2026-06-03T09:25:37Z https://njump.me FenTiger https://njump.me/npub1n75cuv09khp07mwj4sv2jf7puy837q95sqhqvcdju8vtfqwp4kjqal2apc https://zotum.net/photo/profile/l/1666?rev=1704383539 https://zotum.net/photo/profile/l/1666?rev=1704383539 https://njump.me/nevent1qqs9gzqk70rrrr2vcwa6rs4pmkf8s6h8v085p59mu0f8enqghcp8p6szyz06nr33uk6u9lmd62kp32f8c8ss78cqkjqzupnpktsa3dypcxk6gnr70pt [h2]#[zrl=<a href="https://zotum.net/search?tag=FedIAM">https://zotum.net/search?tag=FedIAM</a>]FedIAM[/zrl] 0.2[/h2] <br/>&#34;Release early, release often&#34;, they say. Well, I managed one out of two. <br/> <br/>I&#39;ve been continuing to work on my experimental federated sign-on system, [url=<a href="https://codeberg.org/FenTiger/FedIAM">https://codeberg.org/FenTiger/FedIAM</a>]FedIAM[/url]. <br/> <br/>Summary of changes since release 0.1: <br/>[ul] <br/>[*] Split it into three modules - user interface, IdP and RP - and start to reduce the dependencies between them <br/>[*] Support multiple #[zrl=<a href="https://zotum.net/search?tag=OIDC">https://zotum.net/search?tag=OIDC</a>]OIDC[/zrl] clients (not just Kratos) <br/>[*] PKCE is now mandatory <br/>[*] Take some steps towards supporting #[zrl=<a href="https://zotum.net/search?tag=ATProto">https://zotum.net/search?tag=ATProto</a>]ATProto[/zrl] OAuth (not yet complete) <br/>[/ul] <br/>[h2]Discourse Demo[/h2] <br/>The main highlight of this release: I have integrated FedIAM with a real application, [url=<a href="https://www.discourse.org/index">https://www.discourse.org/index</a>]Discourse[/url]. <br/> <br/>For a slightly more interesting demo than the last one, feel free to try it out at [zrl=<a href="https://discourse.mythik.co.uk/">https://discourse.mythik.co.uk/</a>]discourse.mythik.co.uk[/zrl]! <br/> <br/>To log in to this forum: <br/>[ul] <br/>[*] [url=<a href="https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md">https://codeberg.org/fediverse/fep/src/branch/main/fep/61cf/fep-61cf.md</a>]Hubzilla/Streams[/url] and [url=<a href="https://indieweb.org/FedCM_for_IndieAuth">https://indieweb.org/FedCM_for_IndieAuth</a>]FedCM[/url] users don&#39;t need to do anything special - just follow the link, and you&#39;ll be logged in! <br/>[*] Mastodon and classic IndieAuth users can log in by clicking the &#34;Log In&#34; button and entering their ID to start the flow. <br/>[/ul] <br/>In this setup, Discourse is configured to use FedIAM as an OpenID Connect login service. It&#39;s quite crude - some of Discourse&#39;s features won&#39;t work in this configuration. <br/> <br/>It&#39;s only a demo. I reserve the right to shut it down and/or wipe the database at any time. Don&#39;t post anything on there if you want to keep it. <br/> <br/>[h2]Other News[/h2] <br/>A couple of interesting developments have taken place since the release of FedIAM 0.1 back in August. <br/> <br/>[h3]Mastodon 4.3 released[/h3] <br/>Originally FedIAM&#39;s support for #[zrl=<a href="https://zotum.net/search?tag=Mastodon">https://zotum.net/search?tag=Mastodon</a>]Mastodon[/zrl] was very patchy, because it relies on some OAuth2 protocol changes which were only available in nightly builds at the time. The Mastodon team have now released these changes as part of version 4.3, so a sizeable portion of the Mastodon network can now log in via FedIAM! <br/> <br/>[h3]ATProto OAuth2[/h3] <br/>#[zrl=<a href="https://zotum.net/search?tag=BlueSky">https://zotum.net/search?tag=BlueSky</a>]BlueSky[/zrl] have revealed their design for [url=<a href="https://atproto.com/specs/oauth">https://atproto.com/specs/oauth</a>]federated login using #[zrl=<a href="https://zotum.net/search?tag=ATProto">https://zotum.net/search?tag=ATProto</a>]ATProto[/zrl][/url]. This is not supported by FedIAM yet, but I have a basic proof-of-concept implementation of this. <br/> <br/>The thing that&#39;s interesting about this is its use of [url=<a href="https://www.w3.org/TR/did-core/">https://www.w3.org/TR/did-core/</a>]Decentralized Identifiers (DIDs)[/url]. There seems to be a general consensus that DIDs are the future of identity in distributed systems, but to date BlueSky&#39;s ATProto login system is the only concrete proposal I&#39;ve seen that makes use of them. It takes significant work to get from &#34;maybe we could do it like this&#34; to a design which is well-specified enough to implement in an interoperable way; the BlueSky team have put in this effort, and they&#39;ve done a great job of documenting it, too. <br/> <br/>I hope to offer full support for ATProto/BlueSky logins in FedIAM 0.3. 2024-12-21T10:22:23Z https://njump.me/nevent1qqs0e8wqjyt93l8qppurmkr6atx7kl405pxrvy7qxl0ujwet3kku4fgzyz06nr33uk6u9lmd62kp32f8c8ss78cqkjqzupnpktsa3dypcxk6gvvegt9 Announcing FedIAM 0.1.0 - Sign in with a Fediverse account! <br/> <br/>Suppose you want to allow people to log in to your web site. How will they identify themselves? With a username and password? We&#39;ve all got far too many of those already, and they&#39;re not even particularly secure. Perhaps with a Google or Facebook account? That&#39;s a lot easier, but do we really want to allow these companies even further into our lives? <br/> <br/>FedIAM is a [i]research project[/i] which aims to offer an alternative: using Fediverse and IndieWeb protocols, visitors can log in using any one of thousands of small, independent networks run by ordinary people - or even using a provider that they host themselves, independently of any outside influence. <br/> <br/>Now available as open source! <br/> <br/>#^[url=<a href="https://codeberg.org/FenTiger/FedIAM">https://codeberg.org/FenTiger/FedIAM</a>]<a href="https://codeberg.org/FenTiger/FedIAM[/url]">https://codeberg.org/FenTiger/FedIAM[/url]</a> 2024-08-25T10:07:19Z