oodaniIs OpenID still worth implementing? It's obviously worse than IndieAuth, but there do still seem to be places that accept it. (For instance, PyPI, which I'm on a lot since I'm working in Django.)
aaronpki have a bunch of users on IndieAuth.com who moved there from myOpenID.com when it shut down, cause they still wanted to be able to sign in to stack overflow
aaronpkOpenID 1 is effectively dead, the OpenID foundation has moved on to OpenID Connect which is based on OAuth 2 and also doesnt even serve the same goal as OpenID 1 did
LoqiOpenID was a protocol for using a web address as an identity to sign-in to websites; it is losing support, is effectively dead (versions 1 & 2 are both deprecated), and has been replaced on the IndieWeb with web-sign-in and IndieAuth https://indieweb.org/OpenID
oodaniIs there something I can put on my site to make IndieAuth.com automatically delegate /IndieAuth/ requests to my site, rather than simply using my own IndieAuth as a verification method? (So that I get the correct client_id and icon, and also don't have to pick which provider to use.)
aaronpkoodani: i think there's an open ticket for that right now on indieauth.com. but... dont worry too much about it, for reasons i would love to get in to
Zegnatoodani, it also depends on the website. E.g. Telegraph should send you straight to your site. It is only websites like the wiki that do not use IndieAuth themselves but use specifically the IndieAuth.com service for login that force you to go there.
aaronpkthe short version is you will only ever interact with indieauth.com when youre logging in to sites that dont implement their own login flow, like the wiki.
oodaniThe thing is that https://indieauth.com/developers encourages you to just use IndieAuth.com rather than try to discover the user's correct authorisation endpoint, so it seems like that'll end up with /lots/ of IndieAuth clients that have to go through that extra step.
aaronpkand if a site is using indielogin.com and you have your own authorization endpoint, you'll never even see the rel=me login options or even see the indielogin.com site
oodanii'm in a microservice frame of mind today, apparently :p indielogin.com could do absolutely nothing besides delegate to the user's auth endpoint or to myindieauth.com if they don't have one
oodanithat means only myindieauth.com needs an id+secret for twitter and github, which i think is an advantage - although i guess making more oauth apps is free anyway
vanderven.se martijnedited /comments (+373) "/* IndieWeb Examples */ Add Henrik Carlsson and call out how he is displaying comments within feeds too" (view diff)
Zegnatcweiske, I was thinking about it, but it becomes such a big image on the page then. As you can’t illustrate it without actually screenshotting the whole feed.
ZegnatHmm, I feel like that microformat-shiv code is suspect. If you BASE element URL is a relative one (which I think is allowed by HTML?) it is going to turn the URL into a relative one again.
tantekhey GWG, per our recent discussion, I'm going to keep adding to https://indieweb.org/post#What_to_post every time I think of something to post and reach sufficient motivation to succesfully do so. hope that helps!
grantcodessknebel Zegnat one (kinda weird) option would actually be to just host the php version somewhere, enable cors and just request the mf2 json from that. But always prefer not to have these middleman services
sknebelwould have to check/think about where else the it uses the mf2 parser and if the bugs matter there (if introducing another dependency for rel links. wouldn't be surprised if <base> tags are ignored in most tooling though. clear edge case :/)
ZegnatAlso takes away the possibility of using the code in browser extensions (like Micropub clients) that are meant to work with development versions of software. The middleman can’t access localhost.
grantcodesSo all my library needs to get is the auth, token and micropub endpoints (maybe rel=me links would be useful too) - if there is another way of getting those I'm all for it
Zegnatmodules.url.resolve(url, baseUrl) - “resolves url to absolute version using baseUrl”. Code seems fine. So as long as that is used everywhere there shouldn’t be any issues.
ZegnatThe only problem there is that it should have used modules.url.resolve when baseUrl is already defined, in case of a relative value in the BASE element
grantcodesaaronpk: quick question - any way I can automate the micropub.rocks tests for unit tests? Think I would just need to get some of the random strings generated
Zegnatsknebel: that if on L319 doesn’t matter, as the baseTag is detected on L328 and falls outside of that if-block. The if from L319 just tries to detect the current page URL when running in the browser in case no other URL was provided.
grantcodesYeah, the only thing that might be an issue is the base tag thing. Apart from that I think it will be amost as simple as querySelectorAll('[rel]')
Zegnatgrantcodes: check querySelector('base'), if it exists, resolve its href value and set that to the new base URL. Then resolve all hrefs from *[rel] matches to the current base URL.
ZegnatIf you change relEls to doc.querySelectorAll('[rel][href]') you will not need to check the attributes for null, I think, as both rel and href must exist on the element
grantcodesHaha thanks guys, so the gist is updated to find the first base element with a href attribute and handle space separated rel attributes. (I left in that null check just in case :P)
sknebeloh, and sorry, another thing... despite being called "space seperated tokens", "The space characters, for the purposes of this specification, are U+0020 SPACE, "tab" (U+0009), "LF" (U+000A), "FF" (U+000C), and "CR" (U+000D)."
ZegnatIf you didn’tt want a general rel extraction grantcodes,you should just have done document.querySelector('[rel~="micropub"][href]').getAttribute('href') and resolved that ;)