#dev 2021-05-21

2021-05-21 UTC
samwilson joined the channel; superkuh left the channel
#
sparseMatrix
heya [snarfed] : D
#
sparseMatrix
might you recommend something similar that is less google-bound?
samwilson joined the channel
#
sparseMatrix
there's Authl (https://opensourcelibs.com/lib/authl)
digiSal joined the channel
#
sparseMatrix
that was awesome... the hcard I had in place had rel/me and authorization endpoint(s) configured for my new(er) micropub server effort. I attempted to log in to the wiki with my my newer hcard uri, and indieauth.com redirected me to the auth endpoint at the dev site.
#
sparseMatrix
not exactly handy for logging in right now, given it's barely started, but it gave me a perfectly clear picture of what my flask app needs to do next.
#
sparseMatrix
so I have been really struggling to articulate to myself with precision what it is I want my new service to do, beyond very generally saying, you know, microformats/micropub.
#
sparseMatrix
I think it's coming together, though.
#
sparseMatrix
Basically, I want the service to be 'open' to any authorized user.
#
sparseMatrix
period.
#
sparseMatrix
However, I only want to actually authorize one myself; that one being me.
#
sparseMatrix
So essentially anyone would be able to use the endpoints on the server, so long as they could authenticate according to any of the accepted methods.
#
sparseMatrix
that gives me the better parts of them having an account with classical permissions, vs. the pain of having to 'host' such accounts.
#
sparseMatrix
essentially a policy of 'any verifiable identity already has an account on my server'.
#
sparseMatrix
perhaps that is how it works anyway, and the light only just lit up for me ; )
#
sparseMatrix
but in any case, that is where I think I'm headed
gRegorLove joined the channel
sumner, [tw2113_Slack_] and digiSal joined the channel
#
jacky
I like the diagrams used - even though I knew these parts, these help a lot
loicm, samwilson, doosboox, [KevinMarks], gRegorLove, [chee] and barnabywalters joined the channel
sparseMatrix joined the channel
#
sparseMatrix
o/
#
barnabywalters
aaronpk: does this look like a sensible way of using micropub scopes to you? https://indieweb.org/Taproot#Micropub_Integration_and_Scopes
#
barnabywalters
I’m also thinking about read vs read_public scopes, to control whether clients can access private content
#
mgdm
is h-entry markup only intended for the actual content of post? So I shouldn't add that to the index page that just has the title and summary
#
barnabywalters
mgdm: probably not, but it depends a bit on exactly what th content is. typically, if it has content and a published datetime, it could be a valic h-entry
#
barnabywalters
but consider: is it something that people can reply to? how would it look if it showed up in someone’s feed reader?
#
mgdm
it might make sense but it wouldn't be the right place to get that I guess
#
barnabywalters
typically, indieweb index pages have a prominent profile h-card, and maybe an h-feed containing h-entries
#
barnabywalters
mgdm: do you have a link?
#
mgdm
It's just my blog. https://mgdm.net/weblog/ is the index, I was going to add h-entry markup to the pages linked from there, but wondered if I could do something on the index
#
barnabywalters
that looks like an ideal candidate for an h-feed, with each item marked up with h-entry
#
mgdm
Ah cool! Thanks
#
oodani
is there a clear way to indicate "this is the summary h-entry, there's a more detailed version of this h-entry at u-url"? that seems to be a common pattern
#
barnabywalters
e.g. I’d recommend putting h-feed on the <body> element, p-author h-card on the a.header-link for a minimal authorship h-card, and h-entry on each of the ul.post-list li elements
#
barnabywalters
oodani: marking up only p-summary with no e-content should be sufficient
#
oodani
gotcha!
#
barnabywalters
(and of course u-url on the permalink, so that clients/users can fetch the full version!)
#
barnabywalters
also PSA aaronpk the link to your mentions feed here is broken https://indieweb.org/feed#Aaron_Parecki
#
barnabywalters
btw mgdm and oodani here’s a great tool for testing h-feed markup and previewing how it might look in a feed reader https://monocle.p3k.io/preview
#
mgdm
nice, thanks
#
GWG
barnabywalters: There's already a draft scope that behaves like your create_draft scope that people have implemented
#
barnabywalters
cool! yeah I think I saw it mentioned somewhere
#
barnabywalters
btw mgdm I just realised that you have very similar content on https://mgdm.net/, the same h-feed markup would also work fine there, but you could additionally mark up your bio as part of the author h-card, and mark up “Weblog” as the p-name of the h-feed, which is used as a human-friendly feed name in some reader UIs
#
[KevinMarks]
Yes, p-summary is the way, my homepage is like that kevinmarks.com
#
mgdm
Ah cool, that might make more sense, thanks
#
barnabywalters
and then I guess the link to More posts would be the u-url of the h-feed
#
barnabywalters
so that clients know where to go for more content
#
[KevinMarks]
Hm monocle doesn't show the summary
#
barnabywalters
yeah I noticed that too, might be worth filing an issue or pinging aaronpk about
#
barnabywalters
btw [KevinMarks] etc, there are very few real-world examples on https://indieweb.org/feed, feel free to add yours, noting things like only publishing summaries etc
#
sparseMatrix
Great seeing y'all so busy this morning, I thought I was the only one lol
#
sknebel
welcome back oodani!
loicm, sumner, [schmarty] and [manton] joined the channel; sumner-oldclient left the channel
#
@sheldon_hull
↩️ Or a go tool for webmentions or something that is confusing as heck...make it easy.
(twitter.com/_/status/1395763582814597122)
doosboox and loicm joined the channel
#
jacky
I post that to say that if/when I do make another technical post again, I want to see if I can make a diagram liek that
#
jacky
also shout out to https://fedidb.org/, dansup
#
jacky
barnabywalters: I'm referring to https://blog.samwhited.com/2021/02/xmpp-addresses/, I posted that about 10 hours ago lol
#
barnabywalters
oh yeah those are definitely some diagrams
#
mgdm
you can get some of the way to those using something like http://flowchart.js.org/
#
barnabywalters
mgdm++ nice tool
#
Loqi
mgdm has 1 karma over the last year
#
jacky
perfect
#
jacky
thank you!
#
jacky
wow mgdm: mermaid-js is the way to go!
#
mgdm
Yeah it's cool! I use the live editor quite a bit to make diagrams for work
#
barnabywalters
is there a “why are the authorization_endpoint and the token_endpoint different when the indieauth spec assumes that they’ll usually be part of the same service” explainer anywhere?
#
barnabywalters
is it something carried over from oauth2?
#
mgdm
guess so (I can see from an OIDC .well-known endpoint that there are separate entries for both of those)
#
aaronpk
yes it's from oauth, and it's a good design decision
#
aaronpk
the authorization endpoint is used when interacting with the user, the token endpoint is used by the application
#
barnabywalters
hmm okay that doesn’t entirely explain it but I added it to the wiki FAQ
#
barnabywalters
is the fact that tokenless login information can be obtained from the auth endpoint also based on OAuth2, or is that a simplicity/backcompat addition carried over from the earliest indieauth implementations?
#
aaronpk
another way to say it is the authorization endpoint outputs HTML and deals with cookies and such, the token endpoint only responds to simple HTTP POST requests and outputs JSON
#
barnabywalters
sure, except for that exception I just mentioned
#
aaronpk
yep that's a carryover from the first use of indieauth that didn't include access tokens at all
#
barnabywalters
okay, thanks, I’ll expand on the FAQ
#
aaronpk
i'd like to converge that with oauth next but it's unfortunately a pretty significant breaking change for clients
#
barnabywalters
the fact that both endpoints can in theory be separate services, and that how they interact isn’t covered in detail in the spec, never fails to confuse me
#
aaronpk
so in practice we found that basically that wasn't happening
#
aaronpk
so we removed the communication between the two from the spec
#
aaronpk
and more details in the discussion in issue 19 linked from there
#
barnabywalters
right, I clearly just need to re-adjust my assumptions and then everything will become a lot simpler
#
jacky
is thinking about self-hosting xray b/c it's very handy
#
aaronpk
do it! it's just some code
#
jacky
I'm thinking about doing it via the library route so I can muck around with PHP again
#
barnabywalters
working on my site and micropub-adapter in the past week has reminded me just how enjoyable and productive working with PHP can be
#
barnabywalters
woah xray looks cool, don’t think I’ve seen that yet
#
aaronpk
it's very handy
[chrisaldrich] joined the channel
#
barnabywalters
aaronpk++ you’ve clearly been as productive as ever in the past years
#
Loqi
aaronpk has 53 karma in this channel over the last year (164 in all channels)
jamietanna joined the channel
#
dansup
jacky: thanks! :)
#
jacky
definitely, it's very clean
#
jacky
it kinda knocks things like fediverse.party (and the like) out of the water
#
jacky
I could see something like this being helpful in the IndieWeb if we wanted to make a small index of places people could get sites at
#
@ChrisAldrich
Great to hear that http://micro.blog now does backfeed with http://Brid.gy for Twitter using Webmention. Particularly xcited to see how static site generators will use this. https://boffosocko.com/2021/05/19/55791428/
(twitter.com/_/status/1395790982726225921)
#
@ChrisAldrich
Great to hear that http://micro.blog now does backfeed with http://Brid.gy for Twitter using Webmention. Particularly xcited to see how static site generators will use this. https://boffosocko.com/2021/05/19/55791428/
(twitter.com/_/status/1395790982726225921)
#
barnabywalters
am I right in thinking that micropub endpoints must not accept access_tokens via a query string parameter, e.g. on GET q=config requests where they can’t provide a request body?
#
barnabywalters
and that in those cases, the authorization must be provided via an Authorization: Bearer header?
[snarfed] joined the channel
#
[snarfed]
!tell jamietana thanks for checking on your webmention sender! just FYI, in case it helps, i’m still seeing it happening with new posts too. examples: https://www.jvt.me/mf2/2021/05/n6cy6/ , https://www.jvt.me/mf2/2021/05/5qmyh/ , https://www.jvt.me/mf2/2021/05/lhmty/
#
Loqi
Ok, I'll tell them that when I see them next
#
aaronpk
correct
gRegorLove, gRegorLove_, doosboox, [schmarty], [chrisaldrich] and [KevinMarks] joined the channel
#
[KevinMarks]
I should merge the fedi dB thing with my previewer http://www.unmung.com/mastoview?url=Pixelfed.social+&view=local
#
Loqi
agreed.
jamietanna joined the channel
#
jamietanna[m]
Snarfed sorry, so I sorted the authentication issue I had, but now it looks like I've got a threading issue 😂 hopefully will get some progress on it this weekend
[tantek], [tw2113_Slack_] and aaronpk joined the channel
#
[tw2113_Slack_]
hmm, need to adjust that
#
[tw2113_Slack_]
wrong twitter account and everything
[tw2113_Slack_], [tantek]1, jamietanna, [chrisaldrich], themaxdavitt, peterrother, stacktrust_, jbove, ludovicchabant and sparseMatrix joined the channel
#
sparseMatrix
o/
KartikPrabhu joined the channel