needed
[21:30] <earl> the `throw {redirect:}` won't work here, as middleware is pure jsgi
[21:31] <earl> use `return {status: 303, headers: {location: 'https://localhost:8443/'}, body: []};
[21:31] <earl> ` instead (or something similar)
[21:33] <earl> not strictly true, since the bare jsgi environment will already be augmented to a ringojs request
[21:33] <earl> but you need to return a raw jsgi response nevertheless
[21:33] <mcepl> thanks
[21:34] <mcepl> my app now works with https, but the last part is very helpful
[21:34] <earl> i updated http://gist.github.com/555639#file_httpsonly.js to a minimal middleware that always redirects to https
[21:34] <earl> (i tested this, and it works for me(tm))
[21:38] <earl> hannesw_, oberhamsi: using git-pull in the jsdoc hook is probably a bad idea
[21:38] <hannesw_> earl - why?
[21:39] <earl> 'cause it will bark when someone foce-pushes to mainline
[21:39] <hannesw_> ah ok
[21:39] <hannesw_> doesn't happen too often, though
[21:40] <earl> somewhat recent gits have a force-pull option that may work (didn't yet try it myself)
[21:40] <earl> i.e. git pull --force
[21:40] <earl> otherwise just manually fetch the remote first, and then hard-reset
[21:41] <earl> i.e. `git fetch origin; git reset --hard origin/master`
[21:43] <mcepl> earl: I have this http://gist.github.com/555657 and it doesn't seem to work ... again ... I get through without doing any authentication (with or without https) and I get error log in the page (http://mcepl.fedorapeople.org/tmp/Sn%C3%ADmek%20obrazovky-Mozilla%20Firefox.png)
[21:45] <earl> mcepl: i don't really follow? what does this have to do with authentication?
[21:47] <earl> your onlyhttps looks fine to me. for auth you'll need some auth middleware (e.g. basicauth)
[21:48] <mcepl> this is my config.js https://gist.github.com/c98777e222331fa8e407 ... the idea is that given Basic auth is plain text, I would rather allow it for authenticated URLs only with https
[21:48] <mcepl> so there is first onlyhttps which should work as a barrier against basicauth without https
[21:49] <earl> i see
[21:49] <earl> what version of ringo are you using?
[21:50] <mcepl> fresh checkout from git
[21:50] <earl> the preferred middleware config has changed some time ago
[21:50] <mcepl> BTW, your onlyhttps works fine (http://localhost:8080 redirects to https://localhost:8443)
[21:50] <earl> but i don't think that should have any effect on your problem
[21:51] <mcepl> this is what I've got from (some weeks ago, true) from ringo-admin create
[21:52] <mcepl> but with your middleware I also get to /admin/ pages without authentication
[21:53] <earl> well, i think the best way to proceed is to add some debug logging to the basicauth middleware
[21:54] <earl> most importantly, start with a log entry at the very top of the innermost "function (req)" in basicauth.js to see if the middleware gets called at all
[21:54] <earl> (don't see a reason why it should not, but just to be sure)
[21:56] <earl> and then debug thru the "toAuth" foreach at the top
[21:57] <earl> maybe some url parsing is messed up for https, so that req.scriptName is not set properly
[21:58] <mcepl> actually yes
[21:58] <mcepl> it is called
[22:01] <mcepl> BTW, req.path is undefined ... it should be req.pathInfo
[22:03] <earl> hmm
[22:03] <earl> basicauth after my httpsonly middleware works fine for me
[22:08] <earl> here's the config.js i'm using: http://gist.github.com/555639#file_config.js
[22:08] <mcepl> even if you go to http:// first?
[22:08] <earl> yes
[22:11] <earl> after adding a debug log statement to the basicauth module, here's the sequence i get
[22:11] <earl> http, redirecting to https, https, auth required
[22:15] <ringostarr> ba06287 Andreas Bolka: Minor stylistic adaptations in webapp skeleton
[22:17] <earl> mcepl: gotta run now. good luck with your app
){kind=link}