Chris Aldrich
https://www.boffosocko.com/
•
Jun 30
WeChat ID
aaronpk_tv
-
Good point! I should have mentioned that. Also there's http://sendawebmention.com (Telegraph) -
toot?
-
ahhhh I had to stop 30 minutes before the end last night! Can't wait to finish!
-
Yep! For comments from Twitter, Bridgy creates the web page and sends the HTTP request so that you can receive a webmention from a tweet just like you can receive a webmention from a normal web page. Bridgy doesn't help with sending webmentions tho.
-
whoa that eye
-
UI feedback Ian a great idea. I would suggest the app turn the button a different color while the Micropub request is pending, then changing to the confirmed state after it gets the Micropub success response. If the Micropub request fails for some reason then it could turn the button into yet another state to indicate the error. It also sounds like maybe the app could at least maintain its own cache of posts that it has created likes for in order to be able to show whether a post has been liked before. I think there's also an open issue on Microsub to return that info in the post data as well.
-
manton
https://micro.blog/manton
•
Jun 29
@trevorstinson @Scotty @macgenie I'll look into the email delays. There are other things we could do in addition to email (like push notifications) to improve the experience. Also, if there's a reason you are signing in often, maybe that's the root issue that we should address.
I'm a big fan of push notifications for login! I have that set up on my own website right now! https://aaronparecki.com/2017/10/04/23/passwordless-logins #passwordless -
cheesemaker
https://micro.blog/cheesemaker
•
Jun 28
@TheDimPause yes. Iβm guessing a number of people here follow him. π€ͺ
Wait haha what'd I do? -
Aaron Parecki
https://aaronparecki.com/
•
Jun 28
Thanks so much to everyone who participated in #IndieWebSummit this year, both in person and remotely! It was really inspiring to see so many people who care about owning their online presence together! #indieweb
-
I actually have an open issue on Aperture which would help in this situation. The idea I had was to treat every Aperture channel as its own IndieAuth identity, so that you could log in to Micropub apps and they'd end up posting into the Aperture channel. The cool part of that is the apps wouldn't even know that they're posting into an Aperture channel, they just see it as a Micropub endpoint.
Your idea of just treating some channels as writable is also interesting though. The only trick is I can't picture the user flow of how to actually have the app request and get the permissions for that. Definitely worth further thought though!
-
In order to continue the OAuth compatibility, this would also mean that the code exchange (token request) step would need to work without the
meparameter as well.This breaks the ability to use a shared token endpoint between users, since the token endpoint wouldn't know how to verify the authorization code without the
meURL at that point. The workaround for shared token endpoints is to have a per-user token endpoint URL, liketokens.indieauth.com/user.example.com/tokenkind of like how I have per-user webmention endpoints on webmention.io. I'm not sure I'm super happy about this though. -
Thanks for the writeup!
This is a really good point. The
meparameter in the request is really more of a hint, since the authorization server will ultimately return the finalmevalue at the end of the flow. The client just has to verify that it's on the same domain that was used to discover the authorization endpoint.I implemented an IndieAuth server into my website quite a while ago, so I checked the code there. It turns out I had some code that verified the
meparameter was in the request, but it actually completely ignores that value after that. Since my site is a single-user site, it's always going to returnhttps://aaronparecki.com/as the profile URL at the end.I'm inclined to make a change to the spec that says clients SHOULD include the
mein the authorization request, but that the authorization server should not require the parameter. I do like that it helps IndieAuth be more in line with OAuth 2.0. -
manton
https://micro.blog/manton
•
Jun 24
@aaronpk I think working on this needs to be my goal for IndieWeb Summit day 2.
And maybe my day 2 project will be to fix my whitespace bug π -
manton
https://micro.blog/manton
•
Jun 24
@aaronpk I think working on this needs to be my goal for IndieWeb Summit day 2.
Oops that other reply shouldn't have mentioned you, I was just replying to the thread!
I'm happy to help this week for sure! In January at IndieWebCamp Baltimore I was able to help @dshanske with enough of it to get the WordPress plugin launched! -
manton
https://micro.blog/manton
•
Jun 24
@hjalm Unfortunately GitHub auth is really the only way to get OwnYourGram to work right now, so you did it correctly. We have plans to significantly improve this.
Another option is to put an email address on your site, but I understand if that's not something you want to do. I'm looking forward to the real solution! -
Jonathan LaCour
https://cleverdevil.io/profile/cleverdevil
•
Jun 23
Short notice three day business trip to Dubai? Sure, why not. -
I'd love to see Yarns become the defacto Microsub server for Wordpress! I think there's huge value in going that route, since Wordpress is a great platform for people to install stuff into while keeping it self-hosted, and you'd also be able to take advantage of the exciting progress on third-party Microsub clients!
-
Vance Lucas
http://vancelucas.com/
•
Jun 18
Shower thought: We donβt need decentralized _platforms_ like Mastadon vs. Twitter/FB, we need a way to personalize _aggregation of decentralized content_ that also has social features built-in, even if that means the platform itself is centralized. -
Looks like I missed cleaning up the resized files. The other ones look right, there's an fclose right after the file is written before it's used again later. I also had the crashing problem myself at one point, I'm not sure how best to deal with that though.
-
This looks great! Just testing it out now.
Looks like both IndieAuth login and authorization is working well, so glad to see the new local verification in there now. Also the web sign-in flow works great, I'm able to sign in to my test site using my aaronparecki.com identity (which is not running WordPress, also a good test).
Let's publish!
