Implementing IndieAuth
One of the todo items on my IndieWeb punch list has been to implement MicroPub support. To do this properly I would need to also implement some sort of authentication for my static site. Not something I was looking forward to doing, at least until I heard Aaron Parecki give a talk at IndieWebCamp 2014 Portland titled Intro-To-IndieAuth and that just clicked.
I already had a Python Flask app running so that my site could process Webmentions so that seemed to be the best place to put it. After reading the great IndieAuth for Developers documentation I set out to add the required endpoints.
The first step is to discover what the user’s domain has as an authorization endpoint and to do this I added an IndieAuth helper routine named discoverAuthEndpoints
to Ronkyuu. This code pulls the domain given and returns all of the authorization endpoints found.
With the endpoint URL known, next we need to craft a call to that endpoint with the required parameters - this is done as part of the Flask login page form post handler by telling Flask to do a URL redirect.
https://indieauth.com/auth?client_id=testing&scope=post&redirect_uri=https://bear.im/success&me=https://bear.im
If the authentication endpoint site verifies the request your redirect_uri will be called with your domain and an authorization code. This code needs to then be verified as soon as possible - I added a helper routine for this also validateAuthCode
.
To see the code, and also how I stored this information in Redis with timeouts, please see my indieauth_listener.py Flask app where you can see a /login
page and the /success
and /auth
route handlers.