#dev 2019-11-26

2019-11-26 UTC
uniquerockrz joined the channel; GWG_ left the channel
#
mblaney aaronpk I have a use-case that the resource identifier you mentioned earlier might help with, though it might not be what the change was intended for.
#
aaronpk oh?
#
mblaney I currently use unicyclic.com as my microsub server, and mblaney.xyz is my microsub client. the server identifies my requests via the bearer token.
#
mblaney now if I log in to monocle, it finds my microsub endpoint, but it gets a different token.
#
mblaney so when it tries to connect it doesn't find my account.
#
mblaney I was thinking if I gave monocle the same token, it would "just work"
#
aaronpk why does it get a different token?
#
aaronpk how is that exchange failing?
#
mblaney so I log in to monocle from mblaney.xyz, which starts a new auth process.
GWG joined the channel
#
mblaney nothing is failing, it's just that there's nothing to identify me with my microsub server. I guess this is why you provide unique urls with aperture?
#
aaronpk ah yeah
#
aaronpk well that's different I think
#
aaronpk because I need to know where to go to validate the token
#
mblaney yeah I'm not validating the token, just looking it up to see if there's a matching user.
#
aaronpk hm that sounds backwards. so you store the token in unicyclic?
#
mblaney I need to write this up, but yes I store a token when someone logs in to use with Micropub, so I use the same token again with Microsub....
#
aaronpk is the client storing it?
#
mblaney both sites store the token, the Microsub client uses it for requests.
#
aaronpk aha interesting
#
aaronpk i'm going to have to think that through. seems unusual and I can't tell immediately if it's dangerous or not
#
mblaney ok feedback would be great.
#
mblaney the thing is that unicyclic.com is also a Micropub client, so it needs the token too.
#
aaronpk heh that sure complicates things
#
mblaney ...and actually I use the fact that it's a Micropub client to let me know when there's new reader content so I don't have to poll. I added a new Micropub action called notify so I only fetch new reader items when I get a notification. yes it got complicated real quick :-)
#
mblaney that's what I get for splitting my reader in half :-D
uniquerockrz joined the channel
#
aaronpk it's funny cause last week I kept hearing all these complicated enterprisey use cases around OAuth and then as I was thinking them through I would realize that there's an exact analogy in the indieweb world too since we tend to split up components so much
#
mblaney gives Loqi a complicated enterprisey use case
#
Loqi grabs the complicated enterprisey use case
#
mblaney ???
#
mblaney profit.
#
mblaney aaronpk does aperture validate the access token with the user's authorization endpoint on every request?
#
aaronpk I believe so yes
#
aaronpk wait
#
aaronpk it caches for 5 minutes
#
aaronpk caches the verification result specifically
uniquerockrz joined the channel
#
mblaney ah ok. I get that servers shouldn't hold tokens but I don't have a clear definition of a server anymore.... it's just two computers doing different things.
#
aaronpk "server" isn't a useful word
#
aaronpk it's too vague for the reasons you're noticing
#
aaronpk this is why the specific language in OAuth is there
#
aaronpk "client" is the computer making a request on behalf of the user. "resource server" is the computer that has resources the client is trying to access.
[jgmac1106] joined the channel
#
mblaney yeah it's just that the two computers I'm using play both those roles at different times. I guess I'm wondering if sharing a token to perform those roles is a good idea or not.
[KevinMarks], uniquerockrz, KartikPrabhu, [tantek], chrisaldrich, gxt, wagle, mblaney, cweiske and krychu joined the channel
#
jamietanna[m] !tell jacky as an FYI the rendering of your `published using` looks a bit cramped on https://v2.jacky.wtf/post/175f3653-8e76-4077-86ef-a7aad2662821
#
Loqi Ok, I'll tell them that when I see them next
uniquerockrz joined the channel
#
jacky oh that's a mf2 error on my end
#
Loqi jacky: jamietanna[m] left you a message 19 minutes ago: as an FYI the rendering of your `published using` looks a bit cramped on https://v2.jacky.wtf/post/175f3653-8e76-4077-86ef-a7aad2662821
#
jacky it shouldn't be that much :)
[LewisCowles] joined the channel
#
[LewisCowles] [snarfed] not what appeared when I searched it last night but 🤷
uniquerockrz joined the channel
#
jamietanna[m] Jacky ah cool, wasn't sure about that!
#
jacky it's a custom mf2 property too so it's no biggie
#
jacky jamietanna[m]: that said, I've enjoyed seeing your posts on the indieweb! :)
#
jacky I'm actually reading some of them now in my microsub client
#
jacky also aaronpk, do you ever consider doing some ptd on posts you get from feeds?
#
jacky I'm seeing that some things from rss or json-feed don't properly capture the context they can contain
asymptotically and uniquerockrz joined the channel
#
jamietanna[m] Jacky thanks! Appreciate it
uniquerockrz, tahpotDiscord[m] and jbove joined the channel
#
[LewisCowles] I used ipligence.com perhaps they suck, or perhaps other sources have the issue, I’m certainly not going to argue either way
uniquerockrz, [grantcodes], djmoch, asymptotically, krychu, jeremych_, [fluffy], [jgmac1106], [contact091] and [manton] joined the channel
#
beko[m] uh oh. bridgy says Polling delayed, Twitter is throttling Bridgy 😆
KartikPrabhu, [bradenslen], uniquerockrz and [snarfed] joined the channel
#
[snarfed] beko[m]: what's your bridgy user page? not https://brid.gy/twitter/bekopharm ...
[davidmead] and uniquerockrz joined the channel
#
beko[m] [snarfed]: It's https://brid.gy/twitter/BekoPharm - it's this oddity of Twitter beeing case sensitive.
#
[snarfed] thanks! i should change that "throttling" language. it's true for instagram but less true for twitter
#
beko[m] Did I use the service too much?
#
beko[m] No idea =)
uniquerockrz joined the channel
#
[snarfed] not you
#
beko[m] phew 😁
[davidmead], uniquerockrz, [xavierroy] and [KevinMarks] joined the channel
#
GWG [snarfed]: Saw your message, will try not to leave you behind... but will not put the same level of features into the non hosted version unless I can just copy the same code
#
GWG Other than an Authorization header, is there any alternative method of passing tokens? I know that IndieAuth allows it being passed as a parameter, but not everyone supports that. Wondering current school of thought
#
aaronpk OAuth only ever specified three: Authorization header, post body parameter, query string parameter. the query string parameter was always discouraged
#
aaronpk and the form post method always said "SHOULD NOT be used except where browsers don't have access to the header"
#
aaronpk now that we have better browser APIs, there is basically no need for the form post method any more
asymptotically joined the channel
#
GWG aaronpk: I want to add to that WordPress repo I prompted you into
#
GWG I wish I could have talked them into IndieAuth
#
aaronpk my goal now is to talk them into only the most strict version of OAuth
#
aaronpk and then within that framework, encourage them to use the site url as the user ID reported to apps
#
aaronpk which then looks an awful lot like indieauth
#
GWG aaronpk: I am breaking down the problems I experienced in development
[Rose] joined the channel
#
[Rose] Aaron do you need the response body or just the header? Or are you just talking about OAuth?
#
[Rose] If we need the body and the headers then we can’t do a auth flow in Shortcuts on iOS. Though if we can ensure there’s another way to get a token it can be considered unnecessary
#
aaronpk [Rose]: i'm just talking about *sending* the access token
#
[Rose] Gotcha, sorry - I’m running on 4 hours of sleep 🙂
uniquerockrz and gRegorLove joined the channel
#
GWG [Rose]: Go sleep
#
[Rose] I need to get this done before I can do that
#
[Rose] Video editing… takes way too long 😉
#
GWG Agreed
#
GWG I tried to avoid it
[tantek] joined the channel
#
[tantek] I deployed a pretty big fix to my phot post permalink titles (HTML) which should make them look much better in tabs and such
#
[tantek] *photo post permalink
uniquerockrz, shah^ and [LewisCowles] joined the channel
#
gRegorLove Nice, what was the change, tantek?
uniquerockrz and [manton] joined the channel
#
[tantek] I updated the CASSIS function trim_leading_urls to also trim (alt text) that follows image URLs
#
[tantek] now I have to consider renaming the function
uniquerockrz, [davidmead], asymptotically and [contact091] joined the channel
#
[contact091] So for people who have been using eleventy - why? In your subjective opinion, why do you prefer it over say Jekyll?
#
jacky is curious about this too
#
jacky [contact091]: off the top of my head, it's prob the whole stack in JavaScript sell
[schmarty] joined the channel
#
[schmarty] my understanding is that it is also one of the more flexible generators. jekyll and hugo are very opinionated about how content should be organized, what data can be used to generate pages, etc.
#
jacky oooh TIL
[fluffy] joined the channel
#
[schmarty] been meaning to try it out for that reason, though tbh after going through the pain of learning how to work with jekyll and then hugo i am wary of starting over again, despite it sounding so good. 😅
#
jacky yeah that init fatigue is real
#
[davidmead] If/When my Eleventy blog is live I'll write up the blow by blow :-)
#
[schmarty] davidmead++ 😄
#
Loqi davidmead has 2 karma in this channel over the last year (6 in all channels)
#
beko[m] jamietanna: about Hugo this one here https://jlelse.blog/ uses hugo iirc and he is coding a lot IndieWeb related stuff for it. Mayhap this helps.
[snarfed] and uniquerockrz joined the channel
#
[fluffy] I wish I could convince some of y’all to try out Publ 😉
#
[fluffy] I really need to get around to building a proper demo site for it. That’s on the list along with a dozen other important projects I haven’t gotten to. The struggle is real.
[asuh] joined the channel
#
gRegorLove what is eleventy
#
Loqi Eleventy is a JavaScript based static site generator that allows the user to select their own preferred template engine and theme, which in practice can and does enable use of microformats2 https://indieweb.org/Eleventy
#
[davidmead] what is publ
#
Loqi Publ may refer to publ micropub client or Publ CMS https://indieweb.org/publ
uniquerockrz joined the channel
#
[contact091] ... is that a bot? Lol
#
jacky ;)
#
jacky aren't we all?
#
jacky what is Loqi
#
Loqi Loqi is a friendly and useful bot/digital therapist present in the IndieWeb discussion channels https://indieweb.org/Loqi
#
[contact091] Can you elaborate on that a little bit?
#
[contact091] Good bot
uniquerockrz and [Rose] joined the channel
#
[Rose] loqi++
#
Loqi loqi has 2 karma in this channel over the last year (29 in all channels)
#
[Rose] Loqi also has many features, such as the karma scores, countdowns, and more! Extremely useful across all chats
#
jamietanna[m] Beko thanks! I'm using Hugo on www.jvt.me and have really enjoyed it, especially for its speed against something like Jekyll for a smallish site at the time. I dread to think what my site builds would take now, with thousands of more pages of content in my site now
krychu and uniquerockrz joined the channel
#
[LewisCowles] gives loqi a good bot badge
#
Loqi steps on the good bot badge
uniquerockrz and [jgmac1106] joined the channel
#
[tantek] lol
#
gRegorLove on the internet, no one knows you're a bot
uniquerockrz and [snarfed] joined the channel