#social 2017-08-17
2017-08-17 UTC
timbl joined the channel
# 
xmpp-social [ajordan] tantak: curious why you want the most-reposted/liked thing?
# xmpp-social [ajordan] Also I've been reading the logs and just... lolwut
# xmpp-social [ajordan] tantek: > (that we know of obv - others could be lurking out there - hard to discovery of course in a decentralized system)
# xmpp-social [ajordan] Sounds like a problem for snarfed's IndieMap!
xmpp-social joined the channel
# 
ben_thatmustbeme ajordan: I think reviewing how people have handled ui on heavily liked/replied to posts is a good question.
# puckipedia we really really need to specify exactly how http signatures need to work
# puckipedia like, just specify the key object format; the way key IDs work, and the keyId value of http signatures
# saranix true it should be specified, but it's not as if it's a paradox. One can safely assume that if they resolved the keyId, and it contains a publicKeyPem attribute, that is the key to use, if it further dereferences to a publicKey object, then that should be dereferenced to look for a publicKeyPem
# puckipedia one big reason to specify keyId as the key's ID and not the owner's ID:
# puckipedia you could specify that keys should be atomic
# puckipedia eh nvm that's not going to work
# puckipedia as you still have to verify the key belongs
# saranix not sure what that means, but the only caveat I can see is if there are multiple keys, you'd want to point to the specific correct one.
# puckipedia think about systems that want to have e.g. keys that are only valid for 1 week
# puckipedia or, maybe, 1 month
# puckipedia (or you want the client to be in control of their keys, so they have one key per device)
# saranix I still don't see any ambiguity or problems
# puckipedia imagine a client that has e.g. 20 keys
# puckipedia so "publicKey": [a, b, c, ..., z]
# puckipedia then you sign a message with one of those keys, and you specify keyId="your user ID"
# puckipedia ... do you have to verify that message with all 20 keys?
# puckipedia until you find one key that validates
# saranix "if there are multiple keys, you'd want to point to the specific correct one"
# saranix a search would be insecure
# puckipedia what if you don't
# saranix reject it
# saranix sig is only valid if the right key is pointed
# puckipedia like, would you say "if there's only one public key, you may replace the key ID with the actor ID"
# saranix like that yeah
# puckipedia why make that exception
# saranix cause it's a common case, and because there isn't really a type:Key
# puckipedia hmmm, ok
# saranix there should be a type:Key, but there isn't
# saranix only a "magick" publicKeyPem property :-P
timbl and tantek joined the channel
# Gargron puckipedia: the only reason why i am doing an account fetch on the keyId property is to cut corners because i expect it to be a fragment URI
# puckipedia it isn't for me
# Gargron i'll fix it eventually, it's just an annoying little detail where you have to resolve the URI, find its type, then connect it back to an actor
# puckipedia also do you refetch the account every time?
# Gargron no
# puckipedia I think you might, because fragment URI
# puckipedia at least... I thought that might happen
# Gargron hmm
# Gargron it might actually, yeah
# puckipedia maybe you should store the last used key ID separately?
# puckipedia (maybe if it's a fragment you can store a nil, and when looking for key ID first try the key ID field and else try matching it without fragment to a user id?)
# puckipedia this would also make it support keyId being a user ID directly
# puckipedia Gargron: also, the accept/reject handling needs some fixing on the receiving end as well
# puckipedia for the _:atomUri property; you could probably make up an equivalent for this for pointing towards the activitypub ID from OStatus
# puckipedia seeing as you're fetching the status anyways
wilkie joined the channel
# Gargron puckipedia: https://github.com/tootsuite/mastodon/pull/4616 does this fix it, because i think it does
# Gargron submitted it yesterday but nobody reviewed
# Gargron puckipedia: and yes i already did that here: https://github.com/tootsuite/mastodon/pull/4623 though not sure if it's enough
# puckipedia Gargron: so in https://github.com/tootsuite/mastodon/blob/master/app/lib/activitypub/activity/accept.rb
# puckipedia if I'm correct, @account is the account that the request was signed with
# puckipedia I just double checked that and that seems to be right
# puckipedia this means that it tries to find a follow request that has as account the actor, and as target account the account it was signed for
# puckipedia and also, e.g.
{"type": "Accept", "object": {"type": "Follow", "object": "userB", "actor": "userA"}, "actor": "userB"}# Gargron signed by
# puckipedia the account the server signed it for*
# Gargron no the signature belongs to the actor
# Gargron e.g. who is sending the accept
# Gargron @account would be "alice", who sends an "accept" because she accepts that "bob" will follow her
# Gargron she sends it to "bob" who is the local user and the original actor of the "follow"
# puckipedia the follow for that would be e.g.
{"type": "Accept", "object": {"type": "Follow", "object": "alice", "actor": "bob"}, "actor": "alice"}# Gargron yes
# puckipedia wait no I'm reading this wrong? but it still doesn't work for me
# Gargron the PR is not working for you?
# puckipedia I mean, maybe it's on my side, one sec...
# puckipedia sorry. assumed that @object was the root object, aka the activity
# puckipedia anyways, you might want to do the ['actor'] if string, ['actor']['id'] elsewise dance there as well
# Gargron yeah
# Gargron agreed
# Gargron and yeah it's confusing
# Gargron @json = root, @object = @json['object']
# Gargron and then we have @object['object']
# Gargron how many layers of object are you on
# puckipedia hm. at the end, I can't get account_from_uri to work
# Gargron huh
# Gargron because of the ID thing?
# puckipedia well, I kiiinda hard-coded it to see if I could figure out why it broke
# Gargron show me your fix
# puckipedia well, I mean, I'm basically doing account_from_uri("http://localhost:3000/users/admin")
# Gargron try Account.first
# Gargron (for testing purposes)
# puckipedia I found the Other Issue(TM)
# puckipedia Addressable::URI.parse().normalized_host doesn't contain the port part
# puckipedia and local_domain for me is localhost:3000
# puckipedia so ActivityPub::TagManager#local_uri? returns false for local URIs
# Gargron ah
# Gargron hm
# Gargron hwhat do we do about that
# Gargron check if the result of parse contains a port part, and concatenate it before comparison?
# puckipedia I think there might be more locations that don't like this
# puckipedia and, like, it might be best to implicitly warn this I guess
# puckipedia \o/ Account.first hackery works
tantek joined the channel
# puckipedia the follow was properly accepted
# puckipedia I have one Mastodon follower now :D
# puckipedia it's myself though :<
# puckipedia going to try to send
{"type": "Note", "content": "ActivityPub FTW", "to": "https://lol.puckipedia.com/users/puckipedia/followers", "cc": "https://www.w3.org/ns/activitystreams#Public"}# puckipedia IT WORKED
# Gargron that's unlisted innit
# puckipedia cc to public
# Gargron yeah i think we codify "unlisted" that way
# Gargron great to hear
# puckipedia hmm, I assumed unlisted was without public
# puckipedia anyways I can't click the time to go to the original place
# Gargron oh
# Gargron you didn't include a url?
# puckipedia the json has no url: attribute
# Gargron yeah
# Gargron it should
# puckipedia hmm
# Gargron or maybe we should fall back to id?
# puckipedia the frontend should fall back to URI
# puckipedia anyways \o/
# Gargron the frontend should have no knowledge of protocol stuff tbh
# Gargron but yes we should fallback the url property in db to the id attribute from the json
# puckipedia it... it sent a message back and worked?
# Gargron it worked as intended?
# puckipedia yes!
# Gargron great to hear!!
# puckipedia for reference, the Note itself has to: followers; cc: public, mentioned
# Gargron so to summarize: 1) elaborate keyId resolving 2) make TagManager recognize ports for dev environments purposes 3) fallback url to id when processing
# puckipedia yes
# puckipedia \o/ \o/
# puckipedia now I will Like this object
# puckipedia it didn't like properly
# puckipedia because of the port number bug :<
# puckipedia yep likes work as well :D
# Gargron \o/
# puckipedia let's like it the other way
# puckipedia ... woops, error
# puckipedia Kroeg side that is
cwebber2 joined the channel
# puckipedia ah I think it doesn't like the authorization
# puckipedia which, I bet, is caused by a bug in KRoeg
# puckipedia cwebber2: I sent an ActivityPub Note to Mastodon and it worked!
# 
cwebber2 Gargron: puckipedia: I just saw via https://mastodon.social/users/Gargron/updates/4127106
# Gargron loqi is capable of extracting the right text out of our links?
# xmpp-social [ajordan] Gargron: Loqi parses microformats2
# Gargron cool
# xmpp-social [ajordan] ?
# puckipedia yep. something went wrong reading the user id
# xmpp-social [ajordan] I think Loqi's ability to do that is a testament to mf2's flexibility
# puckipedia guess who forgot to add "publicKey" to their things that should be flattened
# puckipedia it's me
# xmpp-social [ajordan] Lol
# xmpp-social [ajordan] puckipedia++
# puckipedia signature died somehow :<
# puckipedia System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters
# puckipedia something in the publicKeyPem was not nice
# puckipedia ah, way too much newlines
# Gargron on my side?
# Gargron i dont think i put any newlines in, did i
# puckipedia nah, I should be able to handle it
# puckipedia I have really shoddy PEM handling
# puckipedia ... it says it tried to like a non-existant object
# Gargron o.O
tantek joined the channel
# puckipedia okay so somehow the like isn't stored properly
# puckipedia :D: issues with port numbers on my side
# puckipedia hey the like worked
# Gargron \o/