#social 2018-10-28
2018-10-28 UTC
# 
dansup Anyone know what headers are required to be signed for mastodon?
# dansup nightpool Gargron ^
# dansup I got pixelfed <--> pleroma working
# dansup I wonder if its failing because the follower/following endpoints 404.. let me finish those quickly
# dansup Getting 401 on mastodon inboxes
# dansup Will focus on finishing handling the verbs for now and ping lain/kaniini and the mastodevs tomorrow
# rialtate[m] It usually gives a reason for failure of sigs in the body. I think the only time it doesn't is when it can't match keyId to the actor
# dansup rialtate[m]: interesting because it worked fine with pleroma
# dansup and another pixelfed instance
# Angle What's your problem? I think I also had similar trouble with Agora. Gimme a sec and I'll link my code, maybe it'll help you. :/
# Angle Hmm. It looks like I just let a library figure out what to sign. The code block:
# Angle HTTP.post(actor.inbox, {data: activity, npmRequestOptions: {
# Angle httpSignature: {
# Angle authorizationHeaderName: "Signature",
# Angle keyId: activity.actor + "#main-key",
# Angle }
# Angle key: Keys.findOne(
{id: activity.actor + "#main-key"}, {fields: {privateKeyPem: 1}}).privateKeyPem# Angle This is from: https://gitlab.com/Agora-Project/agora-meteor/tree/master/server/federation.js, right at the top.
# dansup Angle: this is my code. https://gist.github.com/dansup/0490c420e786e26235fb1a24858e6bb6
# dansup one sec
# dansup aaronpk: that is done by the library, https://github.com/pixelfed/http-signatures-guzzlehttp
# dansup it is added by the Context, custom guzzle handlerstack
# dansup yeah, I thinking about just using native curl functions lol
# dansup aaronpk: I did, I forked it and added it myself
# dansup oh, I forgot to publish then new version 😩
# Angle Is it adding the righ header? I had a problem with the wrong headr name.
# rialtate[m] dansup: err, where does $digest get used?
# dansup Angle: yeah, it works fine with pleroma...
# dansup rialtate[m]: yeah that is legacy
# Angle That why my code there specifies authorization
# Angle Fuck my phone, hold on.
# Angle Jess this is much better
# Angle That lag was awful
# Angle I could not type. -_-
# Angle Anyway sorry, did you check to make sure your header is labeled authorization? I think Masto's a pain about that.
# dansup oh really? Its named signature
# dansup thanks, will try that
# dansup I wonder why I can reply from mastodon but not pleroma... https://i.dansup.xyz/236c40e21c9e
# dansup I think it might have to do with how they have 3 different urls for a status
# Angle Wait no, my mistake. It needs to be labeled signature.
# Angle Maybe try capitalizing it though? :/
# dansup aaronpk: oh okay, I thought that was the same as \n
# dansup ah
# 
aaronpk here's my code that works for reference https://github.com/aaronpk/Nautilus/blob/master/app/ActivityPub/HTTPSignature.php
# dansup aaronpk: yeah I used some of it for the verify logic
# dansup aaronpk: will just get rid of that lib and use your signing library!
# dansup or code I mean
Angle, xmpp-social, Guest84, puck and RzR joined the channel
# RzR Hi, good discussion at Mozfest
# RzR If anyone at #FosFest is curious about bridging IoT and Social domain find me at mozilla iot booth
# RzR https://www.slideshare.net/rzrfreefr/webthingiotjs20181022rzr-120959360/20 I can show a proof of concept demo
geekodour08, RzR, timbl, Angle, dmitriz, ajordan, rektide, Guest84 and dlongley joined the channel