Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
onli
@onli
heads up: I merged portier/portier-broker#174, which changed token['email_verified'] to be a boolean instead of the email address
onli
@onli
I just added a plugin for Ruby/Roda: https://github.com/portier/roda-portier
Stéphan Kochen
@stephank
Hi! Sorry, I haven't been around here. I just don't know what to do with the dozen different chat apps. :/
onli
@onli
Chatting might work ;)
No, I think it's confusing and bad as well. Back then we had it all solved with Miranda/Pidgin and now chatting is a mess again
but we should use this channel here to coordinate the blockers. You were wondering on how to announce the change to the public broker?
Stéphan Kochen
@stephank
Yes, it's mostly about the change in normalisation. I had this comment where I tried to outline scenarios: https://github.com/portier/portier-broker/issues/165#issuecomment-475556791
I updated it, because new releases fix a bunch of stuff at least for Node.js and PHP, but it still requires people to upgrade.
onli
@onli
Imho all that needs to be done is to set a date (~1 month in the future, though maybe not hitting christmas), write a post on the mailing list and then update the broker
Well, and to update the spec. Though a c lear "you need to do this now" page would be helpful. Frankly, I got confused by the scenarios
I assume that should be fair to everyone using the public broker. Pipes should be one of the "biggest" users anyway
Given how the activity in the project is you need no further mandate to change this
Stéphan Kochen
@stephank
Alright. I'll have to find some time to draft a mail, I guess. Could just aim for Feb 1, to be safe?
onli
@onli
Sure!
Stéphan Kochen
@stephank
@onli Btw, do you have admin access to the google group? Otherwise I suspect Dan has it.
onli
@onli
@stephank Yes, I think I do. I am able to delete messages and the welcome message etc
But you are listed as owner too?
Stéphan Kochen
@stephank
Oh shoot, that's my personal account of course. I've been trying to degoogle, and never use that anymore. I'll switch it to my work account. :)
Stéphan Kochen
@stephank
I'm removing our work CI account from Docker Hub, so may end up breaking those builds. Should probably create a separate Docker Hub account just for Portier.
Stéphan Kochen
@stephank
Hyper 0.13 is out, I made a hyper-staticfile release, and this PR is now ready to go: portier/portier-broker#189 🥳
Oh, wow, apparently it fails on stable and nightly, but not beta. And I happen to be on beta.
Stéphan Kochen
@stephank
Ah, small issue where Rust 1.39 doesn't properly infer a return type. And nightly is just failing on clippy not building. PR should be fixed now, though. :)
onli
@onli
I'll give you a generic approve. Merge of course as you seem fit, but I will try to take some time to look at this closer later
onli
@onli
I have a user that can't log in with chrome via the public broker and gmail. Looking in the logs I see that the token is nil when he comes back to my site. The strange thing: All this works with Chrome and Gmail in my tests, I can't reproduce it. Maybe you stumble over the same issue?
Stéphan Kochen
@stephank
@onli If id_token is missing, there should be error and error_description instead. (Those are the two return_to_relier calls in the broker.)
I haven't heard about Gmail issues, but I don't think we have a lot of users on the gmail.com domain. Most of our users are probably G Suite or an Exchange server.
We are (very slowly) debugging a G Suite issue, though, but I suspect this user is not using his actual account name but an email alias to login.
onli
@onli
great idea to check that, thank you!
Stéphan Kochen
@stephank
Would be awesome if we could also package and upload on all platforms. :)
onli
@onli
nice :) what would we need to do for that?
Stéphan Kochen
@stephank
We need a place to upload. I think ideally we'd just attach something to github releases, but I haven't figured out how to automate that yet: https://github.com/portier/portier-broker/releases
And we'd need to figure out package formats. Besides the binary, we currently ship lang, tmpl and res directories along, which are all I think /usr/share-like data. The way we load these currently relies on the working directory where you run the broker, which is probably something that should change. But maybe we can avoid OS-specific packaging and just ship a zip/tgz for now.
Stéphan Kochen
@stephank
I'll look into this for a start: https://github.com/actions/upload-release-asset
Stéphan Kochen
@stephank
Okay, this looks really fun: https://github.com/actions-rs/clippy-check
Stéphan Kochen
@stephank
Feels like the system and hosted runners for GitHub actions are a lot faster than Travis CI, for now at least. :)
onli
@onli
I packaged apps as .debs in the past, and for an application of mine Travis CI also produces an AppImage. So we could do something in that direction
but we should definitely keep the option of just having a binary and local files
onli
@onli
but I found it's always easiest to support the workflow you actually want to use yourself. Which package would be most useful to you?
Stéphan Kochen
@stephank
Docker, but that already exists. ;)
onli
@onli
well ... :)
Stéphan Kochen
@stephank
Btw, in a couple of places we mention authors, but I'd rather just skip the overhead. Can we just replace names everywhere with "Portier contributors"?
onli
@onli
I don't think anyone will mind (or be aware)
Stéphan Kochen
@stephank
Hmm, I should probably have a toplevel directory in the archives, though
Stéphan Kochen
@stephank
Man, I'm again annoyed by JWK and OIDC standards. I was hoping to add Ed25519 support, and I'm well on my way to doing that in very much non-standard ways. Apparently, OIDC has no way to select a signing algorithm, and relies on whatever client registration you build on top of it (which we skip entirely). But there is an id_token_signing_alg_values_supported field in the discovery document, implying there's an id_token_signing_alg parameter somewhere, but that doesn't exist? On top of that, the JWA alg value you put in for Ed25519 is EdDSA, which is a broader category and means you could get something else, like an Ed448 signature. 🤨
onli
@onli
hm. Did you see https://tools.ietf.org/html/rfc7518#section-3 - is that not applicable here?
Stéphan Kochen
@stephank
That's the original spec I think? I didn't even notice, but for ECDH they have very specific values in alg. But this is the document I found for EdDSA: https://tools.ietf.org/html/rfc8037
And that has a separate crv field, instead of just encoding it in alg, which is weird
Stéphan Kochen
@stephank
Oh, and that security audit job is working, apparently: portier/portier-broker#191 😅
Darn, that's a ring dependency