Overriding default user agent used in OpenID (Yadis) HTTP Fetchers
7 views
Skip to first unread message
Todd Armstrong
Mar 13, 2015, 7:24:28 PM3/13/15
to simple...@googlegroups.com
This is related to my thread from yesterday titled "Previously Working OpenID Consumer no longer working".
I ran into an issue with an OpenID provider I am working with is treating backchannel requests from our OpenID consumer as bot requests and subjecting them to blocking/rate limiting, To get around this, the OpenID provider requested we set UserAgent to something specific to our OpenID consumer and they would then excude this UserAgent from this.
To accomplish this, I have tweaked ParanoidHTTPFetcher and PlainHTTPFetcher in lib/Auth/Yadis/ so that the "POST" requests set user agent similarly to how the get requests do by using the Auth_OpenID_USER_AGENT constant, have tweaked HTTPFetcher so it only defines this constant if it is not defined, and have defined this constant in a fashion specific to our OpenID consumer at the top of my config/config.php. This seems to be working, and the constant definition change in HTTPFetcher eliminated the 'spurious' constant is already defined exception/backtrace in the simpleSAMLphp log file.
Since I'm not well versed in PHP programming, simpleSAMLphp internals, I'm looking for some feedback regarding alternative/better ways to accomplish this.
And since I'm not familar with how simpleSAMLphp accomplishes/incorporates changes such as these, I'm also looking for some direction on how I might best go about getting this change set (or a better/more efficent version of it) picked up and included in a future version simpleSAMLphp so I can eliminate the need to reintegrate these changes when we migrate forward to newer versions of simpleSAMLphp (we expect to have at least a handful of sites running this OpenID consumer in a fashion that will require these changes).
Thanks in advance for your feedback,
Todd
Jaime Perez Crespo
Apr 10, 2015, 6:35:06 AM4/10/15
to simple...@googlegroups.com
Hi Todd,
Yadis is an external library that we use in the OpenID modules, but definitely not something we have control over. So you have two different options with regard to keeping the changes when upgrading SSP:
- either you contact the people responsible for the php-openid library to get your changes into pulled into the codebase (you can fork and provide a pull request here: https://github.com/openid/php-openid), or
- if it’s difficult to get your changes accepted, you can fork the php-openid library, apply your changes, make sure you also provide the same package, and use yours instead of openid/php-openid.
--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Yadis is an external library that we use in the OpenID modules, but definitely not something we have control over. So you have two different options with regard to keeping the changes when upgrading SSP:
- either you contact the people responsible for the php-openid library to get your changes into pulled into the codebase (you can fork and provide a pull request here: https://github.com/openid/php-openid), or
- if it’s difficult to get your changes accepted, you can fork the php-openid library, apply your changes, make sure you also provide the same package, and use yours instead of openid/php-openid.
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Reply all
Reply to author
Forward
0 new messages