#dev 2022-07-28

2022-07-28 UTC
jacky, nertzy and jeremycherfas joined the channel
# 02:28 
[schmarty] whew, slapped a token introspection endpoint onto this indieauth provider and ... i think i'm ready to switch? now to track down all the bookmarklets, ios shortcuts, scripts, micropub/sub clients, and more with long-lived tokens that will no longer work. 😭
jacky joined the channel
# 02:32 
[schmarty] aww nurts i forgot i have my media endpoint yet to fix.
# 02:34 
[schmarty] angelogladding asked at HWC US West tonight if I'd be updating Flask-IndieAuth and maybe i will need to lol.
# 02:35 
GWG [schmarty]++
# 02:35 
Loqi [schmarty] has 10 karma in this channel over the last year (23 in all channels)
# 02:36 
[schmarty] i don't want to!
# 02:38 
GWG [schmarty]: For your token introspection slapping
geoffo joined the channel
# 03:15 
@fluffy ↩️ Step 2 is where I'm specifically proposing the use of IndieAuth and adding u-vr-avatar (or the like) as a property, and standardizing the way that VR avatars are represented (which, again, can be based on VRM or the like) (twitter.com/_/status/1552492708375064576)
jacky, alex11, ben_thatmustbeme, [Jacob_Hall], Javi, tetov-irc, nertzy and [campegg] joined the channel
# 14:20 
@voxpelli ↩️ Totally! I would add RSS to that list as well :)

When it comes to IndieWeb features the two most basic are Webmention and the h-entry microformat.

Combined those two makes it so one can easily interact/be social with the content of other people. (twitter.com/_/status/1552659163100184576)
ben_thatmustbeme joined the channel
# 14:51 
GWG Wondering how I decide to update the Ticket Auth draft spec? Namely... what's appropriate?
# 14:59 
Zegnat Make changes first, ask for forgiveness later? ;)
# 15:46 
[schmarty] whew! really slogged my way through getting an access token issued but got my media endpoint fixed up and working with my new indieauth endpoint using token introspection instead of the old "throw an Authorization header at the token endpoint".
# 15:46 
[schmarty] all that to say: finally got today's caturday posted lol
# 15:48 
aaronpk [schmarty]++
# 15:48 
Loqi [schmarty] has 11 karma in this channel over the last year (24 in all channels)
# 15:52 
[schmarty] in other news i think owncast's indieauth implementation is slightly broken? when starting an indieauth flow on their test server at https://watch.owncast.online/ the `client_id` they send does not include a path component. is it OK to assume `/` if path component is missing from  `client_id`  or should this be filed as an issue with owncast? or both??
# 15:53 
[schmarty] (taproot/indieauth requries a path in its `client_id` validation and i was about to loosen that restriction but i see mentions of `client_id` requiring a path component in other places like gimme-a-token.5eb.nl)
# 15:54 
[schmarty] oop i was finally able to find it in the spec. indeed a path component is required! https://indieauth.spec.indieweb.org/#client-identifier
# 16:00 
Zegnat Yes to file an issue. But I cannot immediately come up with a reason why your endpoint could not add a / path by default. For http scheme that is almost always assumed
# 16:04 
aaronpk IIRC we have something like that allowing path-less profile URLs already?
# 16:04 
aaronpk oh i think it applies to everything https://indieauth.spec.indieweb.org/#url-canonicalization
# 16:04 
[schmarty] the spec mentions normalization and cleanup for "me" URLs but doesn't say to apply it to client IDs?
# 16:05 
aaronpk "if a URL with no path component is ever encountered, it MUST be treated as if it had the path /"
# 16:05 
[schmarty] aha, indeed, thanks!
gRegor and angelo joined the channel
# 17:49 
GWG Zegnat: Can you forgive me?
# 17:53 
Zegnat GWG: I will have to think long and hard about it... hahahahaha!
# 17:53 
Loqi Zegnat: lol
# 17:58 
GWG Zegnat: I meant, will you read the modifications and comment?
nertzy joined the channel
# 19:08 
Zegnat Sure!
# 19:24 
[schmarty] aaronpk: looks like Aperture doesn't know how to do token introspection (still does the old toss-a-bearer-token-at-the-token-endpoint method) which i am trying not to support because it's no longer in the spec!
# 19:24 
aaronpk ooh
# 19:24 
aaronpk [schmarty]++ file an issue!
# 19:24 
Loqi [schmarty] has 12 karma in this channel over the last year (25 in all channels)
nertzy joined the channel
# 19:32 
[schmarty] aaronpk++ filed! with some muddled thoughts!
# 19:32 
Loqi aaronpk has 31 karma in this channel over the last year (118 in all channels)
# 19:32 
[schmarty] https://github.com/aaronpk/Aperture/issues/121
# 19:32 
Loqi [martymcguire] #121 Feature request support IndieAuth introspection endpoint
# 19:35 
gRegor Maybe related: https://github.com/aaronpk/Monocle/issues/56
# 19:35 
Loqi [gRegorLove] #56 Sign out if access token verification fails
# 19:35 
gRegor Not actually sure now if that issue is with Aperture or Monocle, heh
nertzy, CrowderSoup, CrowderSoup8 and tetov-irc joined the channel