#dev 2020-08-11
2020-08-11 UTC
[fluffy] joined the channel
# aaronpk it seems my comment on that gem stirred some life into it again! https://github.com/omniauth/omniauth-oauth2/pull/131
[tantek], geoffo and [tb] joined the channel
# [tb] Alright got my initial spike finished — this isn't wired up into the actual OmniAuth strategy yet but the tests all pass 🙂 https://github.com/craftyphotons/omniauth-indieauth/commit/c50bec502e32c7182078056c27bb05609e36dea7
# [tb] Still needs a bit of a refactor but this canonicalizes profile URLs and discovers from both link headers as well as link tags with priority to headers
# [tb] Also rationale for nokogiri instead of something else — 1) it's still the best HTML parser out there for Ruby AFAIK 2) it's what the microformats Ruby gem uses which I suspect I'll be adding here as well to parse the h-card out of the profile
sp1ff and nickodd joined the channel
# [tb] Yeah as you can see I'm doing a very simplistic thing on the canonicalization hehe
# [tb] > For ease of use, clients _MAY_ allow users to enter just a hostname part of the URL, in which case the client _MUST_ turn that into a valid URL before beginning the IndieAuth flow, by prepending a either an `http` or `https` scheme and appending the path `/`. For example, if the user enters `example.com`, the client transforms it into `http://example.com/` before beginning discovery.
# [tb] That's the part I'm still noodling on an efficient way to do
# [tb] And I suppose there needs to be an option for that in the strategy to choose whether to prepend `http` vs `https` — or perhaps even ping at both and prioritize the `https` URL if it succeeds
[Jose_Leiva], dopplergange and [fluffy] joined the channel
# [fluffy] I’m going to change Authl to fit the new IndieAuth standard. Since SelfAuth still requires a scope for a code request and I expect this to be a point of contention for a while, I’ve opted to start requesting a fictional scope of `read:id`. Is that a good idea or is there something more appropriate?
# [fluffy] https://github.com/PlaidWeb/Authl/pull/83 and I guess the one known in-the-wild `response_type=id` consumer disappears 😉
# [tb] Hmm I'm gonna need to give this fresh eyes in the morning but this is pretty much working now https://github.com/craftyphotons/omniauth-indieauth/commit/1fd75786844603d390aae997a014466de0a7b25d
# [tb] Have a good night folks
KartikPrabhu, gRegorLove and [jeremycherfas] joined the channel; nickodd left the channel
# [jeremycherfas] !tell geman I don’t know if this will help, but pinboard.in collects the tweets I like and more besides.
[tantek] and [fluffy] joined the channel
# [fluffy] Hmm, I’m trying to re-validate Publ’s token endpoint stuff (since I’m ripping all the AutoAuth stuff out and want to just use this for MicroPub et al) and I’m having trouble finding the part of the IndieAuth spec I was referencing before. It seems like a bunch of stuff changed on that? Or am I just misremembering things badly?
# [fluffy] okay yeah this is the spec change that’s tripping me up: https://github.com/indieweb/indieauth/issues/44
[Zegnat] joined the channel
dckc, gRegorLove, gxt, jjuran, moppy and strugee joined the channel
[KevinMarks], [tantek], KartikPrabhu, [Rose] and [jgmac1106] joined the channel
deathrow1, [jeremycherfas], [KevinMarks], [Jose_Leiva], geoffo, dckc, [Ana_Rodrigues], [snarfed], [tantek], [tw2113], [fluffy] and [tb] joined the channel
# [tb] [aaronpk] [jacky] Think I got this endpoint discovery class fully working and conformant with the spec now, if my tests are to be trusted — https://github.com/craftyphotons/omniauth-indieauth/blob/79e25bb7e69ca09c902d2102443dea5345f36ade/lib/omniauth/indieauth/discovery.rb / https://github.com/craftyphotons/omniauth-indieauth/blob/79e25bb7e69ca09c902d2102443dea5345f36ade/spec/lib/omniauth/indieauth/discovery_spec.rb
# [tb] Now the fun part, wiring it up to the actual strategy!
# [tb] How important is backwards-compatibility with the hardcoded stuff to IndieAuth.com [aaronpk]?
# [tb] I could add `default_authorization_endpoint` and `default_token_endpoint` options to the strategy and have those point to `https://indielogin.com/auth` and `https://indielogin.com/token` maybe?
# [tb] Oh wait nvm I keep getting it confused
# @Cambridgeport90 ↩️ That would be. Then some fediverse applications also support Indieauth ... imagine logging into fedireads with your own site? (twitter.com/_/status/1293224007097974784)
# @Cambridgeport90 ↩️ Right? only one I know of that supports Indieauth right now though is http://Microblog.pub. Not sure what happened to it. (twitter.com/_/status/1293224651154284544)
[chrisaldrich], KartikPrabhu, [Emma_Humphries], gRegorLove, [Steve_Song], [schmarty], leg and jamietanna joined the channel
# jamietanna Anyone using Indigenous for Android mind seeing if they see the same issue as https://github.com/swentel/indigenous-android/issues/401 ?
# jamietanna Also is anyone able to see if Drafts are working for them in-app? Everything I've saved over the last week seems to have disappeared :thinking:
gRegorLove joined the channel
[tantek] joined the channel
# @fluffy New post: Plaidophile: Two PSAs regarding IndieAuth https://beesbuzz.biz/blog/6265-Two-PSAs-regarding-IndieAuth
IndieAuth is starting to get some traction in the greater Internet space, which is really cool! I’m glad to see a protocol finally emerging around distributed/federated identity, managing to get some t… (twitter.com/_/status/1293265028465020928)
[fluffy] joined the channel
# jacky messing around with facepiles http://koype.test.black.af/post/a5a714eb-9d3f-4e85-9d97-2cd194b5e09e
[spieper] joined the channel
[tw2113] and [snarfed] joined the channel
# [snarfed] [aaronpk] just fyi i’m seeing broken images on your bookmark posts, eg https://aaronparecki.com/tag/barbot?tag=barbot&before=20170215T165614-0800
[Rose], geoffo, KartikPrabhu and [cleverdevil] joined the channel
# @iamskok Webmention test https://skok.netlify.app/blog/amstelvar/ #abc (twitter.com/_/status/1293313912348135424)
[tb] joined the channel
# [tb] [aaronpk] [jacky] [jgarber] Endpoint discovery for omniauth-indieauth! https://github.com/aaronpk/omniauth-indieauth/pull/6
# [tb] 🙂
# [tb] This should lay the foundation for actually getting a token back as well as some other fun stuff
# [tb] I actually just left a note on there that I'm gonna do a UAT of this into a real app anyway so we can leave it just for code review for now
# [tb] I'll install this into brvs.io tonight and make sure my integration tests weren't lying 😄
# [tb] And actually before I even get to token acquisition, this needs to support PKCE
# [tb] PKCE makes sending `state` redundant doesn't it?
KartikPrabhu, [manton] and [jgarber] joined the channel
# [tb] Thanks [jgarber] and thanks again for the gem! As you can see there it worked nicely
# [jgarber] There’s some overlap between your work and the indieweb-endpoints gem: https://github.com/indieweb/indieweb-endpoints-ruby
# [tb] Oh hah I had no idea!
# [tb] It might be better to use indieweb-endpoints-ruby here
# [tb] Definitely! So I think the main focus in the codebase here was ensuring compliance with the IndieAuth spec on profile URL canonicalization
# [tb] Which led to this lovely method that I had to ignore a bunch of RuboCop violations for! https://github.com/craftyphotons/omniauth-indieauth/blob/endpoint-discovery/lib/omniauth/indieauth/discovery.rb
# [tb] If it ends up making sense to the scope of indieweb-endpoints I'd be happy to collaborate on extracting it out of here
# [jgarber] …and before I forget, add yourself! https://indieweb.org/Ruby
# [tb] Ohh don't mind if I do!
# [tb] Yeah I was thinking tonight after I finished it that it could certainly be it's own little gem
# [tb] its*
# [tb] There's a couple optimizations yet I think could be made, like just making `GET` requests right away instead of the `HEAD` requests and then caching the results for parsing later on
[snarfed] joined the channel
# [tb] Hehe
geoffo joined the channel