Mykhailo Kushchenko

So, it makes impossible for aiohttp server to process requests with http signatures

@ned14 Mastodon, Pleroma and others uses http signatures only when interacting server-to-server. For interacting with clients Mastodon uses custom API, not related to ActivityPub. Pleroma just cloned it from Mastodon,...

@ned14 You can try copypasting from this repo https://github.com/autogestion/pubgate all that steps are already implemented there) except oauthAuthorizationEndpoint. But I think token endpoint is enough

Have to say, that this is a bit strange to use OAuth in federated network. Because it's a standard which allows to authorize using some centralized authority, and fediverse do...

@yvolk > Frankly I don't understand, why these two endpoints may be needed, if I get them _after_ OAuth authentication procedure. Why it is so important to perform client registration...

@yvolk > But not an ActivityPub way. I don't see any links to such a way in ActivityPub docs... It has one mention https://www.w3.org/wiki/ActivityPub_and_WebFinger which leads to this thread w3c/activitypub#194...

There is a problem with auto cert renewal at demo instance, fixed Swagger issue looks like a swagger package issue, should be investigated

yes, I think in a month

Not sure. Primary goal is to fully meet AP specification, and notifications not covered by it. Same time notifications are really useful

Hi, yes, I'll add such setting to config soon