#dev 2021-05-21

2021-05-21 UTC
samwilson joined the channel; superkuh left the channel
# 00:12 
sparseMatrix heya [snarfed]  : D
# 00:12 
sparseMatrix might you recommend something similar that is less google-bound?
samwilson joined the channel
# 00:17 
sparseMatrix there's Authl (https://opensourcelibs.com/lib/authl)
digiSal joined the channel
# 01:29 
sparseMatrix that was awesome... the hcard I had in place had rel/me and authorization endpoint(s) configured for my new(er) micropub server effort. I attempted to log in to the wiki with my my newer hcard uri, and indieauth.com redirected me to the auth endpoint at the dev site.
# 01:30 
sparseMatrix not exactly handy for logging in right now, given it's barely started, but it gave me a perfectly clear picture of what my flask app needs to do next.
# 01:37 
sparseMatrix so I have been really struggling to articulate to myself with precision what it is I want my new service to do, beyond very generally saying, you know, microformats/micropub.
# 01:37 
sparseMatrix I think it's coming together, though.
# 01:38 
sparseMatrix Basically, I want the service to be 'open' to any authorized user.
# 01:38 
sparseMatrix period.
# 01:38 
sparseMatrix However, I only want to actually authorize one myself; that one being me.
# 01:38 
sparseMatrix So essentially anyone would be able to use the endpoints on the server, so long as they could authenticate according to any of the accepted methods.
# 01:39 
sparseMatrix that gives me the better parts of them having an account with classical permissions, vs. the pain of having to 'host' such accounts.
# 01:40 
sparseMatrix essentially a policy of 'any verifiable identity already has an account on my server'.
# 01:44 
sparseMatrix perhaps that is how it works anyway, and the light only just lit up for me   ; )
# 01:44 
sparseMatrix but in any case, that is where I think I'm headed
gRegorLove joined the channel
# 03:15 
@mandaris Manton Reece - Webmention and Twitter: https://www.mandarismoore.com/2021/05/20/manton-reece-webmention.html (twitter.com/_/status/1395577661007835137)
sumner, [tw2113_Slack_] and digiSal joined the channel
# 05:28 
jacky interesting point about parsing JIDs https://blog.samwhited.com/2021/02/xmpp-addresses/
# 05:28 
jacky I like the diagrams used - even though I knew these parts, these help a lot
loicm, samwilson, doosboox, [KevinMarks], gRegorLove, [chee] and barnabywalters joined the channel
# 10:55 
@alexblumgart @SerpTop2 test webmentions (twitter.com/_/status/1395693808176750593)
# 11:05 
@alexblumgart @SerpTop2 test webmentions (twitter.com/_/status/1395696817321426944)
sparseMatrix joined the channel
# 11:12 
sparseMatrix o/
# 11:14 
barnabywalters aaronpk: does this look like a sensible way of using micropub scopes to you? https://indieweb.org/Taproot#Micropub_Integration_and_Scopes
# 11:15 
barnabywalters I’m also thinking about read vs read_public scopes, to control whether clients can access private content
# 11:27 
mgdm is h-entry markup only intended for the actual content of post? So I shouldn't add that to the index page that just has the title and summary
# 11:29 
barnabywalters mgdm: probably not, but it depends a bit on exactly what th content is. typically, if it has content and a published datetime, it could be a valic h-entry
# 11:30 
barnabywalters but consider: is it something that people can reply to? how would it look if it showed up in someone’s feed reader?
# 11:30 
mgdm it might make sense but it wouldn't be the right place to get that I guess
# 11:30 
barnabywalters typically, indieweb index pages have a prominent profile h-card, and maybe an h-feed containing h-entries
# 11:30 
barnabywalters mgdm: do you have a link?
# 11:31 
mgdm It's just my blog. https://mgdm.net/weblog/ is the index, I was going to add h-entry markup to the pages linked from there, but wondered if I could do something on the index
# 11:32 
barnabywalters that looks like an ideal candidate for an h-feed, with each item marked up with h-entry
# 11:32 
mgdm Ah cool! Thanks
# 11:33 
oodani is there a clear way to indicate "this is the summary h-entry, there's a more detailed version of this h-entry at u-url"? that seems to be a common pattern
# 11:33 
barnabywalters e.g. I’d recommend putting h-feed on the <body> element, p-author h-card on the a.header-link for a minimal authorship h-card, and h-entry on each of the ul.post-list li elements
# 11:33 
barnabywalters oodani: marking up only p-summary with no e-content should be sufficient
# 11:33 
oodani gotcha!
# 11:34 
barnabywalters (and of course u-url on the permalink, so that clients/users can fetch the full version!)
# 11:46 
barnabywalters also PSA aaronpk the link to your mentions feed here is broken https://indieweb.org/feed#Aaron_Parecki
# 11:47 
barnabywalters btw mgdm and oodani here’s a great tool for testing h-feed markup and previewing how it might look in a feed reader https://monocle.p3k.io/preview
# 11:47 
mgdm nice, thanks
# 11:59 
GWG barnabywalters: There's already a draft scope that behaves like your create_draft scope that people have implemented
# 12:00 
barnabywalters cool! yeah I think I saw it mentioned somewhere
# 12:02 
barnabywalters btw mgdm I just realised that you have very similar content on https://mgdm.net/, the same h-feed markup would also work fine there, but you could additionally mark up your bio as part of the author h-card, and mark up “Weblog” as the p-name of the h-feed, which is used as a human-friendly feed name in some reader UIs
# 12:02 
[KevinMarks] Yes, p-summary is the way, my homepage is like that kevinmarks.com
# 12:02 
mgdm Ah cool, that might make more sense, thanks
# 12:02 
barnabywalters and then I guess the link to More posts would be the u-url of the h-feed
# 12:02 
barnabywalters so that clients know where to go for more content
# 12:03 
[KevinMarks] Hm monocle doesn't show the summary
# 12:03 
barnabywalters yeah I noticed that too, might be worth filing an issue or pinging aaronpk about
# 12:04 
barnabywalters btw [KevinMarks] etc, there are very few real-world examples on https://indieweb.org/feed, feel free to add yours, noting things like only publishing summaries etc
# 12:08 
sparseMatrix Great seeing y'all so busy this morning, I thought I was the only one lol
# 12:12 
sknebel welcome back oodani!
# 12:13 
oodani c:
# 12:55 
@alexblumgart @SerpTop2 webmentions (twitter.com/_/status/1395724019056488449)
loicm, sumner, [schmarty] and [manton] joined the channel; sumner-oldclient left the channel
# 15:30 
@sheldon_hull ↩️ Or a go tool for webmentions or something that is confusing as heck...make it easy. (twitter.com/_/status/1395763582814597122)
doosboox and loicm joined the channel
# 16:10 
jacky I post that to say that if/when I do make another technical post again, I want to see if I can make a diagram liek that
# 16:12 
barnabywalters ???
# 16:12 
jacky also shout out to https://fedidb.org/, dansup
# 16:12 
jacky barnabywalters: I'm referring to https://blog.samwhited.com/2021/02/xmpp-addresses/, I posted that about 10 hours ago lol
# 16:13 
barnabywalters oh yeah those are definitely some diagrams
# 16:15 
mgdm you can get some of the way to those using something like http://flowchart.js.org/
# 16:16 
barnabywalters mgdm++ nice tool
# 16:16 
Loqi mgdm has 1 karma over the last year
# 16:16 
mgdm Another good one is https://mermaid-js.github.io/mermaid/#/
# 16:17 
jacky perfect
# 16:17 
jacky thank you!
# 16:18 
jacky wow mgdm: mermaid-js is the way to go!
# 16:18 
mgdm Yeah it's cool! I use the live editor quite a bit to make diagrams for work
# 16:18 
barnabywalters is there a “why are the authorization_endpoint and the token_endpoint different when the indieauth spec assumes that they’ll usually be part of the same service” explainer anywhere?
# 16:19 
barnabywalters is it something carried over from oauth2?
# 16:24 
mgdm guess so (I can see from an OIDC .well-known endpoint that there are separate entries for both of those)
# 16:25 
aaronpk yes it's from oauth, and it's a good design decision
# 16:25 
aaronpk the authorization endpoint is used when interacting with the user, the token endpoint is used by the application
# 16:29 
barnabywalters hmm okay that doesn’t entirely explain it but I added it to the wiki FAQ
# 16:30 
barnabywalters is the fact that tokenless login information can be obtained from the auth endpoint also based on OAuth2, or is that a simplicity/backcompat addition carried over from the earliest indieauth implementations?
# 16:30 
aaronpk another way to say it is the authorization endpoint outputs HTML and deals with cookies and such, the token endpoint only responds to simple HTTP POST requests and outputs JSON
# 16:30 
barnabywalters sure, except for that exception I just mentioned
# 16:30 
aaronpk yep that's a carryover from the first use of indieauth that didn't include access tokens at all
# 16:31 
barnabywalters okay, thanks, I’ll expand on the FAQ
# 16:31 
aaronpk i'd like to converge that with oauth next but it's unfortunately a pretty significant breaking change for clients
# 16:31 
barnabywalters the fact that both endpoints can in theory be separate services, and that how they interact isn’t covered in detail in the spec, never fails to confuse me
# 16:32 
aaronpk so in practice we found that basically that wasn't happening
# 16:32 
aaronpk so we removed the communication between the two from the spec
# 16:32 
aaronpk https://github.com/indieweb/indieauth/issues/44
# 16:33 
aaronpk and more details in the discussion in issue 19 linked from there
# 16:33 
barnabywalters right, I clearly just need to re-adjust my assumptions and then everything will become a lot simpler
# 16:37 
jacky is thinking about self-hosting xray b/c it's very handy
# 16:37 
aaronpk do it! it's just some code
# 16:38 
jacky I'm thinking about doing it via the library route so I can muck around with PHP again
# 16:39 
barnabywalters working on my site and micropub-adapter in the past week has reminded me just how enjoyable and productive working with PHP can be
# 16:40 
barnabywalters woah xray looks cool, don’t think I’ve seen that yet
# 16:40 
aaronpk it's very handy
[chrisaldrich] joined the channel
# 16:41 
barnabywalters aaronpk++ you’ve clearly been as productive as ever in the past years
# 16:41 
Loqi aaronpk has 53 karma in this channel over the last year (164 in all channels)
jamietanna joined the channel
# 17:15 
dansup jacky: thanks! :)
# 17:16 
jacky definitely, it's very clean
# 17:17 
jacky it kinda knocks things like fediverse.party (and the like) out of the water
# 17:17 
jacky for those curious https://fedidb.org/network/instance?domain=mastodon.online
# 17:17 
jacky https://fedidb.org/network/instance?domain=pixelfed.social
# 17:18 
jacky I could see something like this being helpful in the IndieWeb if we wanted to make a small index of places people could get sites at
# 17:20 
@ChrisAldrich Great to hear that http://micro.blog now does backfeed with http://Brid.gy for Twitter using Webmention. Particularly xcited to see how static site generators will use this.
https://boffosocko.com/2021/05/19/55791428/ (twitter.com/_/status/1395790982726225921)
# 17:20 
@ChrisAldrich Great to hear that http://micro.blog now does backfeed with http://Brid.gy for Twitter using Webmention. Particularly xcited to see how static site generators will use this.
https://boffosocko.com/2021/05/19/55791428/ (twitter.com/_/status/1395790982726225921)
# 17:20 
@mantontest ↩️ @mantonsblog This is a test reply to see http://Brid.gy in action. (twitter.com/_/status/1395033801533927428)
# 17:33 
barnabywalters am I right in thinking that micropub endpoints must not accept access_tokens via a query string parameter, e.g. on GET  q=config requests where they can’t provide a request body?
# 17:33 
barnabywalters and that in those cases, the authorization must be provided via an Authorization: Bearer header?
[snarfed] joined the channel
# 17:35 
[snarfed] !tell jamietana thanks for checking on your webmention sender! just FYI, in case it helps, i’m still seeing it happening with new posts too. examples: https://www.jvt.me/mf2/2021/05/n6cy6/ , https://www.jvt.me/mf2/2021/05/5qmyh/ , https://www.jvt.me/mf2/2021/05/lhmty/
# 17:35 
Loqi Ok, I'll tell them that when I see them next
# 17:36 
aaronpk correct
# 17:36 
barnabywalters thanks
gRegorLove, gRegorLove_, doosboox, [schmarty], [chrisaldrich] and [KevinMarks] joined the channel
# 19:34 
[KevinMarks] I should merge the fedi dB thing with my previewer  http://www.unmung.com/mastoview?url=Pixelfed.social+&view=local
# 19:35 
Loqi agreed.
jamietanna joined the channel
# 19:39 
jamietanna[m] Snarfed sorry, so I sorted the authentication issue I had, but now it looks like I've got a threading issue 😂 hopefully will get some progress on it this weekend
[tantek], [tw2113_Slack_] and aaronpk joined the channel
# 20:15 
@achoosneezed New post set sail: Trying a webmention reply https://trxtp.com/aw (twitter.com/_/status/1395835396840312832)
# 20:17 
[tw2113_Slack_] hmm, need to adjust that
# 20:17 
[tw2113_Slack_] wrong twitter account and everything
[tw2113_Slack_], [tantek]1, jamietanna, [chrisaldrich], themaxdavitt, peterrother, stacktrust_, jbove, ludovicchabant and sparseMatrix joined the channel
# 23:00 
sparseMatrix o/
KartikPrabhu joined the channel