#dev 2018-07-06

2018-07-06 UTC
#
aaronpk it sends the webmention and when I visit the source URL I get an error
#
snarfed argh, sorry. i'll look
#
snarfed what it actually finds is far from comprehensive, https://brid.gy/about#GitHub+responses+require , but source url error are obviously (usually) on me
#
snarfed and heh funny it thinks the wms were successful because your handler is async https://brid.gy/github/aaronpk
#
aaronpk aren't most webmention handlers async?
#
snarfed hell no
#
aaronpk oh
#
aaronpk well it returned a status URL you can check on :) https://webmention.io/aaronpk/webmention/tbh9YGBOCkmbwV7A1s8b
#
snarfed right!
#
snarfed ah may be an easy fix
#
KartikPrabhu async is hard to do. So I am assuming most webmention handlers have not implemented it yet (I know I am in that boat)
#
aaronpk anyone have thoughts on this potential change to the mastodon mf2 markup? https://github.com/tootsuite/mastodon/issues/7926
#
Loqi [aaronpk] #7926 Microformats markup on spoiler posts is wrong
#
aaronpk tl;dr Gargron is considering removing the `p-name` class from toots. currently that class breaks CW/spoiler posts.
#
aaronpk with the new implied name rules, `p-name` would never have been added in the first place. it's only because of the old implied name rules that `p-name` was added to the posts to prevent the junk names from appearing.
#
skippy I changed my Granary feeds to HTML, and Monocle is still not showing me the original tweets in quoted replies...
#
aaronpk skippy: okay that is something that should be fixable... not sure if it's granary or aperture tho. can you open an issue on XRay and paste the HTML that Granary creates for one of those posts?
#
skippy how can i get the Granary-generated HTML, instead of hte Monocle rendering of it?
#
aaronpk you'll have to visit the granary URL in a browser and grab it from there
#
skippy ok
[cleverdevil] joined the channel
#
cleverdevil.io edited /Indiepaper (+5) (view diff)
[manton] joined the channel
#
[manton] [aaronpk] Makes sense to me. Mastodon posts don't have names/titles so it doesn't seem right to have `p-name`.
#
skippy done, aaronpk
#
aaronpk thank you! Looks like granary is providing excellent HTML markup for that
#
snarfed that's...a pleasant surprise 😅
#
aaronpk lol
#
aaronpk so I need to add quotation-of support to XRay and then rendering support in Monocle. (and other readers should add support for it too)
snarfed joined the channel
#
snarfed thanks for reporting the github backfeed bug btw aaronpk. "two unit tests, no integration tests" :P
eli_oat joined the channel
#
GWG snarfed: Facebook removed and new version being pushed.
#
snarfed GWG++ thank yuo!
#
Loqi gwg has 40 karma in this channel (380 overall)
#
GWG I swapped the Facebook registration link over to a Github registration link
tantek__ and eli_oat joined the channel
#
snarfed aaronpk: fixed. thanks again!
#
aaronpk woo! how'd I get so lucky with this bug?
#
aaronpk oh no
#
aaronpk it doesn't understand threading really
#
snarfed threading?
#
aaronpk or rather, replies to individual replies
#
snarfed you mean timestamps?
#
snarfed github doesn't have threading afaik
#
aaronpk it put all the replies on just one of my replies
#
aaronpk it even put the post itself as a reply to my post
#
snarfed hah
#
aaronpk example: https://aaronparecki.com/2018/07/05/15/
#
Loqi [Aaron Parecki] A change in the Microformats parsing spec from a few months ago reduced the cases where parsers would auto-generate a name property if there wasn't one in the original markup. Previously, when the name was autogenerated, people ended up having to ad...
#
snarfed if you posted other replies w/synd links, it may not have crawled them yet
#
aaronpk notice that that's a reply to a particular reply on that issue (I show it in the reply context) but bridgy sent the entire thread as webmentions to that post
#
aaronpk even the ones "above" that
#
snarfed heh, ok
#
snarfed i wonder if bridgy ignores/strips fragments in u-urls
#
snarfed github is kinda unusual in that
#
snarfed er, in synd urls
#
aaronpk yeah, I had to write some special handling for that in xray
#
snarfed the timestamps are in there at least. but still, understood
#
aaronpk this is too weird, turning it off for now
#
snarfed hah sure
#
snarfed interesting q though. in silos with explicit threading, i could see how we we'd only want to backfeed replies "under" your reply to it
#
snarfed ...but for github backfeed to replies/comments, i don't know what we ideally want
[miklb] joined the channel
#
@miklb ↩️ @mor10 @no_fear_inc @johnbillion @carlhancock @rmccue fwiw https://github.com/indieweb/wordpress-indieauth (twitter.com/_/status/1015045374703276038)
snarfed joined the channel
#
aaronpk The GitHub conversation is still ordered so I would expect only things underneath my comment to appear as comments
renem and [snarfed] joined the channel
#
[snarfed] right, understood
#
[snarfed] backfeed to github comments is kinda unintentional, so i expect it's losing the synd url fragments and thinking your reply posts are the originals
#
aaronpk oh is that out of scope?
#
[snarfed] (you're probably the first github user that it found syndicated replies for)
#
[snarfed] i haven't really thought through backfeed to comments/replies at all, regardless of silo, so there's work to do there
#
[snarfed] sorry for the trouble!
#
aaronpk I would be okay with with it if it just didn't backfeed those
#
aaronpk e.g. only backfeed to my post if my post's syndication URL is a full github issue URL and doesn't have a fragment to a comment ID
#
[snarfed] agreed! that's the immediate fix
snarfed and [aaronpk] joined the channel
#
[aaronpk] [manton] before IWS, did micro.blog still have its own token endpoint despite using the indieauth.com authorization endpoint?
eli_oat and [manton] joined the channel
#
[manton] [aaronpk] Nope, the token endpoint is new too.
#
aaronpk ooh so you were using tokens.indieauth.com before then?
#
[manton] Yep.
#
aaronpk k
#
aaronpk can you do me a favor, and check out one part of your current implementation in the token endpoint. in the step where the client sends the authorization code and gets back an access token... what does your code do with the `me` parameter that's sent in that request?
#
[manton] Sure, lemme check...
#
[manton] Hmm. Looks like I don't do anything with the `me` parameter. I store the original `me` and I think I meant to check that they match, but doesn't look like I do.
#
aaronpk ha awesome
#
aaronpk thanks
#
aaronpk signs are pointing to this parameter being completely unnecessary at this step
#
aaronpk and if we can drop it from the IndieAuth spec, then IndieAuth is reaaally close to regular OAuth 2
#
aaronpk another question... do you use the `me` parameter in the first authorization GET request for anything?
#
[manton] Yes, for the first GET, I do use the `me` to display to the user and if they aren't using a hosted blog, I also check that the `me` matches a verified site on the Micro.blog user's account.
#
aaronpk ah yes! that's a good one
#
aaronpk without it, I suppose the alternative would be that you provide a list of identities that the user could sign in as: their micro.blog address and their verified site
#
[manton] More specifically, I show it to the user when there's a problem, e.g. "You tried to sign in as https://manton.org/ but you're signed in as someone else" or it can't find your site.
#
aaronpk great
#
aaronparecki.com edited /IndieAuth (+310) "/* Implementations */ +micro.blog" (view diff)
#
aaronpk is Micro.blog capitalized?
#
[manton] I guess it's not strictly necessarily, since when I redirect back to `redirect_uri` than that other app should verify that the `me` matches there.
#
[manton] Yes, technically uppercase M, lowercase b. But I'm not too picky about it. 🙂
#
aaronparecki.com moved /micro.blog to /Micro.blog
#
aaronpk well the only thing the client checks with the original `me` that was entered is that it's on the same domain. that allows the server to canonicalize the URL like adding https or a trailing slash
#
aaronpk so in the first request, the `me` is really more of a suggestion, and what you're doing like showing a warning if they're signed in as someone else is a good thing to do in that case
#
[manton] Cool. That seems useful.
#
aaronparecki.com edited /Micro.blog (+0) "correct capitalization of Micro.blog" (view diff)
#
aaronpk *whew*
#
aaronpk anyone want some fun reading? https://aaronparecki.com/2018/07/05/21/
#
Loqi [Aaron Parecki] tl;dr The more I think about it, the more I think this parameter enables a use case that isn't really necessary. The me parameter in the code exchange step specifically allows for a token endpoint to be detached from both the Micropub endpoint and th...
#
aaronpk and https://aaronparecki.com/2018/07/05/22/indieauth
#
Loqi [Aaron Parecki] Here's a quick survey of current implementations of token endpoints: Integrated Micropub/Token/Authorization Endpoints p3k - verifies the me parameter exists, but does not use it for anything Wordpress IndieAuth plugin - verifies the me parameter ...
#
snarfed aaronpk++
#
Loqi aaronpk has 152 karma in this channel (1667 overall)
barpthewire, [cleverdevil] and cweiske joined the channel
#
@frankmeeuwsen ↩️ Kunnen webmentions opnieuw worden verzonden als microformats eenmaal op orde zijn? Zoals Ton naderhand heeft gedaan. Zie ook mijn vragen op http://diggingthedigital.com//Waar-te-beginnen-met-Webmentions/ (twitter.com/_/status/1015140467510513664)
#
@ton_zylstra ↩️ De vraag is wat ik daar zelf aan kan sleutelen. Die microformats worden door Webmention en Semantic Backlinks plugins in WP aangebracht. (twitter.com/_/status/1015151050175799301)
calumryan, [jgmac1106] and eli_oat joined the channel
#
sknebel https://twitter.com/patio11/status/1015219519147499520
#
@patio11 My comic book swearing that I occasionally do in tweets was semi-valid liquid templating syntax, but only semi-valid, and so attempting to put them on my blog killed Jekyll. #{I%#)ing computers. (twitter.com/_/status/1015219519147499520)
[eddie] joined the channel
#
@ton_zylstra Inspecting some pieces of puzzling #webmention behaviour https://www.zylstra.org/blog/2018/07/wrapping-my-head-around-webmentions/ @frankmeeuwsen @sebsel @martijnvdven #indieweb (twitter.com/_/status/1015237575890624512)
#
@LeonardoIFG #MicroSub atendendo aos pedidos, prova adiada de hoje para sexta que vem. (twitter.com/_/status/1015238682134097920)
[jgmac1106], leg, snarfed and [jgarber] joined the channel
#
[jgarber] [aaronpk] Thanks for the review on those webmention-client-ruby PRs! #11 should be good to go now: https://github.com/indieweb/webmention-client-ruby/pull/11
#
Loqi [jgarber623] #11 Implement RuboCop recommendations
#
@jackbaty Showing Webmentions here on http://baty.net: https://www.baty.net/2018/showing-webmentions-here-on-baty.net/ (twitter.com/_/status/1015258692558770182)
[cjwillcock] joined the channel
#
@SoundEvo @MercedesBenz G-Class got @JLAudio C1-650X 6.5" 2-way car speakers + CP106LG-W0V3 MicroSub slot-ported enclosure subwoofer (twitter.com/_/status/1015262551351930880)
snarfed and tantek__ joined the channel
#
sknebel wrote a reply to ton_zylstra above: https://www.svenknebel.de/posts/2018/7/4/
#
Loqi [Sven Knebel] Lot's of things going on here, but I think I figured them all out. missing avatar Frank’s site is only served over HTTP, not HTTPS. In <img src="">, that’s fine and only creates a warning in the browser, but in your comment display it is include...
#
sknebel (which hasn't shown up in his comments yet, I hope it's only stuck in wordpress moderation queue :D)
[manton] joined the channel
#
[manton] [cleverdevil] Wondering if Indiepaper should have an option to sign in with IndieAuth and look for a rel="indiepaper" endpoint to use for saving articles.
#
aaronpk oh gosh haha
[cleverdevil] joined the channel
#
[cleverdevil] [manton] I've considered that as well. Not sure it makes sense just yet, though, because the token it receives wouldn't be useful.
#
[cleverdevil] If [aaronpk] adds IndieAuth to specific microsub channels in Aperture, that may be a better path
#
[cleverdevil] But, I am all ears and open! It needs to be much more seamless.
#
aaronpk trying to find where I documented what i've done with multiple micropub endpoints in Monocle
#
aaronpk this https://indieweb.org/Micropub-extensions#Destination
#
[manton] Cool. Just thinking out loud... I think for Micro.blog sharing the token between the normal Micropub endpoint and special Indiepaper endpoint would be okay.
#
[cleverdevil] Yeah, that would definitely work for Micro.blog.
#
skippy aaronpk: that implies that your Micropub server knows about destinations, rather than Monocle knowing about multiple destinations?
#
aaronpk yes
#
[manton] Or maybe something with `mp-destination` would be better. I haven't thought it through... Just would be nice to eventually have sign-in and discovery more automatic.
#
aaronpk your micropub endpoint can return a list of other destinations. your site is then responsible for actually making that work
#
aaronpk very similar to syndication
#
skippy destination selection seems the purview of the client, not the endpoint... similar to but very different from syndication.
#
aaronpk but I also consider it part of my "account" that I want to bring to all the micropub clients that I use
#
[cleverdevil] Yeah, I could see having an item returned in `?q=config` for `mp-destination` that is tagged as `indiepaper`.
#
aaronpk rather than having to set up each client with multiple destinations
#
skippy oh man, aaronpk, this "repost only" channel I created in Monocle is divine. Thank you so much for adding that functionality!
#
aaronpk \o/
#
skippy going to write up a blog post about how Monocle makes feed and stream consumption so much more sane and useful.
#
aaronpk awesome
#
[cleverdevil] So, given what I am hearing, potentially, Indiepaper could configure itself by:
#
[cleverdevil] 1. User enters their domain, and I query for a `mp-destination` that is somehow designated as an Indiepaper target.
#
[cleverdevil] 2. Initiate IndieAuth against that specific destination to get token.
#
aaronpk no that's the opposite order that mp-destination works right now
#
[cleverdevil] Oh?
#
aaronpk you first do normal indieauth and get an access token. then you query the micropub endpoint with that access token
#
aaronpk I don't really want my list of destinations to be public
#
[manton] So I guess if it uses destination, we'd lose a little flexibility in pointing Indiepaper to a completely different posting backend. (Not sure whether that is good or bad. Just walking through it.)
#
[cleverdevil] Ah, I see.
#
aaronpk no it just requires the micropub endpoint to know how to pass along requests to the other backend
#
[cleverdevil] Yeah, the nice thing about the way it works right now, is its totally explicit. You can tell it precisely what you want it to do.
#
aaronpk I have a bunch of destinations right now, some of which are silo.pub destinations
#
@kickscondor I guess I should get this out there - I've got a fork http://github.com/kickscondor/jekyll-webmention_io that throttles outgoing webmentions, can run without execjs and fixes some bugs I found. (twitter.com/_/status/1015271133854162945)
#
[cleverdevil] Creating an issue on https://github.com/cleverdevil/Indiepaper-macOS to capture the discussion
#
Loqi [cleverdevil] Indiepaper-macOS: Adds a "Send to Indiepaper" sharing extension to macOS.
#
aaronpk the simplest version is to just do normal indieauth on indiepaper
#
aaronpk and I need to add indieauth support to aperture channels
#
aaronpk that keeps things still very separated but easy to configure
#
[cleverdevil] So, I'd add an IndieAuth flow to the Indiepaper website?
#
[cleverdevil] I guess I could do that and then have a special link that is generated that you could click on to configure the macOS app.
#
aaronpk that works
#
[cleverdevil] `indiepaper-config:mp-destination=https://aperture.p3k.io/micropub&bearer=XYZ`
#
[cleverdevil] Like that, and then the user could click it, and I could auto-configure.
#
aaronpk probably don't call it mp-destination then
#
aaronpk but yeah
#
[cleverdevil] Makes sense.
#
[cleverdevil] The best thing about this is, technically, I don't need to add IndieAuth on my end to make this work 🙂
#
[cleverdevil] If I added the ability for auto-configuration in the macOS app with a link like this, then [manton] could simply generate a link directly from within Micro.blog.
#
aaronpk you can also keep that existing form where someone can paste in the micropub URL and token, then you can generate that link they can click to configure the app
#
[cleverdevil] Users could just click and be good to go.
#
[cleverdevil] What do you think of that [manton]?
#
[cleverdevil] https://github.com/cleverdevil/Indiepaper-macOS/issues/1
#
[manton] Yeah, seems good for Mac users. I think having IndieAuth might still be nice so that someone could start at indiepaper.io, click sign in, etc.
#
Loqi [cleverdevil] #1 Automate configuration of mp-destination and token
jackjamieson joined the channel
#
[cleverdevil] I am just trying to think of a use case where it'd actually be necessary.
#
[manton] I guess if someone wanted to use the JS bookmarklet?
#
aaronpk configuring for an aperture channel would work that way
#
aaronpk unless I explicitly add support for this particular app
#
[cleverdevil] I still don't *completely* understand what it'd look like. Would the user sign in with their regular domain or with the aperture channel?
#
aaronpk i'm more inclined to not hard-code things like specific apps, so enabling indieauth on aperture channels bridges that in a standard way
#
aaronpk they'd type in aperture.p3k.io into the sign-in box, then on the authorization screen they'd see a list of their channels and they'd be able to select one
#
[cleverdevil] Gotcha.
#
[manton] Yeah, that seems like it would be the most flexible, so that Indiepaper could work with servers that weren't really designed for it.
#
[cleverdevil] I like how indiepaper.io is totally stateless at the moment. It stores zero information, so the IndieAuth exchange would only be used to generate bookmarklets and macOS configuration links.
#
[manton] That makes sense.
#
[manton] So would the rel=indiepaper still be useful, or with that flow in Aperture would it be up to the user to select the right channel?
#
[cleverdevil] The latter, IMO.
#
[manton] Yeah, that is less appealing to me for Micro.blog, then. Because I don't want to prompt the user for a "channel" whenever they sign in to any IndieAuth app.
#
[cleverdevil] The macOS auto-config via URL thing is pretty easy to do.
#
aaronpk no you don't have to
#
[cleverdevil] So, I'll likely do that first.
#
aaronpk this is just something unique to aperture
#
aaronpk it's all regular indieauth from the client's perspective
#
[cleverdevil] Adding IndieAuth to the indiepaper site is a bit more time consuming 🙂
#
[cleverdevil] So, I'll likely do them in that order.
#
aaronpk wait is there a "read later" thing in micro.blog?
#
[manton] [cleverdevil] Right, sorry to create more work for you. 🙂
#
[cleverdevil] [manton] no, its all good, it helps me evolve Indiepaper :)\
#
aaronpk i'm confused about what [manton] is suggesting adding support for to micro.blog
#
[cleverdevil] I knew I was going to need to do *something*, I just wasn't sure *what* yet.
#
[manton] [aaronpk] Not yet, but I was thinking I would experiment with it specifically using Indiepaper.
#
[manton] Basically I was thinking I'd add a special Micropub endpoint for Indiepaper. But then that led to these other questions about what the user experience is like.
#
aaronpk oh interesting. so you would be adding a new timeline along with the main timeline, mentions, favorites?
#
[manton] Maybe. Or maybe for now it's just a special feed that you could subscribe to in another reader.
#
aaronpk aha
#
[cleverdevil] I like the idea of it just generating a feed in the short term.
#
[cleverdevil] Easy start 🙂
#
aaronpk yeah that's a good way to bootstrap it
#
[manton] So, backing up a little... If I supported that, I'm still confused about how IndieAuth in Indiepaper would figure out where to save each article.
#
[cleverdevil] For your use case, I wouldn't bother with IndieAuth.
#
[cleverdevil] You don't need it.
#
[cleverdevil] You already know the user's endpoint and bearer token.
#
aaronpk yeah if you're going to shortcut things at all like not making a web view for it, I would also just take the shortcut of hard-coding the indiepaper app configuration URL in the settings screen
#
[cleverdevil] You could just give people a bookmarklet and macOS configuration URL directly in the Micro.blog website.
#
[manton] Right. I'm thinking of the case of where someone goes to indiepaper.io and then sees the field for "Bearer Token" and thinks... Huh, what now?
#
[cleverdevil] I'd happily add a little section to the Indiepaper website that linked to the appropriate settings page in Micro.blog.
#
aaronpk if you wanted to support it the same way aperture (will) support it, you'd add something to the micro.blog authorization screen that lets people choose that they want the app they're logging in to to post to their "read later" feed instead of their micro.blog account
#
[manton] It's also possible that I have IndieAuth on the brain and I'm looking for how it can solve all problems. 🙂
#
aaronpk we could also make a specific indieauth "scope" for this so that the client can specifically request it
#
[manton] Ah, scope would be interesting.
#
aaronpk actually yeah that's probably the best way
#
[manton] Because yeah, what I want to avoid is if someone signs in to e.g. IndieBookClub, they shouldn't get prompted to put that into a read later queue, necessarily. (Or Quill, or whatever.)
#
aaronpk yeah
#
aaronpk yeah with scope it would make sense. need a generic concept for this term tho
#
aaronpk readlater? save?
#
[manton] So, just so I'm clear, if we used scope, I would essentially tie the token to that specific scope, so that when the token came in I would know to route posts to a special place? So no separate Micropub endpoint URL.
#
aaronpk yea! even better
#
[manton] That is really interesting.
#
aaronpk that works well in this case because you always want a particular app to have *all* the things it sends to the micropub endpoint to go to either one place or the other
#
[cleverdevil] Definitely record the requests as issues on Indiepaper on GitHub if you come up with an ideal solution.
#
[manton] What happens with most IndieAuth providers right now if they get a scope=readlater that they don't understand? Or do most ignore it?
#
aaronpk yeah they'll ignore the scope they don't recognize
#
aaronpk (unrelated, is there a jsonfeed for the micro.blog discover timeline?)
#
aaronpk nvm I found it
#
aaronpk boom now I have the micro.blog discover timeline in monocle
eli_oat joined the channel
#
[manton] Cool!
#
[cleverdevil] So, it definitely sounds like I'll need to add IndieAuth support to Indiepaper.
#
aaronpk it's not that hard I promise :)
#
[manton] There's also JSON for the other sections, like https://micro.blog/posts/discover/photos or https://micro.blog/posts/discover/books
#
[cleverdevil] Yeah, shouldn't be a big deal 🙂
[eddie] joined the channel
#
[eddie] Yeah, I love the JSONFeed of Discover. I've been following it and replying to random people through Indigenous for awhile
#
aaronpk nice
#
[eddie] also :exploding_head: I love the idea of using a save scope
#
aaronpk oh that probably explains why I see so many replies from you in my feed
#
[eddie] also, I think save is better than readlater because eventually you could save video, audio, etc to view offline later
#
[eddie] so more flexible for future development
#
[eddie] Yep. You can log into micro.blog and turn off replies to people you don't follow if you want to get rid of a lot of those 🙂
#
[manton] I could see both ways. "readlater" has a certain well-understood meaning. I don't feel strongly about it, though.
#
aaronpk "readlater" also has a very specific meaning and is frankly kind of puzzling unless you're familiar with that app
#
[manton] Also, glad you find the Discover feed useful!
#
[eddie] That's true. I feel safe about "Save" because Facebook has had that in a post action menu for awhile.
#
aaronpk I don't actually use those services myself and would probably avoid a feature named after it
#
aaronpk but I can see other ways I would use this "save" feature
#
[eddie] Yep. That's one reason I loved Pocket's approach, was they tried to differentiate themselves by being something you could save any web content into for later consumption
iasai and snarfed joined the channel
#
tantek__ there's some prior discussion / analysis of save vs readlater etc on the /webactions page
leg joined the channel
#
tantek.com edited /next-hwc (+0) "next" (view diff)
#
tantek.com edited /MediaWiki:Sidebar (+0) "next hwc" (view diff)
[dgold], snarfed and eli_oat joined the channel
#
www.tedt.org edited /logo (+158) "/* Feedback */" (view diff)
#
www.tedt.org edited /logo (+6) "/* Feedback */" (view diff)
#
www.tedt.org edited /logo (-6) "/* Feedback */" (view diff)
eli_oat joined the channel
#
tantek.com edited /short-domains (+2) "/* io */ fix-up links" (view diff)
#
tantek.com moved /events/2018-07-31-decentralized-web-summit to /events/2018-08-01-decentralized-web-summit "actual summit start date"
snarfed and [schmarty] joined the channel
#
[schmarty] +1 for save and i already have two usecases for this that could greatly simplify how i track certain things to listen to or watch!
#
aaronpk ooh
#
[schmarty] there are some supporter-only podcast episodes on dr.ip, but dr.ip doesn't actually provide podcast feeds. i wrote a little script to manually create a feed for myself, but having an indiepaper-like "listen later" would be great. like a personal huffduffer.
#
aaronpk i'm gonna have to add a podcast RSS feed export option to aperture channels aren't I :)
#
[schmarty] similarly, i get frustrated at having Watch Later lists on multiple services and feel like there aren't many ways to queue up youtube or vimeo (or other) videos for watching later.
#
[schmarty] aaronpk: that sounds like a fun standalone microsub client bridge??
#
aaronpk that would work too!
#
[schmarty] (i.e. maybe somebody else can be poked to do it)
[cleverdevil] joined the channel
#
[cleverdevil] So, [aaronpk] what would be the best guide for implementing IndieAuth for Indiepaper?
#
[cleverdevil] I've implemented a provider before, but never a client.
#
aaronpk lol well a client is way easier
#
aaronpk hm
#
[cleverdevil] (I just started lunch break and already implemented the Indiepaper macOS URI for auto-configuration)
#
aaronpk I think this is the summary tutorial https://indieweb.org/obtaining-an-access-token
#
[cleverdevil] :thumbsup:
#
aaronpk also this but it might be more detail than you need https://www.w3.org/TR/indieauth/#authorization
#
[cleverdevil] Man, it would be really nice if there was a simple JS library I could embed in the indiepaper website to do this more easily.
#
aaronpk didn't [schmarty] use something like that?
#
[cleverdevil] Drop-in IndieAuth client support would be awesome.
#
[schmarty] cleverdevil: micropub-helper can do much of this.
#
[schmarty] kapowski is an example app that uses it: https://glitch.com/edit/#!/garrulous-smile?path=lib/micropub-auth.js:1:0
#
[schmarty] that example is server-side with nodejs+express. that wrapper creates the various handlers for starting auth and handling the return callback.
#
[cleverdevil] Awesome. I just want it to handle the IndieAuth part and provide me a token, and then I can generate a bookmarklet and macOS configuration URL.
#
[cleverdevil] Hmm, this seems like server-side JS, not client-side.
snarfed joined the channel
#
[schmarty] [cleverdevil]: re server-vs-client yep, see above. however, the micropub-helper lib it relies on does support client side, assuming you don't run into CORS issue.
#
aaronpk yeah the trick with client-side only is most ppls sites don't support the CORS headers needed to do discovery and such
#
[cleverdevil] Ah, of course.
#
[cleverdevil] I think I'll have to do this with some server side voodoo, which is fine. It really shouldn't be that hard.
#
[cleverdevil] I'm just being lazy 🙂
#
[schmarty] i think of it as using the server as a proxy for the CORS things, mostly. plus handling the callback in client side feels weird and like it should basically use OAuth2 Implicit Grant at that point.
#
[schmarty] that's one area where my OAuth2 understanding gets a little muddy without examples.
#
aaronpk https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type
#
[schmarty] i have a great book about the subject that i should probably consult :}
#
aaronpk er, specifically https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type#when-to-use-the-implicit-grant-type
#
[schmarty] since IndieAuth has no client secret, i see no reason why a browser-side app couldn't handle the callback step?
#
aaronpk correct
#
aaronpk tl;dr you probably don't want the implicit flow, just use the regular authorization code flow with no secret
#
[schmarty] rad. i had a lot of Thoughts about in-browser apps when i first learned about IndieWeb and was surprised to see almost no one doing it that way.
#
[schmarty] still has lot of Thoughts about purely in-browser Micropub apps, but would probably include a fallback proxy mode for CORS workarounds.
sketchess and jackjamieson joined the channel
#
myfreeweb the first version of micro-panel was able to indieauth purely in-browser https://github.com/myfreeweb/micro-panel/blob/f3f2442a8874d084b1f30923fdf0d5c0715bf06d/src/micro-panel.js#L358
snarfed and KartikPrabhu joined the channel
#
dougbeal !tell gRegorLove: I think your webmentions didn't like https://indie📚♣.🕸💍.ws
#
Loqi Ok, I'll tell them that when I see them next
#
tantek__ dougbeal - I'm not seeing a site at that domain, perhaps DNS propagation?
#
gRegorLove I block suggestions for buying emoji domains. jk ;)
#
Loqi gRegorLove: dougbeal left you a message 9 minutes ago: I think your webmentions didn't like https://indie📚♣.🕸💍.ws
#
dougbeal tantek__: I was just suggesting the idea, but the webmention choked on the unicode?
#
dougbeal hahaha
#
Loqi awesome
#
dougbeal Its only a subdomain ;)
#
gRegorLove probably a unicode/mysql thing. My utf8mb4 support is not 100%
stevestreza joined the channel
#
@ChrisAldrich ↩️ When it comes to the "conversation" side of what you're looking for, I think the biggest piece you're really missing is that http://Hypothes.is doesn't support sending webmentions. [more...] https://boffosocko.com/2018/07/06/reply-to-ian-obyrne-relating-to-annotations/ (twitter.com/_/status/1015346521301061632)
#
KartikPrabhu what is organizations
#
Loqi It looks like we don't have a page for "organizations" yet. Would you like to create it? (Or just say "organizations is ____", a sentence describing the term)
#
KartikPrabhu organizations is /organization
#
Loqi ok
#
loqi.me created /organizations (+25) "prompted by KartikPrabhu and redirect added by KartikPrabhu" (view diff)
#
kartikprabhu.com edited /organization (+340) "stub permissions and transferring repos" (view diff)
[eddie] joined the channel
#
@judell ↩️ There's a project, https://github.com/judell/h_notify, that polls Hypothesis and send notifications by way of email, RSS, or Slack. It might be a starting point for a basic DIY webmention service. (twitter.com/_/status/1015351328757899264)
snarfed joined the channel
#
@LeonardoIFG #MicroSub a aula será na sala T305, a mesma da semana passada... (twitter.com/_/status/1015357232626765824)
[jgmac1106] joined the channel
#
unrelenting.technology edited /indie-config (+171) "Add Firefox bug link" (view diff)
#
KartikPrabhu snarfed: could you pop into #microformats for a bit?
#
unrelenting.technology edited /Firefox (+174) "Add IndieWeb Addons and Bugs sections" (view diff)
snarfed joined the channel
#
dougbeal snarfed: quite the baffle commits ;)
#
snarfed dougbeal: heh not really
#
dougbeal baffle commit comments, I should have said
#
snarfed hah yes
#
snarfed cloudflare workers are really cool, but running code on a CDN edge solves a problem i don't really have, and it'smissing most important parts of a dev ecosystem (storage, logging, local stack, etc) that i actually do care about
#
snarfed https://community.cloudflare.com/t/experiences-with-external-developer-services/22836