Mykhailo Kushchenko

So, it makes impossible for aiohttp server to process requests with http signatures

@ned14 Mastodon, Pleroma and others uses http signatures only when interacting server-to-server. For interacting with clients Mastodon uses custom API, not related to ActivityPub. Pleroma just cloned it from Mastodon,...

@ned14 You can try copypasting from this repo https://github.com/autogestion/pubgate all that steps are already implemented there) except oauthAuthorizationEndpoint. But I think token endpoint is enough

Have to say, that this is a bit strange to use OAuth in federated network. Because it's a standard which allows to authorize using some centralized authority, and fediverse do...

@yvolk > Frankly I don't understand, why these two endpoints may be needed, if I get them _after_ OAuth authentication procedure. Why it is so important to perform client registration...

@yvolk > But not an ActivityPub way. I don't see any links to such a way in ActivityPub docs... It has one mention https://www.w3.org/wiki/ActivityPub_and_WebFinger which leads to this thread w3c/activitypub#194...

There is a problem with auto cert renewal at demo instance, fixed Swagger issue looks like a swagger package issue, should be investigated

yes, I think in a month

Not sure. Primary goal is to fully meet AP specification, and notifications not covered by it. Same time notifications are really useful