@oauth_2 Since PKCE use for Single Page Apps is becoming more popular, take a look at this library I've been working on to make it super easy to implement: https://www.npmjs.com/package/appauthhelper
WeChat ID
aaronpk_tv
-
Nate Angell
https://twitter.com/xolotl
•
Jun 5
Lawyer at @indiewebcamp: "Why isn't anyone at my GDPR unconference session?"
you joke, but: https://indieweb.org/2018/D%C3%BCsseldorf/gdpr -
Simon Rice
https://twitter.com/_SimonRice
•
Jun 5
Excellent thread - just to clarify with another example since Google do identity & calendar - if my app needs OAuth to (say) read playlist data specifically from Spotify via their dev API & do nothing whatsoever user ID related with them, I don’t need “Sign In With Apple”?
Yes that is my understanding reading their guidelines. Of course this remains to be seen how it will play out in practice. -
I had fun with this one: 7 Ways an OAuth Access Token is like a Hotel Key Card
https://developer.okta.com/blog/2019/06/05/seven-ways-an-oauth-access-token-is-like-a-hotel-key-card -
AngeloStavrow
https://micro.blog/AngeloStavrow
•
Jun 5
@aaronpk This is a great resource, thanks! Is sign-in still working for you, though? I'm seeing the Apple sign-in page throw an error in my testing after I authenticate (though it's possible there's an error in the setup).
It's working with the first app I registered in the portal, but hasn't worked with new app IDs I've made since! I'm guessing some weird Apple but that they'll probably fix soon. This is all clearly very early beta right now. -
Amirsh
https://twitter.com/A_sharif90
•
Jun 5
Sorry @aaronpk, I got a bit confused. Maybe my question is very simple, so the purpose of login with apple is for authentication or not? You called it Oauth provider as they don't have a user_info endpoint?
Yes it seems to be designed for authentication only. They do also return an OAuth access token and refresh, though I am not sure what you can do with that yet. -
Daniele Vistalli
https://twitter.com/DanieleVistalli
•
Jun 5
Now I would just love to have a quick guide for using Apple Sign In as an Okta generic oidc inbound provider. Is this possible already ?
I actually just got this working last night! -
Webmention support for static sites
I've written a script to add Webmention support for static sites. It's available from:
https://github.com/angelortega/aov-atom-to-webmention
All software that generates static web sites also creates ATOM XML files with the recent content (like Gruta, the one that build this site). By running this script on the ATOM you just generated, it posts Webmentions to every link found there and that has its support announced in
linktags inside its HTML.It's written in Python with minimal external dependencies.
I've taken inspiration from Plaidophile and from Aaron Parecki's mini-tutorial.
-
Dan Grover
https://twitter.com/DanGrover
•
Jun 4
I can see this giving users a lot of rope to hang themselves, too. If you are trying to use any cross-platform service, you now have no way to log in on a non-Apple device or recover your account.
It's just OAuth, and it works on the web too. https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple -
already did that myself 😉 https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings -
-
André Neves
https://twitter.com/andreneves
•
Jun 4
So now services/apps need to handle OAuth, Apple SSO, and regular email/pass. Feels like more mental burden for developers.
Also turns out Apple's is also OAuth :-) https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple -
André Neves
https://twitter.com/andreneves
•
Jun 4
Feels a lot like another way to lock users inside of the Apple world. How is this any better than signing up with any other service like Google or Facebook (for OAuth for example). It has some nice 'privacy' features but it feels like a marketing stunt more than anything imo
It's more about providing easier options for users: https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings
-
complexmix
https://twitter.com/thatonehacker5
•
Jun 4
It will be set as the default (knowing Apple) and will make all other options so inconvenient that apple users will essentially have one choice. Just like how you can use Chrome on iOS, but they make it as inconvenient as possible to avoid the POS that is Safari.
It's still up to the app to provide the buttons. Check out the sample walkthroughs in that blog post.
