im trying to think of how to properly do read/write authorization on a pure activitypub server, but specifically how to manage that in a standardized way

sure you could request oauth and then require a header, that's pretty bog-standard i guess... but how to manage which tokens have access to which directories on the server? some kind of admin panel / cli? fallback to uid-based access control? ehhh...

· · SubwayTooter · 3 · 0 · 0

conceptually i think i can probably figure out something like creating a user and then having the /oauth/authorize endpoint use webfinger to map a username to an actor id, but then how to decide whether the actor id has access to read/write in the first place?

laziest thing i can think of is "just fallback to filesystem ACL" but then you have to heck around with virtual users and thats a pain we've already tried with email. so i guess the server needs to reimplement access control... but how

Show thread

@jalcine I'm not sure i understand how that helps

the problem im trying to solve is as so:
- i have a server handling requests at / or whatever
- i intend to allow read-write access to all of / (client decides where to PUT a resource)
- obviously not for everyone so i should use an Authorization header or something
- but how to decide which actors or clients get access to which directories

@trwnh oh I guess it depends on how tokens are mapped. For koype, I keep them mapped to scopes that are saved when requested

@jalcine "how tokens are mapped" is what im trying to figure out

i guess i could use the "scope" parameter of oauth for actually requesting directories, though?

@jalcine so scope = ["/"] gives a client full access to the activitypub server and it can be hierarchical

but really im realizing now the actual bit i need to solve is how actors are created and managed

@trwnh I think if your server is just a JSON-LD pipe then you expect apps to have full access anyway

@Gargron apps should have full access but only to the directories they need maybe? doesnt seem like a good idea to say you can point any client at any server and have r/w access to everything under /

i'm just trying to conceptualize how much the server actually needs to do (as little as i can possibly get away with, tldr) and how to expose a standard interface (webfinger + maybe oauth + idk what else)

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!