#indiewebcamp 2012-04-03

2012-04-03 UTC
#
aaronpk although it doesn't support facebook right now anyway since they broke their html view of public profiles
#
mkowens Ah. Gotcha. I am good at breaking things.
#
aaronpk always an important skill
#
mkowens Indeed.
#
mkowens I'm going to likely try some other stuff related to indieauth sometime, but the fact that Twitter worked flawlessly was nice.
#
aaronpk awesome
#
mkowens It looks like a much better solution than OpenID in general, but I was trying to think of a way that a user like myself who may have multiple auth options could "pre-select" which option to use.
#
mkowens Or, for example, what happens when you find multiple auth options: do you present the user with a choice or just assume they don't care which they use?
#
mkowens In general, for example, I prefer to use Facebook as my identity provider except when the content is likely to be more valuable connected with Twitter or Github or whatever.
#
aaronpk it assumes the links on your site are in order of preference
#
mkowens Yeah, but preference is situational.
#
mkowens Example: Logging into StackOverflow would be best done using Github because the identity space is code-related there and my social graph on Github is much more attuned to the one that I would want to immediately be able to interact with on StackOverflow.
#
mkowens Example 2: Logging into Zynga.com would be best done using Facebook because the identity space is personal-related there and my social graph on Facebook is most likely to overlap with the concept of social games.
#
aaronpk ah, but in this case your identity is actually mowens.com.
#
aaronpk it's not mowens on github or mowens on twitter
#
aaronpk it just delegates the actual authentication to some other provider, but it doesn't matter which it is. you are still you.
#
mkowens Right, but I would hope that as the indieauth system improves, it could delegate more data from the authentication provider used down to the site with which I just connected as mowens.com
#
aaronpk so the site that's trying to log you in doesn't even need to know which you used to authenticate. and indieauth.com doesn't even tell the site. (look at the sample response for indieauth.com/session)
#
aaronpk you mean like your name / email / other profile data?
#
mkowens Yeah.
#
aaronpk well ideally that should come from your domain too! marked up properly with microformats of course
#
mkowens Instead of simply being an identity delegate, it could also be a social graph delegate.
#
mkowens Most of my friends don't use FOF or XFN properly even if I do. :-P
#
aaronpk yea. social graph stuff is interesting, but one step at a time :)
#
mkowens I'm not saying it's a realistic need or desire, but it might be something to consider when working with the authentication preference concept, as it does create an interesting method for independently delegating data to a service without giving access to or revealing data you don't want shared with a service.
#
mkowens Lately, I've also been spending most of my time looking at network graphs and the intersections of network graphs over time and location, so my mind is definitely on "how do I improve personal graph use" mode.
#
aaronpk ah cool. I'd love to read about what your'e finding, are you documenting things on your site somewhere?
#
mkowens Not currently. It's a long-term side project that is not yet publicly available.
spinnerin__ joined the channel
#
mkowens I'm documenting things, but I want to get the side project to a reasonable point before I start really talking too much about it publicly.
#
aaronpk ah cool
#
tantek catches up
#
tantek aaronpk - you shoudn't have to whitelist fb.me - the relmeauth consumer is supposed to handle redirects (a redirect is an implied rel-me)
#
tantek I certainly had to add some code to relmeauth.php to specifically make that work
#
aaronpk I have code that checks whether a link is a known OAuth provider, I need to add it there.
#
tantek or rather, process a URL for redirects *before* checking it
#
aaronpk unfortunately that would break Google profile URLs, since the redirected version is the URL that has a bunch of numbers in the string. Then I wouldn't know the Google account name
#
tantek I believe per HTTP / Web Architecture - you don't have much of a choice you're supposed to treat redirects like they're the real thing
#
aaronpk i.e. https://profiles.google.com/aaron.parecki redirects to https://plus.google.com/117847912875913905493
#
aaronpk oh wait, I think if I verify the other direction I might be able to do that... *thinking*
#
tantek mkowens try your web address with the relmauth.php prototype to see if that handles your domain/rel-me: tantek.com/relmeauth
#
mkowens kk
#
tantek aaronpk - just tried indieauth.com with tantek.com and it worked beautifully!
#
aaronpk tantek: awesome! good to hear!!
spinnerin joined the channel
#
tantek now you just need a logout link like the RelMeAuth prototype has ;)
#
aaronpk there is no concept of being logged in :)
#
mkowens Just logged in.
#
tantek aaronpk - yeah, I've been debating which terminology is better, "logout" or "sign-out"
#
tantek "Sign-out" is more parallel to "Sign-in"
#
tantek but more people quickly recognize "logout"
#
tantek at least that's my anecdotal assertion
#
aaronpk or rather, indieauth.com doesn't have the concept of being signed in. that would be up to the site using it
#
tantek well it does
#
tantek because it comes back with a page that says:
#
tantek You're Signed In!
#
tantek Congrats! You've signed in as http://tantek.com/
#
aaronpk heh, I should change that messge then
#
tantek I'd expect that page to have a "logout" or "sign-out" link ;)
#
mkowens Tantek: RelMeAuth prototype just recognized Twitter. How would I make it recognize the fb.me URL?
#
tantek mkowens - that's a good question. first I'd have to add FB Oauth support to relmeauth.php
#
aaronpk facebook won't work unless the RelMeAuth site handles facebook's stupid markup
#
mkowens Oh, okay. That's where aaronpk is running into an issue is on the FB redirection.
#
Loqi aaron was at Portland 1 hour 41 minutes ago.
#
mkowens Anyway, I'm heading home for the night. Have fun guys. :-)
#
aaronpk ttyl!
#
tantek ttyl mkowens!
#
tantek aaronpk - added indieauth to the "example implementations" of Web sign-in: http://microformats.org/wiki/web-sign-in :)
#
aaronpk awesome!
#
tantek hey - where should I link to in the indieauth github repository for the Ruby implementation of RelMeAuth? (i.e. not the whole indieauth.com website, but just want a Ruby developer would include if they wanted to do the authing themselves - e.g. what Ward wants to do with FedWiki)
#
tantek ?
#
aaronpk ah, I haven't broken that part out into a separate gem yet.
#
tantek fair enough - so noted: http://microformats.org/wiki/RelMeAuth#Ruby
#
aaronpk great! I'll make a repository called relmeauth soon, and it'll be easy to use, like `gem install relmeauth`
#
aaronpk how much of the oauth/relmeauth is handled by your php library? is it just things like parsing the web pages, or does it include twitter oauth client code as well?
#
aaronpk i'm wondering what sort of dependencies that module should require, as in a database, twitter client credentials, etc
#
tantek the twitter oauth client code is handled by tmhOAuth.php
#
tantek rather, it's a generic Oauth client library
#
tantek which is written quite cleanly and requires very little twitter-specific code in relmeauth.php
#
tantek I'd actually recommend tmhoauth.php for your OAuth book as well
#
aaronpk ok, I'll take a look. It's OAuth 1 only tho, right?
#
tantek looks like 1.0A
#
tantek https://github.com/themattharris/tmhOAuth
tilgovi, davida and tantek joined the channel
#
tantek aaronpk - the whole todo.txt thing has made me think - I wonder what the right "indieweb" solution is to to-do lists
#
tantek many (most?) to-do things I'm ok making public, in the pronoia hopes/perspective that others knowing about it may help get it done more easily
#
tantek plus there's the use case of send each other to-dos etc. via web pages
#
aaronpk well there's a crazy idea! a to-do item as a web page! seems like you could leverage git to power that in some interesting ways
#
tantek we have some examples of things like to-do items on web pages already - e.g. when someone tweets a plancast tweet that they're "planning" something - that's like a to-do on a web page (tweet permalink page)
#
aaronpk good point!
#
tantek foursquare's tips are kind of like geofenced to-do items when you add them to your to-do list on foursquare
#
tantek but they have the assumptions of repeatability
#
tantek private tips and limited count tips would be interesting - i.e. only things you can do, and only things a certain number of people can do - like tickets to an event.
danbri, tantek, voxpelli, wajiii-afk, davida and tantek_ joined the channel
#
67.180.195.8 edited /Special:Log/newusers () "created new account User:Agalpern" (view diff)
#
agalpern edited /2012/Guest_List (+431) "/* Creators */" (view diff)
#
tantek edited /2011 (+20) "schedule" (view diff)
#
tantek edited /2012 (+193) "to-do" (view diff)
#
agalpern edited /2012/Guest_List (+324) "/* Apprentices */" (view diff)
#
agalpern edited /2012/Guest_List (-323) "/* Apprentices */" (view diff)
#
agalpern edited /2012/Guest_List (+42) "/* Creators */" (view diff)
#
tantek edited /2012/Planning (+468) "some updates for 2012, note to-do on 2012 page" (view diff)
#
tantek edited /Contribute (+43) "/* How to Contribute */ help with 2012" (view diff)
brennannovak joined the channel
#
Loqi [http://twitter.com/BarnabyWalters] Argh, coming up with a file upload backend that will scale to indefinite file types is tricky #indieweb http://t.co/WL0kaepP
josephboyle, tilgovi, danbri, spinnerin_ and tantek joined the channel