[sldev] [AWG] the humble start of pyogp

[Enus Linden]

rockin Tao, thanks for the headstart...

Helpful info: the login endpoint I gave you was based on bad 
information. Try https://login1.aditi.lindenlab.com/cgi-bin/auth.cgi. 
That coupled with a mime type change has me logging in via urllib2 
(though a redirect is followed, hiding the seed cap from me at this 
point). Mime type of "test.xml" or "application/llsd+xml" has worked out 
so far.

As you pointed out, there's not an up to date set of login 
documentation. We plan to build against the protocol documentation, we 
need to have current docs. I've requested them... For login, the valid 
params to throw at auth.cgi are: lastname, firstname, password (or 
md5-password as '$1$' + md5-hash).

A quick a dirty curl is useful for testing the availability of the agent 
domain login on aditi, as it is occasionally overwritten and in need of 
an manual update:
curl -k -H "Content-Type: text/xml" -d 
"<llsd><map><key>firstname</key><string>yourfirstnamehere</string><key>lastname</key><string>yourlastnamehere</string><key>password</key><string>yoursupersecretpasswordhere</string></map></llsd>" 
https://login1.aditi.lindenlab.com/cgi-bin/auth.cgi

headed in the right direction....

enus




Christian Scholz / Tao Takashi (SL) wrote:
> Hi there!
>
> The last days I was experimenting in my spare time a bit with a structure for
>
> - a python library for the Open Grid Protocol
> - a python implementation of an agent domain for the Open Grid Protocol
> - getting Linden Lab's caps server to run
> - getting login with the experimental Agent Domain of Linden Lab to log me in.
>
> While login wasn't working (but I at least got it to tell me that
> authentication failed and not just returning a 500 error)
> the caps server seems to work and a structure for the library and
> agent domain has been started.
>
> I summarized all this in a blog post which you can find here:
>
> http://mrtopf.de/blog/secondlife/worldofsl/setting-up-a-framework-for-a-python-implementation-of-the-open-grid-protocol-technical/
>
> I would like to meetup with interested people maybe at the next
> AWGroupie meetup on tuesday to discuss this further.
> We probably shouldn't do it there directly but set a date and time for
> it as Donovan will talk about reverse HTTP then.
>
> As for the login I noticed the following:
>
> * The SLGOGP (or now OGP, to be found at
> http://wiki.secondlife.com/wiki/SLGOGP_Draft_1)  defines a login
> payload as
>
> { credential: credential , first_name: first , last_name: last }
>
> * The Login Strawman page at
> http://wiki.secondlife.com/wiki/Second_Life_Login_API_Strawman define
> it as e.g.
>
> { 'credential': { 'type': 'agent',
>                      'first_name': <first>,
>                      'last_name': <last>,
>                      'password': '$1$' + <passwd_md5> } }
>
> (or some future version which still have the 'credential' key in it though).
>
> * The agent domain branch of the client defines it as
>
> {       'firstname'        : '<first>',
>        'lastname'        : '<last>',
>         'md5-password' : '<password as md5>'
> }
>
> So we should make clear which version is the one to follow (I would
> prefer the OGP spec to have this).
> With the first 2 versions I get 500 errors back from the login script
> with the latter one I get a proper response but authentication fails
> (it says in some LLSD string)	.
> As it looks in the client source code the md5 hash seems to be without
> the leading $1$ but it's not working with either version anyway.
>
> The result is
>
> <?xml version="1.0" ?><llsd><map><key>reason</key><string>bad identity
> and authentication
> information</string><key>authenticated</key><boolean>false</boolean></map></llsd>
>
> My implementation of this can be found here:
> http://pysecondlife.googlecode.com/svn/pyogp/pyogp.lib.login/trunk/pyogp/lib/login/sllogin.py
>
> So if somebody knows what's missing, please tell me (probably needs to
> be somebody from Linden Lab).
>
> cheers,
>
> Tao
>
>