#[tantek]BBEdit direct source code. No build process, no problems
#aaronpkugh yeah the most build process i'm willing to put up with is a package manager for server-side code. cause once i install the packages i need, i don't have to touch that again and can edit code all day long
geoffo, gxt and strugee joined the channel
#GWGIs there a scenario where someone might have an authorization_endpoint header and not a token_endpoint header or vice-versa? I'm assuming if there is one, the other will be there.
#aaronpkIn an early version of the spec you could do sign-on with only the authorization endpoint. That wasn't strictly following the OAuth protocol so we changed it. So now both are required for all the use cases
#GWGThat's what I thought. This is my new discover_endpoints function, which looks for metadata, and then if not, extracts known rels into the same data structure so it can return it. So, if both aren't found, I'm considering it a failure
#aaronpkOh and it is also possible to use other grant types with only the token endpoint but I suspect that doesn't have an actual use case with IndieAuth
jeremycherfas joined the channel
#GWGIf someone files an issue later that their endpoints aren't being discovered, I can worry then
#GWGThis is all because the ticket endpoint acts similarly to a client in redeeming the ticket, so to avoid repeating code, I'm pulling out the client type code and then calling it for each function.