im trying to think of how to properly do read/write authorization on a pure activitypub server, but specifically how to manage that in a standardized way
sure you could request oauth and then require a header, that's pretty bog-standard i guess... but how to manage which tokens have access to which directories on the server? some kind of admin panel / cli? fallback to uid-based access control? ehhh...
conceptually i think i can probably figure out something like creating a user and then having the /oauth/authorize endpoint use webfinger to map a username to an actor id, but then how to decide whether the actor id has access to read/write in the first place?
laziest thing i can think of is "just fallback to filesystem ACL" but then you have to heck around with virtual users and thats a pain we've already tried with email. so i guess the server needs to reimplement access control... but how
@trwnh could just let someone else do it completely
@trwnh like okta/authy/etc
@jalcine I'm not sure i understand how that helps
the problem im trying to solve is as so:
- i have a server handling requests at /app.py or whatever
- i intend to allow read-write access to all of / (client decides where to PUT a resource)
- obviously not for everyone so i should use an Authorization header or something
- but how to decide which actors or clients get access to which directories
@trwnh oh I guess it depends on how tokens are mapped. For koype, I keep them mapped to scopes that are saved when requested
@jalcine "how tokens are mapped" is what im trying to figure out
i guess i could use the "scope" parameter of oauth for actually requesting directories, though?
@jalcine so scope = ["/"] gives a client full access to the activitypub server and it can be hierarchical
but really im realizing now the actual bit i need to solve is how actors are created and managed
@trwnh I think if your server is just a JSON-LD pipe then you expect apps to have full access anyway
@Gargron apps should have full access but only to the directories they need maybe? doesnt seem like a good idea to say you can point any client at any server and have r/w access to everything under /
i'm just trying to conceptualize how much the server actually needs to do (as little as i can possibly get away with, tldr) and how to expose a standard interface (webfinger + maybe oauth + idk what else)
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!