#@mattbd↩️ I've also set it up to enable use of IndieAuth. Current site does this too, but only with Twitter and Github. New one will also support mail, PGP and OpenID (twitter.com/_/status/1411473929517084678)
[tantek] joined the channel
#[tantek]aaronpk++ wow for the Foursquare exporter! One of these days I will stress test that script 😂
#Loqiaaronpk has 52 karma in this channel over the last year (141 in all channels)
#aaronpki follow myself from mastodon.social to see this
[fluffy] joined the channel
#[fluffy]sure love how much statefulness needs to be maintained on all parties’ parts for activitypub to work right :P
#aaronpkhuh i don't rememebr when i imported my twitter archive but that's all in there too
#aaronpkoh hey i just got the foursquare download link
#aaronpklol "If you would like to download the photos you’ve uploaded to the Foursquare apps, please use the reference links in the file called "photos" to download them to your device.
#Loqicambridgeport90[: jacky left you a message on 2021-02-14 at 2:52am UTC: I agree to a degree. Things like Gemini are a bit akin to a 'reset' of the Web so that might be harder
[jacky] joined the channel
#aaronpkI don't know! This time I finally got a download link a few hours later
#cambridgeport90[Is that a new thing, though? I have never been able to download anything directly from Foursquare. Probably because I haven't touched the API?
[tantek] joined the channel
#[tantek]TBH I prefer that they didn't bundle all the photos into the download
#GWGOkay, I have proof of concept code, I just need a way to test it. Right now it should support receiving and redeeming a code. Next I need to store it
[fluffy], capjamesg, samwilson, [Murray] and jamietanna joined the channel
#jamietannaGWG what about querying Micropub config?
#ZegnatI guess I could flip the question around to: when do you have a ticket endpoint ready for me to send tickets to? ;)
#GWGThe code is written. I want to test it a bit, and then deploy it. Also, right now it retrieves, but neither stores it nor uses it, so I need to add that
#ZegnatSounds like we both got about equally as far into our implementations, haha
#ZegnatAlso, for requesting a ticket, I have gone the way of a POST with action=ticket, inspired by action=revoke. Not sure if I like it, but could be a fairly acceptable extension on top of this. Maybe.
#sknebelGWG: re "what to use for testing", don't you have an API to fetch and parse remote content in one of the plugins? giving that the option to use a token sounds like a useful building block, and its testing UI could be the first demo
#GWGsknebel: I do, but I wasn't storing external tokens, so I have to build the store first
#GWGI was thinking more how can I programmatically know I got the right version if Zegnat's example is an enhanced version of the same page?
#GWGZegnat: Can I redeem for a page that 404s or 401s otherwise?
#sknebelif you include a token, it should throw an error if the token isn't valid
#aaronpkalso, what would you do differently if you know you got the "right" version?
#ZegnatHmm. True. Just easier to not do so for my first try :P
#ZegnatMy request ticket form describes that it will not, and points at doing a verification call instead, that is enough documentation for v1
#sknebelright now wondering if should shoehorn ticket auth into my existing token auth system
#sknebelor if this is a good point of redoing that mess
#GWGOkay...I just want to make sure that it's working
#Zegnatalso a problem with giving an error when the token is wrong: hard to check the token for static resources unless you put the checking on e.g. the server layer
#ZegnatGWG and anyone else who has a ticket endpoint: https://vanderven.se/martijn/token/ should work, but as I do not have a ticket endpoint yet, it hasn’t been fully tested all the way through :P
#ZegnatMy homepage does not have any special features yet for when you send a token along, but you can use IndieAuth token verification against that URL for now
#ZegnatFor the verification, tokens will put your identity in `me` and your ticket endpoint in the `client_id`. I am not sure if it would be a good idea to change that or not. Or if I might want to extend it to add the `resource`.
#ZegnatGive me a sec, I might know why my hosted instance is not working. Going to try fix that, so you can send unlimited tickets to yourself while I sleep ;)
#Zegnathttps://vanderven.se/martijn/token/ should now work! You see it is succesful if you get redirected to my homepage after submitting. It was giving a white page before. Apparently I forgot to chown the SQLite db, so PHP treated it as readonly
#ZegnatThe server is set to not publicly write out the PHP errors. And as PHP otherwise renders the site up to the first error … it send basically nothing.
#ZegnatI should have tested myself, but I did not have a public place with a ticket_endpoint. Locally I tested by going at local IPs…
#GWGRight now, I am just seeing success in the console log
#jamietannaNice - I'm hoping I may get to being able to send / allow redeeming tickets, but not sure
#ZegnatGWG. Aah. Hmm. That is an interesting question. But I guess we want the resource to always advertise the token endpoint then?
#GWGZegnat: Otherwise, how would one find it from the ticket?
#ZegnatI was not thinking about that. I just set the resource to be the root domain. As I would expect the token to be allowed on any subpage I might host, and not just /martijn
#jamietannaI wonder if maybe we could add a `me` to show who it's allowing access _for_ which then allows looking up the rel=token_endpoint from there?
#ZegnatGWG: then you should now be able to find the token_endpoint in the HTTP headers for vanderven.se
#jamietannaWould you think `iss` would be communicated by the POST to `/ticket`? I think naming wise that'd make more sense to be the IndieAuth server's base URL (that could then lead to https://github.com/indieweb/indieauth/issues/43 to auto-discover token_endpoint)
#Loqi[aaronpk] #43 Consider using OAuth Server Metadata
#jamietannabut not sure we want to require that to be added, too?
#ZegnatBut after 5 hours of D&D, I can only telll you what my character would do with a server, and feel like I do not have the mindspace to come up with alternative solutions right now ;) So I am off to bed. Back in 7 hours or so!
#jamietannaZegnat rethinking further, your point about `iss` makes sense so :+1