LoqiIt looks like we don't have a page for "problem you are trying to solve GWG" yet. Would you like to create it?_8 (Or just say "problem you are trying to solve GWG is ____", a sentence describing the term)
gRegorLoveThe problem I see is you can't control plugin load order (can you?) So if plugin A has an older php-mf2 than plugin B, but loads first, then both are going to use the older version.
[miklb]“It establishes a version constant that is a high number for the first release (9999), and on each subsequent release, the version constant is decremented. The version number is used for the priority of the action that instantiates the main class. This ensures that the most recent version of the library is loaded.”
GWGjackjamieson keeps pulling academic examples that have multiple authors in feeds and URLs he's using my consumption code to process. So I taught it to add an array of authors. But nothing knows how to deal with that yet
@andybelldesign↩️ IMO, the easier we make it for folks to have their own site, the better. Same goes for stuff like webmentions etc. If it requires hours of tinkering and messing around it’s non-inclusive by proxy. (twitter.com/_/status/1139858542662471683)
@Spellacy↩️ I'm still mystified by Webmentions. I get it in principle, but implementing it seems difficult, and I'm fairly proficient. Any simple tutorials out there? (twitter.com/_/status/1139892047819804672)
aaronpkmblaney: reposts have a pretty well defined structure and two authors is not part of that. The repost is an h-entry where the author is the person who's reposting something, then the repost-of property is an h-cite containing the reposted thing which includes the author of the original post in that
@jaroslawjarosik↩️ I've tried working with the source and what can I say, it screams LEGACY
but if it hass all the features you need at least the API is less terrible than commercial ones so you can create a decent client with less of a headache... I'd still recommend some kind of microsub server (twitter.com/_/status/1139917840872615936)
@ton_zylstra↩️ yes, microsub is very much on my mind and currently a more likely path (that posting is a yr old after all). Has the added benefit of supporting json feeds more easily, and to have a client that uses micropub for various (re)actions. (twitter.com/_/status/1139922530985226241)
[tonz]in light of the above tweets, a question about microsub: I see channels as folders. If I want to tag feeds (with ‘facets’ of people’s lives e.g. ‘coder, Berlin, Drupal, foodie, indieweb’, so I can do things like ‘from my feeds show me what foodies in Berlin are writing as I will be visiting later this week and want to explore new restaurants’) would that be something to try and solve in microsub server or in the client? And what wou
ZegnatIn my opinion, yes. But in my opinion I am not sure jf2 has much of a purpose, so do not listen to me :P (I also am not looking at implementing anything that speaks jf2 currently.)
aaronpkI don't see the value in making it more complicated to consume for the 1% of posts that might have multiple authors. It's like the 80/20 rule but even more extreme
aaronpk[tonz]: that's a really cool idea. I would think most of the work would be done on the server, and you'd need a protocol between the app and the server to give the app a way to essentially search the content on the server
jackythere is - the capability would be defined implicitly by the site's owner (that's the approach I wanted to take to so the site owner gets to control to a degree what can be done with a protected post)
aaronpksince it works by eventually getting a token to the receiver which it can use to fetch the private post, but there's no assumption about whether that thing on the other end is a person or even who it is
sknebelso my understanding the key thing of the capability models is the transferability, which I'm not sure you need for just delegating authorization... but I guess you could use
LoqiIt looks like we don't have a page for "capability url" yet. Would you like to create it?_9 (Or just say "capability url is ____", a sentence describing the term)
LoqiCapability-URLs sometimes called hard to guess URL or secret URL and used for granting access to a resource to anyone who has the URL https://indieweb.org/capability-urls
LoqiCapability-URLs sometimes called hard to guess URL or secret URL and used for granting access to a resource to anyone who has the URL https://indieweb.org/capability_URL
sknebelso from my understanding with OCAP you have this concept where you can delegate permissions, which plain random tokens/capability URLs can't do. Is that delegation something you were thinking about using jacky?
jackyTo a degree. I actually want to keep a list of people who can do what on my site but have a remote party confirm that the requester is the provided URL (or as least owns the URL in question)
aaronpksknebel: I don't see why you couldn't use nearer tokens to request a downscoped bearer token, as long as the authorization server supports it of course
[eddie]jacky It seems like “AutoAuth” would work well for confirming the requester is the provided URL. Was there something specific that caused you to not want to use that?
[kevinmarks786]The capability stuff I was connected to was around caja, which was for sandboxing html+css+js gadgets so that they could run in your page without taking it over. Mark Miller who is on the editor list worked on that.
ZegnatE.g. sounds closer to the AutoAuth idea where someone proofs their identity and then gets a Bearer token, and then when they request something from your site sends the Bearer token along which you can easily turn back into their URL
LoqiAutoAuth is the working title of an extension to IndieAuth that allows clients to authorize to other servers in the name of their user, without the user being present to confirm each individual authorization flow https://indieweb.org/AutoAuth
snarfedi'm reluctant to recommend that to indieweb though. the scope of their problem, both in use cases and data/traffic scaale, totally dwarfs what we need for a private post MVP. it'd be like boiling an egg with a nuclear bomb
snarfedtotally interesting! i remember following it when they did it, and also alex roetter's and david glazer's version. but maybe not the best first model for us
sknebelif you'd want to stick with the OAuth token model throughout, I guess the login screen needs the ability to create a token for <url> with scope: read, and then get the client to use that token, e.g. in a cookie
aaronpkugh in other news, webmention.io is kind of a mess, the tests are failing and I can't figure out why, and it's using super old deprecated libraries
aaronpkright now i'm fighting the fact that they ignore the vendor folder you make yourself and they run composer themselves now. which does speed up deploys, but also means I can't set flags on the composer command
aaronpkalthough I just realized that while webmention.io now deletes the webmention from its own database, it doesn't push that delete out via the webhook, so my site won't be aware of deleted webmentions
gRegorLove_ GWG: For a WordPress plugin?
Loqi It looks like we don't have a page for "problem you are trying to solve GWG" yet. Would you like to create it?_8 (Or just say "problem you are trying to solve GWG is ____", a sentence describing the term)
[miklb] I feel like CMB2 solved this https://github.com/CMB2/CMB2/blob/master/init.php
aaronpk capture screenshots on the wiki, maybe /authorship
[kevinmarks786] Rss+atom don't have author images by default.
@andybelldesign ↩️ IMO, the easier we make it for folks to have their own site, the better. Same goes for stuff like webmentions etc. If it requires hours of tinkering and messing around it’s non-inclusive by proxy. (twitter.com/_/status/1139858542662471683)
[jgmac1106] Zegnat look to podcast in the online session
@Spellacy ↩️ I'm still mystified by Webmentions. I get it in principle, but implementing it seems difficult, and I'm fairly proficient. Any simple tutorials out there? (twitter.com/_/status/1139892047819804672)
@jaroslawjarosik ↩️ I've tried working with the source and what can I say, it screams LEGACY
but if it hass all the features you need at least the API is less terrible than commercial ones so you can create a decent client with less of a headache... I'd still recommend some kind of microsub server (twitter.com/_/status/1139917840872615936)
@ton_zylstra ↩️ yes, microsub is very much on my mind and currently a more likely path (that posting is a yr old after all). Has the added benefit of supporting json feeds more easily, and to have a client that uses micropub for various (re)actions. (twitter.com/_/status/1139922530985226241)
[tonz] in light of the above tweets, a question about microsub: I see channels as folders. If I want to tag feeds (with ‘facets’ of people’s lives e.g. ‘coder, Berlin, Drupal, foodie, indieweb’, so I can do things like ‘from my feeds show me what foodies in Berlin are writing as I will be visiting later this week and want to explore new restaurants’) would that be something to try and solve in microsub server or in the client? And what wou
jacky it's not a LD concept but this is the closest I can get to it https://w3c-ccg.github.io/ocap-ld/
@ChangelingMx ↩️ I'm using http://brid.gy for now. I just hashtag in posts, and add the tags myself. I don't worry too much about the categorization of my statuses. (twitter.com/_/status/1139963210897985537)
@Cambridgeport90 My #Indieweb Journey Part 2: Working On Finalizing Webmentions And Responses #Blog #Posse (twitter.com/_/status/1139995846001512448)