apcore
apcore copied to clipboard
Golang ActivityPub Server Framework
I noticed that [crypto.go](https://github.com/go-fed/apcore/blob/master/services/crypto.go#L62) salts the password before sending to `bcrypt`, but within Crypto module salting already takes place (see `Hash()` func for how its added).
Manually registering clients only makes sense for monolithic OAuth2 service providers that want to manage something like developer accounts. Since that's not what `apcore` apps are about, we need to...
Ensure other parts of the [oauth2](https://github.com/go-oauth2/oauth2/) server library conform to the [OAuth 2.1](https://oauth.net/2.1/) spec, which is more of a compilation of best practices and learnings from OAuth2. > The major...
Already occurring, but now tracked in this issue: - 20b07c59c133123d8c0b41c5d02182843774279a - aca6d80088f78cd7d4e8996f7241ff325c82c1f0
Currently, logging in multiple times will generate a lot of auto-registered OAuth2 local first-party clients into the database. That doesn't seem like too much of a problem, but it is...
I know golang has a thing where you can go: ``` type S2SApp interface { ... } type C2SApp interface { ... } type Application interface { S2SApp C2SApp }...
In a federated context, the go-fed library uses mutexes associated with specific IRIs before running associated business logic. However, this still doesn't prevent sql transactional conflicts at the `service` layer...
Reviewing the `go-fed/activity` integration, in `common` there is the issue where the common utility function `authenticateGetRequest` is hardcoded to ask for the `GetInbox` scope, and never the `GetOutbox` scope. Both...
From the [APConf 2020](https://conf.tube/videos/watch/32351956-89d7-4887-b6b0-f1a32f91dc36) talk by Aaron Parecki it sounds like dynamic scope support would be very useful for ActivityPub related servers. I don't believe it is finalized yet, need...
When the database returns nothing, we need to return an error in such a case. We then need to propagate that up to the handlers to properly render the "not...