Post · bonfire.cafe

Post

After much faffing about, I have implemented the dynamic #OAuth2 client creation for #GoActivityPub services using the Client ID Metadata Document[1] that's been proposed as a replacement(?) for RFC7591 (Dynamic Client Registration Protocol).

The changes are in both the Authorization service and in the BOX #ActivityPub client to server helper.

[1] https://datatracker.ietf.org/doc/draft-ietf-oauth-client-id-metadata-document/

#CIMD

IETF Datatracker

OAuth Client ID Metadata Document

This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration. This is through the usage of a URL as a client_id in an OAuth flow, where the URL refers to a document containing the necessary client metadata, enabling the authorization server to fetch the metadata about the client as needed.

Emelia

@thisismissem@activitypub.space replied · 15 hours ago

Re: After much faffing about, I have implemented the dynamic #OAuth2 client creation for #GoActivityPub services using the Client ID Metadata Document[1] that's been proposed as a replacement(?) for RFC7591 (Dynamic Client Registration Protocol).

CIMD isn't a proposed replacement for DCR, it's just an alternative with different properties that can make it potentially easier to manage at scale in decentralized architectures.

julian

@julian@activitypub.space replied · 14 hours ago

Thanks for the clarification.

cc @mariusor@metalhead.club

julian

@julian@activitypub.space replied · 15 hours ago

@thisismissem FYI

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1 no JS en

Automatic federation enabled