#meta 2017-07-22

2017-07-22 UTC
[kevinmarks], tantek, eli_oat and j12t joined the channel
#
aaronpk
Zegnat: i had an alternate plan that might be more fun for you to help with
#
aaronpk
kind of along the lines of selfauth
#
aaronpk
since the wiki and chat logs are totally separate "apps", but it would be nice if you could log in to both, I was thinking about consolidating the login into its own separate app
#
aaronpk
it would support indieauth, and use indielogin.com for relmeauth support, and then set a cookie
#
aaronpk
then the wiki and any other app on the domain can just read the cookie
#
aaronpk
so the mediawiki authentication plugin becomes just parsing that cookie and returning yes/no
#
Zegnat
That’s interesting. So you would have an IndieAuth web sign-in field on – say – login.indieweb.org, that sets a cookie, and then all *.indieweb.org sites can check that cookie?
#
aaronpk
i think it would have minimal UI, because all it'd really need is the sign-in form, and everything else is done via redirects or handled by indielogin.com (indieauth.com0
#
sebsel
login to the chat logs? what functionality does that provide?
#
aaronpk
it could set your nick for example
#
aaronpk
and show you desktop notiifications if you're mentioned
#
aaronpk
also eventually could be how you add yourself to /irc-people rather than doing the wiki edit manually
#
sebsel
oh, yeah, nice
#
Zegnat
But how would you “decode” the cookie? You’d either need some shared back-end storage, or go stateless. For stateless there either needs to be a public/private key thing set-up or login.indieweb.org needs another API you can call to check the cookie.
#
aaronpk
yeah, probably JWT with a shared secret is the best optioin
#
sebsel
I was just wondering what I missed, since I don't see a login there now :)
#
sebsel
also nice for a possible future events.indieweb.org, if we ever get there
#
aaronpk
actually that sounds a lot like OpenID connect
#
Zegnat
I don’t really like shared secret, but that would be the easiest to do, yes
#
aaronpk
i don't mind shared secret because they are all part of the same domain
#
Zegnat
shared secret means the other services can also create the sign-in cookie
#
Zegnat
priv/pub key means they can only validate it, but not create one themselves
#
aaronpk
true, i thiink OpenID connect uses priv/pub keys
#
Zegnat
Makes sense for them to do that. It would be my preferred method. But I find most priv/pub key libraries for PHP confusing. Thankfully libsodium is about to change that <3
#
aaronpk
there is probably a JWS library that works
#
Zegnat
Nice table, some of those seem pub/priv key. I’ll have a look into that later today.
#
Zegnat
JWS with pub/priv key would be nice. Might even roll that into selfauth if it turns out there is a neat library for it.
#
aaronpk
anyway, a small app that handles that would be amazing, and i'd love to replace the wiki login with it
#
Zegnat
This project is basically: 1) include a JWS library, 2) include indieauth/client, 3) make IndieAuth fallback to indieauth.com, and 4) after successful authentication generate cookie
#
aaronpk
yep pretty much
#
Zegnat
I’d be happy to look into that aaronpk
#
aaronpk
i might even use that on my site to let people sign in so they can eventually read private posts!
j12t, tantek and jjuran joined the channel
#
tantek
!tell aaronpk I'm seeing an error (on the upload page) when uploading a cropped screenshot from my iPod to the wiki: "File extension does not match MIME type." Can you try uploading a screenshot from your iPhone and see if that works?
#
Loqi
Ok, I'll tell them that when I see them next
#
tantek
have never seen this before. and I'm pretty sure I've uploaded other screenshots from my iPod to the wiki in the past
#
tantek
figured out the problem
#
tantek
when you crop a screenshot on iOS, it turns the PNG into a JPEG (dumb)
#
tantek
but does not rename the file (sensible)
#
tantek
so you have to explicitly rename the upload to a ".jpeg"
#
schmarty
That is an interesting bug!
j12t and jjuran joined the channel