Aaron Parecki

@fluffy https://queer.party/@fluffy • Jun 3
@aaronpk Cool that they're using an open protocol! I still wish it were one with a better federation story though. Anyone should be able to provide any identity to anyone, rather than being beholden to the handful that any given website decides to support.

I totally agree! https://indieauth.net/

Portland, Oregon

1 reply

Mon, Jun 3, 2019 3:38pm -07:00
Aaron Parecki https://aaronparecki.com/ • Jun 3
weirdnesses:

• Their token endpoint requires setting a User-Agent header, otherwise responds with an HTML error
• Client secrets are a signed JWT using ECDSA + SHA256
• An email address isn't returned even when requesting the `email` scope

If you're interested, here is my sample code I was able to use to get an access token and ID token from Apple

https://github.com/aaronpk/sign-in-with-apple-example

Portland, Oregon, USA

31 likes 12 reposts 2 replies

Mon, Jun 3, 2019 3:20pm -07:00
@fluffy https://queer.party/@fluffy • Jun 3
@aaronpk I wonder what the underlying protocol is and if anyone can join in as an identity provider. I'm not any more enamored with Apple as identity service as with Twitter or Facebook.

It's OAuth + OIDC, and they are becoming an identity provider with this. I do think they're better for this than Twitter/Facebook since they aren't in the business of selling user data.

Portland, Oregon

1 like 1 reply

Mon, Jun 3, 2019 2:38pm -07:00
Blaine Cook https://twitter.com/blaine • Jun 3
Oh, nice, where did you find the details?

They have some docs here https://developer.apple.com/sign-in-with-apple/get-started/ but their docs are missing quite a bit right now. I had to guess at some endpoints and things.

Portland, Oregon, USA

6 likes 1 reply

Mon, Jun 3, 2019 2:29pm -07:00
Marc Köhlbrugge https://twitter.com/marckohlbrugge • Jun 3
Some ppl pointed out this is probably “just” an implementation of OAuth w/ email forwarding on top.

That’s probably correct. However, what sets Apple apart from the other major OAuth providers (mainly Facebook & Google) is that Apple is not in the business of selling your data.

I just tried it out and it's OAuth + OpenID Connect with a little bit of Apple uniqueness sprinkled in.

Portland, Oregon, USA

4 likes

Mon, Jun 3, 2019 2:29pm -07:00
Aaron Parecki https://aaronparecki.com/ • Jun 3
Initial test of the "Sign in with Apple" API:

• It's more or less based on OAuth + OIDC
• Their documentation is missing a lot of key info to use it right now, I had to guess at a lot of things
• The `sub` claim includes some sort of unique user identifier, not an email

weirdnesses:

• Their token endpoint requires setting a User-Agent header, otherwise responds with an HTML error
• Client secrets are a signed JWT using ECDSA + SHA256
• An email address isn't returned even when requesting the `email` scope

Portland, Oregon, USA

12 likes 1 repost 2 replies

Mon, Jun 3, 2019 2:24pm -07:00
📷 PhotoJoseph 🎥 https://twitter.com/photojoseph • Jun 3
DIRECT IMPORT INTO LIGHTROOM ON iPadOS!!!!!! Finally. Fi. Na. Lly.

I definitely thought of you when they announced that!

Portland, Oregon

1 like

Mon, Jun 3, 2019 11:43am -07:00
mike https://twitter.com/k5m_diary • May 31
First drink in Germany per shareholder vote.

I didn't mean drink it all at once!

Portland, Oregon

Fri, May 31, 2019 5:44pm -07:00
Jack Jamieson https://jackjamieson.net/author/jackjamieson/ • May 29
a post by Aaron Parecki
I didn’t realize that you’re in Toronto! I hope your talk went well and that you’re having a great time here!

Thanks! Short trip but I'm sure I'll be back!

I really need a good solution for letting people know where I'll be traveling to! Sounds like a good IndieWebCamp project.

Toronto, Ontario

Wed, May 29, 2019 10:23pm -04:00
May 28
Poll: if you’re a musician 🎵 (play an instrument 🎸🎷🥁🎹, sing 🎤, write 🎼, produce or anything related), professionally or as a hobby, please reply with what you do and a link, if you want to share. I’ll then collect and post a summary.

🎹🎼 https://100.aaronparecki.com

Toronto, Ontario

1 reply

Tue, May 28, 2019 10:02pm -04:00
Imaginary G https://twitter.com/TheHammerSpeaks • May 28
Risky click?

but not that tweet 😉

Toronto, Ontario

Tue, May 28, 2019 8:36am -04:00
danielpunkass https://micro.blog/danielpunkass • May 27
@robothive Hi Rob - it definitely makes it seem possible that I could support it, which is a big step forward from before. Still a lot of work and I'm not sure how big the audience is. Will add it to my list to consider!

This is exactly why we need common open standards. We shouldn't need every service and every app developer to have to make these decisions about whether to support each other on a case-by-case basis.

Using open standards means app developers can implement once and work with all servers that support the standard.

Toronto, Ontario

2 likes 1 mention

Mon, May 27, 2019 5:38pm -04:00
AngeloStavrow https://micro.blog/AngeloStavrow • May 27
@aaronpk The short answer is that priority is for projects and up-next is for administrivia. So, for example, when I do a weekly review, I’ll prioritize working on three projects for the coming week, and I’ll add a next tag to a few tasks on single action lists (e.g. “drop off the rent cheque”, “make haircut appointment”, “clean the barbecue”).

The long answer is that I should write a blog post. 😅

Please do! That sounds really interesting.

Toronto, Ontario

Mon, May 27, 2019 5:32pm -04:00
AngeloStavrow https://micro.blog/AngeloStavrow • May 27
@aaronpk Yeah, what I’ve settled on for tasks in OmniFocus is three binary axes: priority/not-priority, due/not-due, up-next/backlog. So far so good. 👍

Interesting. What's the difference between priority/not-priority and up-next/backlog?

Toronto, Ontario

1 reply

Mon, May 27, 2019 5:15pm -04:00
cygnoir https://micro.blog/cygnoir • May 27
@aaronpk I like your custom filter, but I think I have to expand the due-date horizon slightly, since even when something is due today I often need a day or two to do the work to complete it.

Yeah good point! I've been looking at the week view up until now so I'll probably expand the filter to maybe 3-5 days.

Toronto, Ontario

Mon, May 27, 2019 3:47pm -04:00
AngeloStavrow https://micro.blog/AngeloStavrow • May 27
@aaronpk @cygnoir I’d be very interested in how you differentiate p1 from p2 and p3! I’ve never had a solid rubric for that.

Right now p1 is the only one I feel strongly about. I'll see if I keep using p2 and p3 as I described.

Toronto, Ontario

2 replies

Mon, May 27, 2019 3:46pm -04:00
cygnoir https://micro.blog/cygnoir • May 27
@aaronpk This addresses something I have been struggling with for quite a while! Do you refrain from adding priority to tasks that are due on a particular day, or do you still add priority?

We'll see how it pans out, but right now I don't think I will add a priority when there's a due date since the combined dashboard view gives me a list of both due dates and prioritized tasks.

Toronto, Ontario

1 reply

Mon, May 27, 2019 3:36pm -04:00
Ryan Wilson-Perkin https://twitter.com/rwilsonperkin • Jan 13
@aaronpk Your simplified article on OAuth2 was the first I found easy to understand, thanks for writing it! https://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified

Just stumbled across this tweet from a few years ago and realized you are in Toronto! I'm here for an OAuth workshop tomorrow and you're welcome to join if you'd like! https://regionalevents.okta.com/oktaapiworkshoptoronto

Toronto, Ontario, CAN

1 like

Mon, May 27, 2019 2:55pm -04:00
Jonathan LaCour https://cleverdevil.io/profile/cleverdevil • May 27
My iOS Health database is filled with information now, and I think I’ve decided that my project for IndieWeb Summit will be to integrate HealthKit with my website. Collaborators welcome! Especially collaborators with iOS development experience! 👨🏻‍⚕️

Looking forward to seeing what you can do with this!

Toronto, Ontario

Mon, May 27, 2019 2:16pm -04:00
May 27
Disappointed that Ghost created a custom posting API instead of adopting Micropub, which is a W3C recommendation. It’s okay to have Ghost-only APIs as long as you start with standards as a baseline. Now we have fragmented client apps.

I just saw that too :-( I understand that Micropub doesn't cover 100% of their use cases, but it would have been a great opportunity to improve the spec to cover more ground too!

Toronto, Ontario

13 replies

Mon, May 27, 2019 12:30pm -04:00

older