Spacc BBS Spacc BBS
    • Categorie
    • Recenti
    • Tag
    • Popolare
    • Mondo
    • Utenti
    • Gruppi
    • Registrati
    • Accedi
    La nuova BBS è in fase Alpha. I post precedenti al 22 luglio 2024 potrebbero non essere trasferibili, ma rimarranno disponibili per la lettura su /old/.

    angus:Then authenticates a user using OAuthYes, but what authentication flow does it use?

    Pianificato Fissato Bloccato Spostato Uncategorized
    5 Post 4 Autori 0 Visualizzazioni
    Caricamento altri post
    • Da Vecchi a Nuovi
    • Da Nuovi a Vecchi
    • Più Voti
    Rispondi
    • Topic risposta
    Effettua l'accesso per rispondere
    Questa discussione è stata eliminata. Solo gli utenti con diritti di gestione possono vederla.
    • silverpill@socialhub.activitypub.rocksS Questo utente è esterno a questo forum
      silverpill@socialhub.activitypub.rocks
      ultima modifica di

      angus:

      Then authenticates a user using OAuth

      Yes, but what authentication flow does it use? My verification fails at /oauth/token call.

      ---

      On the topic of federated categories -- the problem with duplicated comments from other Fediverse servers persists: https://socialhub.activitypub.rocks/t/wordpress-follow-failure/4850/2

      angus@socialhub.activitypub.rocksA 1 Risposta Ultima Risposta Rispondi Cita 0
      • angus@socialhub.activitypub.rocksA Questo utente è esterno a questo forum
        angus@socialhub.activitypub.rocks @silverpill@socialhub.activitypub.rocks
        ultima modifica di

        silverpill:

        On the topic of federated categories – the problem with duplicated comments from other Fediverse servers persists: WordPress follow failure - #2 by pfefferle1

        It's not clear to me this is a Discourse bug yet. We'll know more once we merge object JSON log viewing in the admin panel and I can see exactly what SocialHub is receiving and sending in those scenarios. If those Notes are replicated on other services with different ids Discourse would treat them as different Notes.

        silverpill@mitra.socialS 1 Risposta Ultima Risposta Rispondi Cita 0
        • silverpill@mitra.socialS Questo utente è esterno a questo forum
          silverpill@mitra.social @angus@socialhub.activitypub.rocks
          ultima modifica di

          The problem with duplicated remote comments seems to be gone (I am writing this comment from my own server).

          However, I discovered another issue with remote comments like this one: https://socialhub.activitypub.rocks/t/1b12-vs-guppe-groups/5032/13.

          Its ActivityPub ID is

          https://socialhub.activitypub.rocks/ap/object/07746fd71af9af4f0789f9e4798f33ec

          and its attributedTo property has the value of

          https://oisaur.com/users/renchap

          meaning "actor from oisaur.com created object on socialhub.activitypub.rocks", which generally shouldn't be allowed (unless this actor is explicitly authorized to do so).

          I think Discourse should show the original ActivityPub ID of the remote comment when user clicks on the "ActivityPub" button. This probably affects federated activities as well.

          julian@community.nodebb.orgJ 1 Risposta Ultima Risposta Rispondi Cita 0
          • julian@community.nodebb.orgJ Questo utente è esterno a questo forum
            julian@community.nodebb.org @silverpill@mitra.social
            ultima modifica di julian@community.nodebb.org

            @silverpill@mitra.social wait, is it a remote comment?

            Understandably, I could be confused by Discourse's UI, but @renchap@oisaur.com didn't compose that post, the local account on SocialHub did, because it's got a green AP logo.

            Discourse seems to have combined the two accounts and is sending out the reply with the incorrect attributedTo. NodeBB would likely parse that note and see that attributedTo does not match the signed actor, and drop it for security reasons. Let me confirm that...

            1 Risposta Ultima Risposta Rispondi Cita 0
            • julian@community.nodebb.orgJ Questo utente è esterno a questo forum
              julian@community.nodebb.org
              ultima modifica di

              Okay, now I am not sure. There is no valid webfinger response for renchap@socialhub... so perhaps there is no local SocialHub account.

              I wonder why that post had a green AP logo then.

              1 Risposta Ultima Risposta Rispondi Cita 0
              • Primo post
                Ultimo post