#dev 2021-09-15

2021-09-15 UTC
# 01:46 
SamWilson[m] Is anyone here using Overland on Android? I'm trying to implement a receiver for it and am running into a problem: https://github.com/OpenHumans/Overland_android/issues/16
# 01:46 
Loqi [samwilson] #16 No access token field
# 01:48 
GWG SamWilson[m]: I am, why?
# 01:49 
SamWilson[m] do you have it setting a token correctly? I can't figure out how to tell the app what auth token to send
# 01:52 
GWG SamWilson[m]: I use aaronpk's Compass, which does send the token as a query string.
# 01:52 
SamWilson[m] ah cool. I guess I'll do that then! makes sense, even if it's a little less secure (I think)
# 01:53 
GWG SamWilson[m]: I always meant to roll my own solution, but never had the time, so I selfhosted
# 01:54 
SamWilson[m] yeah I could prob just install Compass, but it seems reasonably easy to implement so I'm trying to build it into my own thing
# 01:55 
SamWilson[m] I've got a map of posts at https://samwilson.id.au/map and want to add squiggly lines too :-p
# 01:55 
Loqi Sam Wilson
# 01:57 
GWG I just use Compass to store the data. I generate maps as well.
[jeremycherfas] joined the channel
# 07:39 
Ruxton :O SamWilson[m] ANOTHER west australian!
# 07:41 
SamWilson[m] Ruxton: what, really?! that's great!
# 07:41 
SamWilson[m] that must make about four aussies :-P
# 07:49 
Ruxton yeah, not many, everyone else I've met in here is eastcoast
# 07:50 
Ruxton SamWilson[m]: do you do any of the local web  events/monthly meetups?
# 07:53 
SamWilson[m] Ruxton: sometimes, at spacecubed, but nothing lately. Is there an indieweb one?
# 07:53 
Ruxton nah, i was gonna give a talk on it at one of the wordpress nights, but didn't get a response worthy of putting the effort in, haven't been to much since port80 disolved
# 07:57 
SamWilson[m] hmm that's a shame. I'd be interested in coming to something.
# 07:58 
SamWilson[m] what's your URL by the way?
# 07:59 
Ruxton https://ignite.digitalignition.net/
tetov-irc, [calumryan], hendursaga and shoesNsocks joined the channel
# 13:10 
@edent ↩️ I'm still working out how best to do semantic Webmentions back to my blog. But, in the meantime, here are all the papers which have cited my work: https://shkspr.mobi/blog/citations/ (twitter.com/_/status/1438127118777466886)
# 13:49 
capjamesg[d] !tell skenebel I have managed to figure out the solution to the concurrent.futures issue.
# 13:49 
Loqi Ok, I'll tell them that when I see them next
# 13:49 
capjamesg[d] My code is not as clean as I would like but it (almost!) works as expected.
# 13:49 
capjamesg[d] And I had no idea how much quicker multi-processing was.
# 13:50 
capjamesg[d] I could feasibly crawl 100,000 pages per day if every domain was valid on the list.
# 14:06 
[schmarty] concurrency++ concurrency++
# 14:06 
Loqi concurrency has 2 karma over the last year
# 14:06 
Loqi concurrency has 2 karma over the last year
# 14:06 
[schmarty] 😉
# 14:08 
aaronpk ha
# 14:08 
aaronpk !karma concurrency
# 14:08 
Loqi concurrency has 2 karma over the last year
# 14:17 
capjamesg[d] concurrency++
# 14:17 
Loqi concurrency has 3 karma over the last year
# 14:18 
[schmarty] Hahaha perfect
# 14:18 
Loqi nice
# 14:18 
capjamesg[d] (every domain on the list to crawl is not valid so actual numbers will be lower)
# 14:18 
capjamesg[d] One thing I have learned so far is that the web is a really messy place.
# 14:19 
capjamesg[d] In terms of use of standards, URL structures, redirects, and general what I would call webmaster hygiene.
[grantcodes] joined the channel
# 14:31 
[grantcodes] [aaronpk] re "configure a particular channel to show only the latest post from each subscription" - I tried doing this as a micropub "middleware" for a map view of most recent locations, but never really got it consistently working.
angelo, justache, Seirdy and jamietanna joined the channel
# 18:55 
jamietanna GWG sorry I missed a few messages, I don't have a good IRC interface at the moment so just scrolling back through chat. for now
# 18:55 
Loqi jamietanna: [snarfed] left you a message 2 days, 3 hours ago: just fyi bridgy is still seeing >1500 publish re-attempts a day from your site for posts that were already published. totally ok, not hurting it at all, just checking in! 😁
# 18:56 
GWG jamietanna: I forget what I asked
# 18:56 
jamietanna !tell snarfed sorry - there were some changes to my Kubernetes cluster, and for some reason the authentication to the secrets management stuff (to retrieve my Micropub refresh token) has failed, I'll try and nudge it
# 18:56 
Loqi Ok, I'll tell them that when I see them next
# 18:57 
jamietanna GWG there was one about phrasing of auth on token introspection - I'd say something like "the issuing of client credentials to access this endpoint is out of scope of this specification", or something - then it makes it so people read it as "I should do it"
# 18:58 
jamietanna there was also about hinting re refresh_token - not sure what you're thinking re hints? Just like, what to do / how to structure it?
# 18:58 
jamietanna Or interesting things, like always issue a fresh RT?
# 18:59 
GWG jamietanna: Hinting in the spec is optional... token type parameter  It hardly seemed worth citing
# 19:00 
GWG Always issue a new token is in no spec
# 19:04 
jamietanna It's not, but it's something a few servers are doing nowadays - aaronpk may be aware of if it's been talked about standardising?
# 19:05 
capjamesg[d] [KevinMarks] Is there any good documentation on threading in Python that you think is worth a read?
# 19:10 
capjamesg[d] I could read the robots.txt / sitemap.xml resources for a couple of sites at once and then use concurrent.futures thread pool to create threads for each site. That way I could have five threads working on five sites.
# 19:10 
capjamesg[d] The trouble is that there isn't an easy way to terminate a thread I don't think.
# 19:10 
capjamesg[d] sknebel can maybe help out here.
# 19:10 
capjamesg[d] So maybe there's something I should be doing at a higher level.
# 19:12 
GWG jamietanna: If you have short lived tokens, the problem should solve itself
# 19:12 
angelo capjamesg[d]: have you tried gevent?
# 19:18 
jamietanna GWG but the risk is you've then got a - potentially infinitely - long lived refresh token and if that gets leaked, you have a bad time
# 19:18 
GWG jamietanna: So, shouldn't the recommendation be the refresh token is replaced each time?
# 19:27 
jamietanna Ah I've not looked much at token hinting
# 19:27 
jamietanna Yeah I'd say that if your tokens can be revoked (/ expire) then you should always return a fresh refresh token, and revoke the old one
# 19:28 
GWG I have to see if that's in the cited spec or in the proposed 2.1.
# 19:42 
[KevinMarks] I used to use Twisted for this https://twistedmatrix.com/trac/
# 19:44 
[KevinMarks] I found this talk useful, though I have used the coroutines stuff more than the threads or processes stuff http://dabeaz.com/coroutines/
# 19:51 
jamietanna GWG it appears to be on OAuth 2.1:
# 19:51 
jamietanna > Refresh tokens for public clients must either be sender-constrained or one-time use
# 19:52 
jamietanna (via https://oauth.net/2.1/)
# 19:52 
GWG We can use things from OAuth 2.1 now. We did with PKCE
# 20:07 
GWG jamietanna: The more we have comments on the issues, the easier it will be to update and merge
# 20:10 
capjamesg[d] [KevinMarks] thanks for sharing! I’ll check out that post.
# 20:11 
capjamesg[d] Angelo I haven’t. Any recommended place to start? I couldn’t find a good getting started page in their docs.
# 20:12 
jamietanna Yeah I'll get some comments on there tomorrow
shoesNsocks, maxwelljoslyn[d], tetov-irc and hans1963[d] joined the channel