Mauve 👁💜

Published a blog about the new Social Inbox tool we've made at which makes it easy to add to your static websites.

blog.mauve.moe/posts/distribut

1+
𝓻𝓻𝓪

@mauve This looks really cool. I've managed to get the static part working with my hugo site: @site

However, got stuck on registering the account on the inbox server. Any chance for a more user friendly interface or better documentation how to do it for example with curl?

1
Mauve 👁💜

@rra @site Hmm are you self hosting your inbox instance? We have swagger docs generated at /v1/docs

Sadly swagger doesn't have the HTTP auth stuff built in so we don't have an out of the box UI yet.

We use the http signature spec for authentication so you shoukd sign yout request with the private key corresponding to your actor's public key: docs.joinmastodon.org/spec/sec

1
𝓻𝓻𝓪

@mauve ah the swagger docs are really handy. So if I understand correctly I won't be able to complete my post request with curl, but need to use client.setInfo() instead?

1
Mauve 👁💜

@rra sadly the client API is still a WIP but my colleague should be getting to it next week ish. I'll see if I can get a lil somethin done before then though.

technically it should be possible to do it witg curl, you just need to do the digest calculation and signing stuff with openssl or similar. Sadly I don't have ready examples of it cause we did it in js.

Here's how we do it so far: github.com/hyphacoop/social.di

1
𝓻𝓻𝓪

@mauve Hi thanks for the suggestion! Together with @cblgh we managed to recreate the signing code pretty close before you sent it! However we get Bad Request but we're also unsure whether we're overlooking something. Maybe you have an idea?

gist.github.com/rscmbbng/63a30

1
Mauve 👁💜
Follow

@rra @cblgh Oh I think you're missing the `Content-Type` header indicating the body is JSON

· · Tusky · 1 · 0 · 1
𝓻𝓻𝓪

@mauve @cblgh ohh gonna try that this evening!

1
𝓻𝓻𝓪

@mauve @cblgh I'm still getting a 400 ("message": "\"[object Object]\" is not valid JSON") so I'm guessing our script doesnt send something yours likes. Anyway I'm out of ideas. If you have a moment to make a script based on the repos code to request an account that would be appreciated. Otherwise I'll wait for a later stage of the release.

1+
Mauve 👁💜

@rra @cblgh ah that's due to your code passing in the parsed object of the credwntials instead of the credentials atrinf. Fetch doesn't automatically json stringify sadly

0
Mauve 👁💜

@rra @cblgh K! We had a bug in how we authenticated methods which I just fixed today. I also added an account creation script to my staticpub example: github.com/RangerMauve/staticp

Should all be working now!

1
𝓻𝓻𝓪

@mauve Great! I get a 200 indeed (both with your code and the one @cblgh wrote).

This seems to indicate success, but when I then query the user account or do any other action (list admins for instance) I get 500 with "Cannot read properties of undefined (reading 'matchAll')"

I can see that the post request has added something to the store, so the account is there.

This is the path: ap.roelof.info/v1/@site@test.r

This is the actor:
test.roelof.info/about.jsonld

@cblgh let us know whether you want to be untagged from this :)

1+
Alexander Cobleigh

@rra @mauve i don't mind :) it's fun to ambiently know how it's going

0
Mauve 👁💜

@rra @cblgh K! We had some bugs that came from overhauling our auth code, it should be working again for real. :P Make sure your requests are all signed!

1
𝓻𝓻𝓪

@mauve @cblgh ah good! Will try it one of these days. Should I also sign my GETs?

1
Mauve 👁💜

@rra @cblgh Yup! At the moment all the APIs are only available to admins or inbox owners other than a POST to `/v1/:actor/inbox` which requires the author of the activity to sign their request.

0
Sign in to participate in the conversation
Mauvestodon

Escape ship from centralized social media run by Mauve.

Resources

Developers

What is Mastodon?

mastodon.mauve.moe

More…

v3.5.10 · Privacy policy