68°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

Monday, July 9, 2018

← Older → Newer
  • Aaron Parecki
    Contributions from: Austria, Spain, United Kingdom, United States
    Mon, Jul 9, 2018 3:19am -07:00
  • 9:15pm
    Asleep
    4:42am
    Awake
    7h 27m
    Slept
    27m
    Awake for
    Portland, Oregon, USA
    Mon, Jul 9, 2018 4:42am -07:00
  • balloob https://github.com/balloob   •   Jul 9

    #21 Allowing local IP addresses in client identifiers

    Aaron Parecki

    I could see extending the limitation of the loopback address to also include the private IP ranges. I assume in that case it is extremely unlikely that the server will have an https certificate, so that's another reason to keep the limitation on the private IP ranges rather than allowing arbitrary IP addresses.

    One of the benefits of the client ID being a publicly accessible web page is that the authorization server can fetch the application name and icon from that page.

    with client info

    In the case of using a private IP address, the authorization server won't be able to fetch any information about the client, so the prompt will show just the IP.

    private ip address

    The other option is to use https://www.home-assistant.io/ as the client ID, allowing just the redirect URL to be a private IP. This breaks the rule of the client ID and redirect URL hostnames matching, so servers may show a warning like the below, but at least the application info is visible.

    redirect URL warning

    Portland, Oregon, USA • 59°F
    Mon, Jul 9, 2018 5:51am -07:00
  • Max Böck https://mxb.at
    I absolutely ❤️ the idea of the #IndieWeb. Take control of your own content! watch @adactio explain it: https://vimeo.com/265121482 https://indieweb.org
    Portland, Oregon • 59°F
    Mon, Jul 9, 2018 9:59am +00:00 (liked on Mon, Jul 9, 2018 5:53am -07:00) #IndieWeb
  • 154.5lbs
    Weight
    18.5%
    Body Fat
    Portland, Oregon
    Mon, Jul 9, 2018 9:00am -07:00
  • 10:35am
    Asleep
    1:22pm
    Awake
    2h 47m
    Slept
    03m
    Awake for
    Portland, Oregon, USA
    Mon, Jul 9, 2018 1:22pm -07:00
  • Kdenlive | Libre Video Editor (kdenlive.org)
    Mon, Jul 9, 2018 5:05pm -07:00 #video #linux
  • Pitivi, a free and open source video editor for Linux (www.pitivi.org)
    Mon, Jul 9, 2018 5:05pm -07:00 #video #linux
  • Aaron Parecki
    Good: the screws I ordered from China arrived 2 days before the 14-30 day delivery window.

    Bad: they are 2mm too short for what I need!
    Portland, Oregon, USA • 67°F
    Mon, Jul 9, 2018 5:53pm -07:00 #hardware #steno
← Older → Newer

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv