🦋 Welcome to the MAIN() IRC channel of the Raku Programming Language (raku.org). Log available at irclogs.raku.org/raku/live.html . If you're a beginner, you can also check out the #raku-beginner channel!
Set by lizmat on 6 September 2022.
00:07 reportable6 left 00:09 reportable6 joined 00:13 frost left 00:28 ae_chep left 00:58 frost joined 01:17 HvszrStykp left 02:17 reportable6 left, bisectable6 left, linkable6 left, coverable6 left, committable6 left, notable6 left, benchable6 left, tellable6 left, evalable6 left, sourceable6 left, bloatable6 left, shareable6 left, squashable6 left, nativecallable6 left, unicodable6 left, greppable6 left, quotable6 left, statisfiable6 left, releasable6 left 02:18 bisectable6 joined, unicodable6 joined, nativecallable6 joined 02:19 releasable6 joined, reportable6 joined, notable6 joined, quotable6 joined, shareable6 joined, greppable6 joined, statisfiable6 joined, committable6 joined, sourceable6 joined 02:20 evalable6 joined, linkable6 joined, coverable6 joined, bloatable6 joined, benchable6 joined, squashable6 joined, tellable6 joined 02:34 frost left 02:37 frost joined 03:37 coverable6 left, nativecallable6 left, releasable6 left, squashable6 left, unicodable6 left, bisectable6 left, linkable6 left, quotable6 left, committable6 left, greppable6 left, bloatable6 left, tellable6 left, reportable6 left, sourceable6 left, benchable6 left, statisfiable6 left, notable6 left, evalable6 left, shareable6 left 03:38 tellable6 joined, bloatable6 joined, releasable6 joined, benchable6 joined, reportable6 joined, coverable6 joined, evalable6 joined 03:39 squashable6 joined, committable6 joined, greppable6 joined, statisfiable6 joined, sourceable6 joined, linkable6 joined 03:40 nativecallable6 joined, quotable6 joined, shareable6 joined, bisectable6 joined, notable6 joined, unicodable6 joined 04:40 committable6 left, benchable6 left, shareable6 left, evalable6 left, quotable6 left, coverable6 left, linkable6 left, greppable6 left, squashable6 left, notable6 left, bisectable6 left, statisfiable6 left, unicodable6 left, tellable6 left, releasable6 left, bloatable6 left, sourceable6 left, nativecallable6 left, reportable6 left, sourceable6 joined 04:41 bisectable6 joined, reportable6 joined, tellable6 joined, nativecallable6 joined, benchable6 joined, notable6 joined, evalable6 joined, shareable6 joined 04:42 quotable6 joined, releasable6 joined, committable6 joined, greppable6 joined, unicodable6 joined 04:43 linkable6 joined, statisfiable6 joined, bloatable6 joined, coverable6 joined, squashable6 joined 05:43 linkable6 left, bloatable6 left, squashable6 left, nativecallable6 left, reportable6 left, sourceable6 left, tellable6 left, benchable6 left, evalable6 left, statisfiable6 left, unicodable6 left, greppable6 left, coverable6 left, bisectable6 left, notable6 left, committable6 left, shareable6 left, releasable6 left, quotable6 left 05:44 evalable6 joined, coverable6 joined, shareable6 joined, squashable6 joined 05:45 bisectable6 joined, notable6 joined, statisfiable6 joined, greppable6 joined, committable6 joined, quotable6 joined, sourceable6 joined 05:46 bloatable6 joined, nativecallable6 joined, linkable6 joined, tellable6 joined, benchable6 joined, reportable6 joined, unicodable6 joined 05:47 releasable6 joined 06:05 reportable6 left 06:06 reportable6 joined 07:06 linkable6 left, evalable6 left 07:07 linkable6 joined 07:09 evalable6 joined 07:26 razetime joined 07:33 abraxxa joined 07:38 abraxxa left, guifa left 07:39 abraxxa joined, guifa joined 07:44 Sgeo left 07:55 frost left 08:00 dakkar joined 08:12 razetime left 08:24 lichtkind joined 08:26 sena_kun joined 08:31 razetime joined 08:39 epony left 08:42 Matthew|m left, AlexDaniel left, CIAvash left, crystalfrost[m] left, tadzik left, MitarashiDango[m left 08:49 CIAvash joined 09:22 frost joined 09:27 Matthew|m joined, crystalfrost[m] joined, tadzik joined, MitarashiDango[m joined, AlexDaniel joined 09:42 epony joined 09:49 euandreh left 09:54 tobs left, tobs joined
lizmat clickbaits rakudoweekly.blog/2022/09/12/2022-...re-videos/ 10:17
jaguart a bit off topic - blogging, Wordpress vs Ghost? :) 10:29
lizmat whatever suits you best :-) 10:30
jaguart it's just the weekly CISA alerts are full of Wordpress... :o 10:31
Altreus what's Ghost written in 10:38
If it's not PHP, then probably that
10:43 euandreh joined 10:52 renormalist left 10:53 renormalist joined 10:59 euandreh left, euandreh joined 11:04 euandreh left 11:17 euandreh joined 11:26 frost left, euandreh left 11:32 euandreh joined 11:42 frost joined 11:47 euandreh left 11:54 euandreh joined 12:07 reportable6 left 12:08 reportable6 joined
jaguart Ghost is written in node - you front-end it with nginx or apache etc. I used to love it when it was markdown - these days it's visual editing etc. Regular incremental releases, free to self-host, and very easy to keep up-to-date. 12:59
tonyo jaguart: i use github static site for deathbykeystroke.com 13:01
works well and i edit in markdown/generate html with pandoc/push 13:02
13:08 linkable6 left, evalable6 left 13:09 linkable6 joined 13:11 evalable6 joined, Colere joined
jaguart I do like pandoc :) 13:12
13:13 Furor left
jaguart I use Ghost for about a dozen family / friends / small businesses - they manage their own websites easily, and I just do the devops to keep the server backed up and secure. Ghost is a dream for devos - and you can easily multi-site a single installation of the software. 13:14
My personal stuff is all stuck in a historic bunch of Doku and TiddlyWiki sites that I will one-day mash together. 13:15
[Coke] tiddlywiki!! 13:22
Altreus a raku one? 13:24
[Coke] guesses no 13:25
Altreus kawaii_: make a raku blog now that you're an expert 13:26
also I thought you were getting your nick back
[Coke] ^_^
jaguart tonyo: deathbykeystroke.com++ :) 13:30
tonyo :) 13:32
13:32 Colere left 13:39 frost left 13:41 Colere joined 13:44 Furor joined 13:46 Colere left 14:04 discord-raku-bot left, discord-raku-bot joined 14:05 vrurg left 14:06 vrurg joined 14:15 avar left 14:16 avar joined 14:23 Sgeo joined 15:07 MoC joined 15:08 RandalSchwartz joined 15:09 RandalSchwartz left 15:11 HvszrStykp joined 15:19 ejderya joined 15:22 cakir left
tbrowder tony: are you gonna do part 2 of the detailed cro app? that whole thing should be an ebook, and charge money--i'm in!! 15:54
tonyo: ^^
tonyo tbrowder: oops, yes i totally forgot about that as i got into a nasty dispute with my former employer
jaguart I second that :) 15:55
tonyo that second part should be pretty straight forward, i think i can get to it this week 15:57
tbrowder yr first part is super! i love the oauth part--not easy to grok at all. 16:05
and the apache part i think now is a bit clearer since i saw the tls part is not a problem on the reverse proxy. 16:07
but a complete, practical, working solution is worth $$. and icing on the cake would be a good template for modern css to go with it. i'm willing to pay $$ for a non-profit website design of two page templates if anyone is interested. i can give detailed specs. [email@hidden.address] 16:13
but a complete, practical, working solution is worth $$. and icing on the cake would be a good template for modern css to go with it. i'm willing to pay $$ for a non-profit website design of two page templates if anyone is interested. i can give detailed specs. tom.browder@gmail.com.
see
16:22 linkable6 left, evalable6 left
tonyo i'm sure ugexe would empathize with not groking what i wrote right away 16:24
16:25 evalable6 joined, linkable6 joined
tonyo i'll take a look and see if i can simplify it 16:35
16:38 dakkar left 17:03 test81 joined 17:04 test81 left, test81 joined, test81 left
tbrowder no, i was talking about my initial reading of oauth2, not yrs. 17:14
it was difficult to understand the scenarios in the book i bought. 17:15
the online info from google was not much better, just as bad as google's other dev docs. 17:17
speaking of ugexe, i am trying to track down a failing dep in a long list of dependencies and what depends on it. i don't see any way with zef to do that except the hard way: check each dep separately. 17:20
hm, sounds like a script for raku-man, the caped avenger! 17:21
[Coke] tbrowder: when you run the zef install, it should tell you in the output what failed 17:32
17:32 razetime left 17:35 cakir joined
[Coke] can use --dry if you want to avoid the install at the end (which would only happen if no test failures) 17:36
17:36 ejderya left 18:07 reportable6 left 18:10 reportable6 joined 18:13 squashable6 left 18:15 squashable6 joined 18:28 jjido joined 18:41 cakir left
[Coke] rereading this from hours ago - you're after "what depends on it", not "what is failing". got it. 19:00
19:13 sena_kun left 19:14 sena_kun joined 19:22 abraxxa left 19:28 sena_kun left
tonyo ohh, tbrowder, i know. i know how oauth2 works and find most of the docs about it confusing. they seem to explain how the thing works from the point of view of someone who already knows how it works 19:29
19:29 sena_kun joined 19:33 perlbot left 19:34 jjido left 19:35 simcop2387 left
El_Che it help to manage the server e 19:46
de identiti
y
and write some apps in a few languages
19:46 discord-raku-bot left
El_Che to get the hang of it 19:47
19:47 discord-raku-bot joined
El_Che but whatever the experience, it's 1000x better than the one with SAML2 19:47
Voldenet www.rfc-editor.org/rfc/rfc6749 is enough to understand oauth2 imo
El_Che well, you need to understand the different flows 19:48
and extensions like openid-connect
but for most people, it's trivial because they use a lib for their lamg or framework 19:49
lang
Voldenet it doesn't get into some pain points like tls offloading and urn:ietf:params:oauth:grant-type:jwt-bearer (i really adore the name) but otherwise it's simple to grasp imo
El_Che the own drawing meme effect? 19:50
owl
tonyo it's simple if you already know it. it's confusing for someone unfamiliar with it to try and grok a giant document that launches into telling you to request what scopes you need in the first request
El_Che damn, can't type on this laptop
Voldenet maybe so, I found it a lot easier than saml2 :)
El_Che it is 19:51
tonyo or, at least, familiar with the concepts and problem it's aiming to solve
El_Che tonyo: I agree there is a learning curve if you really need to understand it
Voldenet actually, the document has nice sequence diagrams for flows though
El_Che luckily, most devs don't have to
Voldenet the abstract is quite well-structured 19:52
tonyo the typical tribanded diagram makes it slightly more confusing because it loses the why am i doing this at this stage bit of information
agreed, mostly just empathizing with tbrowder's confusion when trying to implement something in raku
tbrowder [Coke]: yes, but it doesn't say what module is te 19:53
Voldenet also, the 50 pages doc isn't this massive
tbrowder *depending on it. the dependency list is LONG
Voldenet Ah, yes, I see what you mean 19:54
El_Che so, did someone implement oidc/oauth2 for raku/cro?
last time I checked, there was only one module tailored for google
tonyo El_Che: i have a blog post that gets you 80% of the way of there for most oauth2 implementations 19:55
tbrowder same
tonyo it would require adding some info if you wanted to auth to intuit or something similar 19:56
El_Che tonyo: wow, I'll check it out
tonyo: do you talk about oauth because it does not redirect you to an identity provider for interactive authentication? 19:57
19:57 vrurg left
tonyo also doesn't check secrets between requests etc 19:57
19:57 vrurg_ joined
tonyo what do you mean? 19:58
El_Che oidc is the protocol for interactive authentication, e.g. the google login prompt
oauth2 is more between rest services: login the a token, validating it, request user info from a resource, etc
tonyo oh, yea for the interactive authentication 20:00
tbrowder so oidc is what should be used to login to a website? any raku/apache cookbook on that?
El_Che so oidc is for authentication, oauth2 for authorisation
Voldenet oauth2 can be used for authentication 20:01
not alone though, it needs an endpoint that returns identity
moritz also, oauth2 is used for delegating access (I have to access to X, now I want to give service Y (partial) access to X, doing business as me)
El_Che in fact is oidc an extension of oauth2, adding a JWT token (id token) and standarizing some values and practices (e.g. a well known address with all the endpoints for autoconf)
tonyo the bit moritz is said is what i did in raku, i'm mostly uninterested in authentication and web stuff in general 20:02
El_Che Voldenet: what you' re describing is oidc without standardisation :P
tonyo: my backends are until now oauth2 only, you need to have a token already to consume them. How you get that token is " not my problem" (TM) 20:03
e.g. their website/service
tbrowder i have an old website that uses private tls certs for access. i would love to replace that with something easier for my users
El_Che that said, I spend all day today playing with svelte and keycloak to write a frontend for a service 20:04
tonyo i really wish we went the cert way of identification between sites
El_Che mostly for learning
tbrowder et moi!
Voldenet El_Che: most services (all? I've never seen any that don't) can use delegated oauth2 access to somehow fetch current identity, but not all services implement oidc
El_Che cert will work if you use keycloak as a oidc/oauth2 provider
Voldenet though yes, it's sufficiently messy, I agree on that
tonyo oauth is such a pain in the ass and google is the worst. why do i need to reselect which gmail account i want to look at every time i refresh or click on the calendar app from gmail 20:05
El_Che Voldenet: I mean, you can take the short cut and only validate the token and never register your client with the Identity Provider
it's doable if the access token are very short lived
tonyo: they could store the identity and token 20:06
they probably don't for security reasons
tonyo right, but if i'm looking at my work gmail account and click the calendar, why does it show me my personal calendar and force me to reselect my work calendar. and occasionally force me to sign in to my personal email prior to selecting the work email 20:07
El_Che Voldenet: if your IdP implement oauth2 and oidc, you can do that kind of stuff easily
s
tonyo i'm just not too keen on google's services implementation, it'd be easier if i could just select my identity in the browser (use my work certificate) and then browse to the calendar 20:08
that capability has been around since at least the middle 00s 20:09
El_Che Keycloak support mtls: www.keycloak.org/server/enabletls (bottom) 20:10
I haven' t tested it
maybe I should
(and report back)
the doc for the feature is... limited :) 20:12
it looks more like an extra security layer for client
s
I killed the discusion :) 20:24
Voldenet nah, all was said 20:28
btw, re oauth2 I wish client_credentials wasn't a thing 20:30
it's very practical, but it enables disgusting and dubious practices
El_Che I don't allow it
Voldenet as nobody should ;) 20:32
El_Che it' s the devils login :)
20:54 jjido joined
jjido @tonyo how does OAuth 2.0 work? (with authorisation code) I am curious to see if you can make sense of it for me :-) 21:03
21:09 MoC left
[Coke] wonders if our raku friends in europe have "grocery store sushi" 21:16
leont Yes, and eww
[Coke] finds if you get it fresh enough, it's... fine. 21:18
but yes, nothing like the real thing from a specialty restaurant.
21:29 sena_kun left
tonyo jjido: not sure i'm qualified for that but the gist (at least for what tbrowder was doing) was that you're requesting access and verifying your account to a 3rd party provider so, as the user you'll be redirected to log in to that provider, that provider will match some keys that were sent with the redirect and, once you've logged in, it will redirect to an endpoint registered with that provider by 21:33
your service. at that point your service needs to exchange some information from the 3rd party's redirect for a token and voila, you've both verified the user's account and can use the token to request information about the user or perform some action acting as the user
El_Che third party can be yourself 21:34
or your org
jjido There are 3 URIs in the config: the service you are calling, the authorisation URI and the token URI 21:38
Voldenet app redirects the user to some page (and give it url where code or error should return), that user confirms on the page your app can use the auth code, then return url gets the code (or fail) with some query/post request through user's browser and uses it to get the token 21:39
jjido the service you are calling checks that the token it receives is valid, right?
Voldenet authorization uri is that "some page", token uri is the api which accepts the code and gives the token 21:40
s/uses it to get the token/app uses it to get the token/ 21:41
I'm not entirely sure what is "the service" uri 21:42
21:45 simcop2387 joined 21:46 perlbot joined
Voldenet jjido: Well the access token you receive is used to use the other app's api of some service, so it sure is validated 21:46
s/of some service/ 21:47
El_Che you have an auth endpoint where you get the token, a token endpoint where you can refresh it or check the validity of a random token, ]a user endpo 21:49
a user endpoint to get user info
then you have redirect uri where the identity provider sends you after login (these must be registered) 21:50
Voldenet ah, that's the openid part of the flow where you get userinfo 21:52
El_Che yes
but 99 of the time you don' t need it because you get the info in the access or id token 21:53
%
21:59 jjido left, vrurg_ is now known as vrurg 22:59 benchable6 left, bisectable6 left, committable6 left, unicodable6 left, nativecallable6 left, squashable6 left, shareable6 left, bloatable6 left, evalable6 left, reportable6 left, coverable6 left, sourceable6 left, quotable6 left, notable6 left, tellable6 left, linkable6 left, statisfiable6 left, greppable6 left, releasable6 left 23:00 nativecallable6 joined, greppable6 joined, evalable6 joined, bisectable6 joined, statisfiable6 joined, benchable6 joined, tellable6 joined 23:01 bloatable6 joined, releasable6 joined, notable6 joined, squashable6 joined, sourceable6 joined, coverable6 joined, quotable6 joined, reportable6 joined 23:02 shareable6 joined, linkable6 joined, unicodable6 joined, committable6 joined
[Coke] tbrowder: what was the module you wanted deps on? 23:09
23:21 epony left
[Coke] github.com/coke/scripts/blob/master/zef-deps 23:32
gives, e.g.: gist.github.com/coke/5420a56d04a92...9b1a17f22f 23:34
23:35 lichtkind left
[Coke] .tell tbrowder github.com/coke/scripts/blob/master/zef-deps gives, e.g.: gist.github.com/coke/5420a56d04a92...9b1a17f22f 23:36
tellable6 [Coke], I'll pass your message to tbrowder
[Coke] Suggestions on better formatting, whatever, appreciated. warning: there's no progress bar while it's thinking ATM 23:37
23:37 HvszrStykp left 23:40 HvszrStykp joined
[Coke] ok, slightly noiser now so you know it's working 23:45
(also for complicated hierarchies it does nothing to simplify them, so you may get chunks of the tree repeated) 23:48

Powered by Cro and the Raku® Programming Language.

Please report any issues / comments / feature requests as an issue on App::Raku::Log.

Thank you!