~emersion

France

https://emersion.fr

I'm Simon Ser, I write open-source software.

~emersion/public-inbox

Last active 3 days ago

~emersion/soju-dev

Last active 7 days ago

~emersion/hut-dev

Last active 11 days ago

~emersion/mrsh-dev

Last active 21 days ago

~emersion/goguma-dev

Last active 30 days ago

~emersion/grim-dev

Last active 2 months ago

~emersion/gqlclient-dev

Last active 2 months ago

~emersion/alps-dev

Last active 1 year, 10 months ago

~emersion/drm-constraints

Last active 2 years ago
View more

Recent activity

[PATCH meta.sr.ht] Accept and check redirect_uri parameter on OAuth 2.0 token endpoint 3 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

Some OAuth 2.0 clients will always send it. The RFC says it's optional,
so clients don't expect it to fail. Instead of forcing them to add
special handling for sr.ht, tolerate the parameter as long as it matches
the one configured in the registered OAuth client.

Same as [1] but for the token endpoint.

[1]: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/35260
---

This is annoyingly more code than [1]. Alternatively, a less
intrusive solution could use _lookup_client() and check that
the URI matches on the Python side.
[message trimmed]

[PATCH meta.sr.ht] graph/model/oauthclient: fix client secret check 3 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

We need to hash the client secret before comparing it with the DB
field.

Fixes: 5f5d84c02a4c ("api/graph: verify client secret in issueOAuthGrant")
---

Sorry, this fixup got squashed into an unrelated commit during a
rebase...

 api/graph/model/oauthclient.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/api/graph/model/oauthclient.go b/api/graph/model/oauthclient.go
index e29d76d59037..4802f27010cd 100644
[message trimmed]

Re: [PATCH] Fix clearing webpush targets after any MARKREAD 7 days ago

From Simon Ser to ~emersion/soju-dev

Nice! A few comments below.

On Wednesday, September 28th, 2022 at 19:23, delthas <delthas@dille.cc> wrote:

> diff --git a/irc.go b/irc.go
> index bb17d64..dd56f36 100644
> --- a/irc.go
> +++ b/irc.go
> @@ -459,10 +459,24 @@ func (cm *monitorCasemapMap) ForEach(f func(name string, online bool)) {
>  	}
>  }
>  
> -type casemapSet struct{ casemapMap }
> +type pushTargetCasemapMap struct{ casemapMap }

[PATCH meta.sr.ht] Implement OAuth 2.0 token introspection 13 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

A new GraphQL query is added, "myOauthGrant". Just like the "me"
query returns the current user, this query returns the current
OAuth grant, if any.

This is used by the Python frontend to implement OAuth 2.0 token
introspection, defined in RFC 7662.

Depends on [1].

[1]: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/35536
---
 api/graph/schema.graphqls     |  3 ++
 api/graph/schema.resolvers.go | 32 +++++++++++++++++++++
 metasrht/blueprints/oauth2.py | 54 ++++++++++++++++++++++++++++++++++-
[message trimmed]

[PATCH core.sr.ht] graphql/client: add oauth2_token authentication 13 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

This executes a GraphQL operation with the specified OAuth 2.0
token used for authentication.

This will be useful to implement OAuth 2.0 token introspection.
---
 srht/graphql/client.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/srht/graphql/client.py b/srht/graphql/client.py
index 8b3d6b546978..18b4b015e86f 100644
--- a/srht/graphql/client.py
+++ b/srht/graphql/client.py
@@ -47,7 +47,7 @@ class GraphQLOperation:
        else:
[message trimmed]

[PATCH meta.sr.ht] Fix typo in OAuth 2.0 token endpoint error message 13 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

---
 metasrht/blueprints/oauth2.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/metasrht/blueprints/oauth2.py b/metasrht/blueprints/oauth2.py
index d59dea06f0a9..e1e29f5c2765 100644
--- a/metasrht/blueprints/oauth2.py
+++ b/metasrht/blueprints/oauth2.py
@@ -501,7 +501,7 @@ def access_token_POST():
    auth = request.headers.get("Authorization")
    if auth and (client_id or client_secret):
        return access_token_error("invalid_client",
                "Cannot supply both client_id & client_secret and Authorziation header",
                "Cannot supply both client_id & client_secret and Authorization header",
[message trimmed]

[PATCH meta.sr.ht] Enable CORS on OAuth 2.0 endpoints 13 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

This allows webapps to use OAuth 2.0. An example use-case is gamja.

Uses the new API introduced in [1].

[1]: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/35272
---
 metasrht/blueprints/oauth2.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/metasrht/blueprints/oauth2.py b/metasrht/blueprints/oauth2.py
index 5efd3e832e8f..d59dea06f0a9 100644
--- a/metasrht/blueprints/oauth2.py
+++ b/metasrht/blueprints/oauth2.py
@@ -8,7 +8,7 @@ from flask import Blueprint, render_template, redirect, request, session
[message trimmed]

[PATCH core-go v2] email/worker: add more context to errors 16 days ago

From Simon Ser to ~sircmpwn/sr.ht-dev

For instance, failure to open the private PGP key would just fail
with an unhelpful "panic: open : no such file or directory" error.
---
 email/worker.go | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/email/worker.go b/email/worker.go
index b63b3a244f31..82da5b7148c0 100644
--- a/email/worker.go
+++ b/email/worker.go
@@ -4,6 +4,7 @@ import (
	"bytes"
	"context"
	"errors"
[message trimmed]