DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (c43b0a75e166)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
Firefox ID server

NOTE: THIS IS AN EARLY ALPHA VERSION DESIGNED TO SHOWCASE THE PROTOCOL. SOME 
BACKEND FUNCTIONS ARE EMULATED FOR STAND ALONE SERVERS.

:Introduction:

The FirefoxID server is the back end component which allows a demonstration
of the FirefoxID process. For a detailed description of that process, design
and protocol, please refer to: https://wiki.mozilla.org/MozillaID

To assist in understanding, the current configuration runs without ssl, hoe

We welcome discussion. 


:Notes for setup:

The "out of the box" setup for the server creates an in-memory, stand-alone server suitable for running on a single machine and testing the protocol. Some additional steps are required, please refer to the Stand-alone section for additional details.

This module is constructed using Python 2.6 and Virtualenv 1.4.5+

::Basic Requirements::
The following packages are required. For simplicity, I have limited these to
the corresponding debian package names, however it should be reasonably 
simple to determine the corresponding package names for your system:

    python-2.6
    python-virtualenv
    (the following are required for stand-alone)
        openldap-devel
        openssl-devel 
    or
        libsasl2-dev
        libssl-dev 
    libcurl3-dev

We run the package via nginx, although there's no requirement for deployment.
    nginx

some additional optional packages
    python-2.6-dev
    python-2.6-profiler         (required for profile testing)
    gnuplot                     (for profile bench reports)
    python-gnuplot
    redis-server [v.2.0.4 +]    (alt. storage)
    python-redis                (or easy_install redis)
    mongodb
    pymongo     
    python-ldap                 (if using LDAP)
    libsasl2-dev
    libldap-dev
    libssl-dev
    mysql-devel                 (required for some installs using LDAP)

via the virtualenv easyinstall: 
    gunicorn

:Installation:
    #. pull the latest repository 
    #. modify openid.conf
    #. $ make build
    #. $ mkdir -p /etc/oidserver; cp etc/*.{ini,conf} /etc/oidserver
    #. $ bin/gunicorn -w 1 oidserver.run
        (Note: multiple workers are useful, but not recommended for debugging.
        if you are interested in living in the debugger, you may also wish to
        include -t 300 which will time out worker threads after 300 seconds,
        rather than the default 30 seconds.)

If you are using nginx as your server platform:
    #. $ cp conf/nginx/conf.d/*.conf /etc/nginx/conf.d
    Please note that due to nginx conf processing considerations, astatic.conf
    needs to be processed before other "s*" based rules are resolved.
    #. FOR UBUNTU Configurations:
        The packaged nginx configuration files are a bit different under 
        Ubuntu (10.04). You will need to either modify the 
        /etc/nginx/nginx.conf file or the individual nginx configuration
        files, or use the included conf/nginx/nginx.conf.UBUNTU file.


This should bring up a server.

:: Running a "stand-alone, in-memory server" ::
A stand-alone, in-memory server is a useful tool to play with the protocol 
without requiring the overhead of mongo, LDAP or other tools. The major 
issue with such a server is that restarting the server will flush all entries.

You will need to install nginx in order to use the stand-alone, in-memory 
server. 

::: Steps :::
#. Pull the latest repository

#. mkdir -p /etc/oidserver; cp etc/*.* /etc/oidserver

#. cp conf/nginx/conf.d/* /etc/nginx/conf.d/

#. customize for your platform.
It is STRONGLY recommended that you run nginx on port 80 and that your
/etc/nginx/nginx.conf contains the following server declaration in 
the http section:

    server {
        listen 80 default;
        include /etc/nginx/conf.d/*.conf;
    }

In addition, you should add the following declaration to 
/etc/nginx/conf.d/astatic.conf:

location ^~ /sample/ {
    allow all;
    root /var/www/;
}

#. mkdir -p /var/www/sample/; cp sample/* /var/www/sample

#. /etc/init.d/nginx restart

:: Running the Server ::

To run the server, simply execute:
$ bin/gunicorn -w 5 oidserver.run

For stand-alone servers, you may wish to run:
$ bin/gunicorn -w 1 oidserver.run -t 300

The demonstration page may be viewed at http://localhost/sample/. You should now be able to test the protocol. Email addresses may be anything. Only accounts with a password containing "bad" will be rejected.