#meta 2021-06-15

2021-06-15 UTC
[Will_Monroe], [tw2113_Slack_], Ruxton, [schmarty], [jacky] and cweiske joined the channel
#
cweiske chat.indieweb.org returns a 404 for a date when there are no chat messages at that day, e.g. https://chat.indieweb.org/known/2021-06-14 . Is there a good reason for this? My indiechat search indexer gets a 404 and tells me something is wrong every day.
#
Loqi cweiske: [tantek] left you a message on 2019-11-05 at 8:37pm UTC: is the indieweb chat search service/server down perhaps? I just got "The server at indiechat.search.cweiske.de is taking too long to respond."
#
cweiske 2nd problem: I tried to login to the wiki to fix the IRC links on https://indieweb.org/discuss (they must be ircs:// links), but my indieauth endpoint says "unsupported response_type: code". why is the wiki/indielogin.com not using response_type=id?
#
Ruxton cweiske what platform are you authing against? i saw similar issues a while back in wordpress and I just needed a plugin update
#
Ruxton I'll make the wiki edit for you
#
cweiske i've got my own indieauth server, and it only supports id requests because I don't have my own token server.
#
cweiske the question is why authentication isn't enough for the wiki
#
Ruxton ahh GWG can probably shed some light on that
#
ignite.digitalignition.net edited /discuss (+7) "adjusted for cweiske - https://chat.indieweb.org/meta/2021-06-15/1623738771953400" (view diff)
#
cweiske thanks
[Murray], [chee] and barnaby joined the channel
#
barnaby cweiske: regarding your indieauth questions: AFAIK the response_type=id flow has been deprecated. You can still support an auth-only flow without a token endpoint, but it takes two steps: a response_type=code request to get an authorization code, which is redirected back to the client. The client then makes a grant_type=authorization_code request to the authorization endpoint to exchange the code for profile information
#
barnaby the relevant spec sections are https://indieauth.spec.indieweb.org/#authorization-request and https://indieauth.spec.indieweb.org/#profile-url-response
#
barnaby there’s been some discussion about deprecating this flow too, so that the authorization endpoint is only used for user-facing requests, and the token endpoint is used for all app-facing requests, but nothing is decided yet https://github.com/indieweb/indieauth/issues/58
#
Loqi [aaronpk] #58 Allow clients to always exchange authorization codes at the token endpoint
barnaby and [KevinMarks] joined the channel
#
GWG I missed shedding light on that.
#
barnaby GWG: I got the european timezone shift covered ;)
#
GWG barnaby: I'm looking forward to the next IndieAuth discussion in August.
#
barnaby me too!
#
sknebel hm, I would have expected the wiki login to be backwards compatible there though :/
#
barnaby back compat is trickier this way around. the client would have to attempt the new version of the request, then try the deprecated version if it fails
#
GWG barnaby: I just have my endpoint convert id into code
#
barnaby GWG: oh, does that work? I thought type=id was a different flow without the client sending a separate request for profile info
#
GWG barnaby: Close enough
#
GWG This is probably a -dev conversation
[pfefferle], jeremycherfas, jeremych-, [jacky], [KevinMarks], bode and [chrisaldrich] joined the channel
#
[chrisaldrich] commonplace book << example: https://foggy.garden/
#
Loqi ok, I added "example: https://foggy.garden/" to the "See Also" section of /commonplace_book https://indieweb.org/wiki/index.php?diff=76088&oldid=76043
#
@kevinmarks ↩️ Roger Waters for IndieWeb/ open Web : I'm not saying that the battle is won But on Saturday night all those kids in the sun Wrested technology's sword from the hand of the war lords Oh, oh, oh, the tide is turning (twitter.com/_/status/1404879141929955331)
[chrisaldrich], [tw2113_Slack_] and [asuh] joined the channel