A great effect of spending a day in the same room with 20 or so more geeking inclined others, is you get a lot of examples, tools and services mentioned. And geek is as geek does, I try them out on the spot. Today this helped me become aware that something is wrong on my server with the OAuth authentication I run. I thought that it was working fine, as it is no problem to actually use it, for instance to log in with my own domain name at the IndieWeb wiki. But when interacting with my micropublishing endpoint not all goes well.

Today I noticed that:

  • When I try to post from Micropublish.net, I can log in at micropublish.net, but when I try to post I get an ‘unauthorized’ error
  • When I try to use the Omnibear Firefox add-on it authorises ok, but then endlessly tries to load the list of syndication targets
  • When I use Quill to post, it posts fine, but does not load the list of syndication targets

Those missing syndication targets (now that I understand what they are from todays sessions) was what first caught my eye. Testing the micropublish endpoint on my server myself I got the correct response, but Quill turned out to get ‘unauthorized’ as response for that request, just like micropublish.net got for posting.

The endpoint gives a correct response

In WordPress my IndieAuth plugin has a diagnostic tool, and running that, it turns out an authorisation header is not send out.

Which seems to be causing the problems. Reading in the links provided it seems like with XML-RPC, my hoster is actively blocking that header. [UPDATE: It is not, it’s just not available in the way the server currently runs PHP] Resulting in exactly the same experience as I had with XML-RPC, that it seems to be only half working (namely the ‘safe’ uses work, while the rest fails). There’s a work around, renaming the headers that get send out, and implementing that work-around is a thing for me to do tomorrow. To see if I can get around being unauthorised. [UPDATE: That workaround did not work until now]

I plan to dedicate some learning time in the coming 12 weeks to better understand the protocols that drive the independent web, or IndieWeb. During our STM18 birthday unconference Frank Meeuwsen presented his experiences on the IndieWeb. Frank, Peter and I have formed an impromptu triade to explore the IndieWeb in the past months. In one of his slides Frank conveniently listed the relevant protocols. I’ll plan for 24 hours to explore 6 protocols. Some of them I already understand better than others, so I’ll start with the ones I feel less knowledgeable about.

The ones I want to explore in more detail, in planned order, are:

  • ActivityPub / OStatus, a decentralized networking protocol (as this ties into my Mastodon experiments as well, this comes first)
  • Micropub, publish on your own domain with 3rd party tools
  • Microsub, own your feed-subscriptions (although I already run my own TinyTinyRss instance)
  • Microformats, markup for data, text, people, events (already used on my blog, but curious to see how I can extend that to more types of data)
  • Indieauth, federated login protocol to sign in with your own domain on other services (already active on my blog, but interested in where else I could use it)
  • Webmentions, respond to a blogpost through your own site (already active on my site, but strongly wish to better format and style it on my site)

In the discussions during Smart Stuff That Matters last Friday, I mentioned a longtime demand I have of social media. The ability to on my blog have different levels of access, of presenting content. But not in the shape of having accounts on my site and corresponding overhead, but more fluid like layers of an onion, corresponding to the social distance between me and a specific reader. Where I write an article, that looks different to a random reader, compared to what e.g. Peter or Frank sees. Maybe even mark-up the content in a way that controls how specific parts of a posting are visible or not. We mused if IndieAuth might be useful here as a first step, as it at least spares me from the maintenance of accounts.