keithjgrant / omnibear Goto Github PK

Display a small character count beneath the Content textarea, to help keep posts under 140 characters when POSSE’ing to twitter.

Authentication currently depends on a me parameter:

This parameter has been deprecated for a while now, see aaronpk/IndieAuth.com#85 and other issues referring to there. It has never been part of the indieweb/indieauth spec at all, see current authorization response section.

Currently websites implementing the IndieAuth spec (like Sink) cannot be used with Omnibear.

Add user-customizable settings

• Setting desired reacji
• Default to "current page" mode
• Manually set endpoint & token
• mp-slug vs slug (legacy MP endpoint support)
• clean up UI to accommodate changes

Similar to twitter.com, add support for entries on facebook.com

If syndicateName equals "mp-syndicate-to" the delete on the next line will remove the only copy. And then it isn't send. Parameter "mp-slug" has the same problem.

Would be amazing to have the option to automatically send a micropub like post when you like something on facebook / twitter / youtube etc. If it is possible with chrome extensions.

There should be a link to the github repository (or other explanation page) on omnibear.com

According to https://indieweb.org/authorization-endpoint#Redirect_to_web_application:

me

Full URI of the user's homepage
This may be different from the me parameter that the user originally entered, but MUST be on the same domain.

But as of version 0.5.2, omnibear passes to micropub-helper value from auth endpoint request (= domain value in localStorage), instead of me from auth endpoint response

Omnibear currently stays logged in indefinitely. If an auth token were to expire, the micropub endpoint should return a 4xx response. When this happens, Omnibear needs to require the user to re-authenticate.

indieauth.com and tokens.indieauth.com/tokens are currently hard-coded urls. These should be parsed from the users homepage before authenticating, so other auth endpoints may be used.

Posts are currently made using a multipart/form-data POST. To conform with the micropub specification, this should instead be a x-www-form-urlencoded request.

Omnibear 0.6.0 on Firefox 55 does not correctly send the URL that is replied to:

POST /micropub.php HTTP/1.1
Host: anoweco.bogo
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: application/json
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
authorization: Bearer ZW1vamk9JTVDMzYwJTVDMjM3JTVDMjIyJTVDMjUxJm1lPWh0dHAlM0ElMkYlMkZhbm93ZWNvLmJvZ28lMkZ1c2VyJTJGMi5odG0mY2xpZW50X2lkPWh0dHBzJTNBJTJGJTJGb21uaWJlYXIuY29tJnNjb3BlPXBvc3Qmc2lnbmF0dXJlPUZJWE1F
content-type: application/x-www-form-urlencoded;charset=UTF-8
origin: moz-extension://f571e0d4-11a6-4a2d-b434-997d6f1ec966
Content-Length: 78
DNT: 1
Connection: keep-alive

h=entry&content=This%20is%20cool%21&mp-slug=&in-reply-to=%5Bobject%20Object%5D

I visited http://cweiske.de/tagebuch/kletterwald-leipzig.htm, right-clicked on the first paragraph and said "reply to entry".

After authenticating, the authorization endpoint redirects to omnibear.com. Very minimal feedback is given on this page while the token is fetched (and soon, syndication targets as well).

Improve the feedback on this page to show step by step what is happening, and, if something goes wrong, where it stalls.

The extension got a 500 server error from my token endpoint (my fault mostly), but it thought it was successful and stored the string "null" for the access token. It looked like I was logged in, but it would send "null" as the access token when I posted.

It seems after authentication, the auth server redirects to omnibear.com
This does not work without internet.

To be able to quickly like a page, the "current page" mode should be default.

Or omnibear should have an option to make it default :)

Currently I have to click on the omnibear icon, then "current page", then on the star icon. The second click would not be necessary if "current page" was default.

I want to sign omnibear into my website, so I type "htt", select the autosuggested URL and click "sign in".

Now the autocompleted text is somehow discarded, replaced with my manually typed text plus "http://" prepended.

Omnibear should use the full text.

When signing into omnibear with https://commentpara.de/, I only see the website with

OmnibearAuthentication successful
Retrieving access token...

And then nothing.

Happens with Chromium 60.

Move code into a dist directory and add tests (mocha?)

I need a better logo. Ideally one that uses the brand yellow so it is easy to spot quickly in the context menu (#db9f1f).

If anybody is good at that sort of thing, I would love some help with this.

If a site (like mine) uses JS navigation, omnibear doesn’t stay up to date w/ the current URL. It should register pushState/popState listeners.

Would be great to tell my blog to Tweet my post too, right from Omnibear, especially when it's in reply to a tweet.

You can get the targets by doing a GET to the endpoint with ?q=syndicate-to and the access token. https://www.w3.org/TR/micropub/#syndication-targets

Then, when the button is pressed / checkbox is chosen, add a mp-syndicate-to field with the value of the button / syndication target, to the POST request. That gives the order to syndicate.

(I think my own blog and some other people support syndicate-to as the POST field, but that one is depricated. Better to use the new one.)

I tried this in Firefox. It doesn't quite work, since fetching pages from the extension without going through CORS requires permission for said pages. Adding <all_urls> to the permissions in manifest.json solved this, but I'm not sure it is the most elegant solution.

After that, posting seemed to work, but I can't quite verify it since my endpoint has problems right now (but I see a successful POST request in the server logs).

EDIT:
It is not yet possible in Firefox to ask for specific permissions that are not in the manifest (https://bugzilla.mozilla.org/show_bug.cgi?id=1197420), so unless there is something I'm missing the extension probably needs global permission to communicate with random URLs, as described above. I can submit a PR for this if you want, but such a trivial thing doesn't have to be attributed ;)

Upon creation of a new post, the micropub server response should have a Location header indicating the URL of the new post. This url should be displayed as a link to the user.

Hi,

I just learned about the extension and authorizing my blog went just fine. When publishing a post/reply/like I don't get any errors and a post published (or something similar), but the post never shows up on my blog, i.e. gets published. Any ideas of what might be wrong?

Any ideas?

On npm install the user will be greeted with:

npm WARN deprecated [email protected]: 🙌 Thanks for using Babel: we recommend using babel-preset-env now: please read babeljs.io/env to update!

I don’t think there is any reason not to follow their recommended upgrade?

It would be nice to have a emoji selector just like github has for issue comments.

Posting hearts, +1 and -1 would be easier with it -> https://indieweb.org/reacji

📸

When you type something, and then click on a webpage, Omnibear closes and discards the post.

Would be nice to save the post, so that when I open the window, I see the same thing again. (Just lost something because I didn't know, and losing posts while writing is sad.)

I am working on #60 and needed a permission change. Then spent 10 minutes furiously reloading the extension and wondering why it wasn’t working: files from the static folder aren’t watched and moved to the dist folder by the build process.

I don’t know enough about this build system setup to know if it can be updated to watch the static folder too. Input welcome! Right now I need to ^C and start webpack anew, which is a lot slower than the --watch process.

When I tried to use this on Chrome the pop-up window was a blank line. Disabling other extensions didn't help. (Authentication was not an issue.) Using Chrome on macOS.

The omnibear-0.5.0.zip file contains three .map files that are not needed for normal users:

• index.js.map - 3.6 MiB
• background.js.map - 3.5 MiB
• page.js.map - 327 kiB

If those were removed from the .zip, 0.5.0 would be 285kiB instead of 1.9MiB in size.

I am not sure if this makes sense or not to do. But want to bring it up anyway.

Currently my endpoint does not answer to ?=syndicate-to, and there is no MUST for supporting such queries in the current Micropub spec. This is not an issue for Omnibear and just means it should not offer syndication options.

However, this throws an error from the micropub-helper in fetchSyndicationTargets. The browser then skip the .then() for closing the tab and goes straight into error reporting:

This confused me at first when I was debugging authorisation. All authorisation actions succeeded and Omnibear was usable, the tab just didn’t close.

Either chrome.tabs.remove should trigger in the catch(), or it should be moved up so the tab is closed prior to querying syndication targets.

Inspired by discussion in #indieweb-dev today:

Since omnibear can really easily be run locally (as in, it always runs locally) it's a prime candidate to test micropub endpoints during development, running locally as well. Getting a token using online services can then be a bit tricky to set up. It would be helpful if one could set the micropub endpoint URL and token manually and totally avoid the discovery and authorization stage.

UI wise, I image in a "developer" or "advanced" option as an alternative to entering the homepage URL for the normal IndieAuth flow.

The omnibear-0.6.1.zip file contains the zips folder that contains all previous releases. This bloats it and shouldn't be.

Authentication does not work with local auth servers that are non internet-reachable.

My auth server redirects to omnibear.com, and then I only see:

Omnibear
Authentication successful

Retrieving access token...

And nothing happens because omnibear.com cannot reach http://anoweco.bogo/ that is running here locally on my laptop.

I can basically not test the extension locally.

Put a form in index.html to allow posting a note to the micropub endpoint

I find it hard to see which of the modes - "New note" or "Current page" is active, because they do not look like normal tab elements, and neither of them is bold when selected.

I think I saw an error with HTTP to HTTPS redirection:

When entering http://commentpara.de in the omnibear sign-in dialog, the auth procedure finally fails with

Error fetching token from token endpoint

[object Object]

If I use https://commentpara.de (note the s in the scheme), it works fine.

Investigate ways to enable debug logging so users can provide logs when reporting bugs.

The following endpoint LINK will trip Omnibear:

<link rel="authorization_endpoint" href="/test">

The user will get a page saying:

Firefox can't find the file at /path/to/omnibear/dist/test?me=http://example.com&client_id=https://omnibear.com&redirect_uri=https://omnibear.com/auth/success/&response_type=code&scope=post create delete update&state=very-secret-omnibear-state.

Instead of providing the source code as .zip in the github releases section, please provide the compiled extensions so that one can install them without using the stores.

Hi! Tried the extension, got this:

Missing micropub data on https://unrelenting.technology/. Please ensure the following links are present: authorization_endpoint, token_endpoint, micropub

with this header:

Link: <https://unrelenting.technology/webmention>; rel=webmention, <https://unrelenting.technology/micropub>; rel=micropub, <https://unrelenting.technology/login>; rel="token_endpoint", <https://indieauth.com/auth>; rel="authorization_endpoint", <https://switchboard.p3k.io>; rel=hub, <https://unrelenting.technology/>; rel=self

micropub-helper actually supports Link headers, but it seems you use some server-side app to authenticate (is it open source?)

Prepend “http://” to the authentication url if the user leaves it off

I wanted to demo Sink during the Virtual HWC, and this went wrong because @jeremycherfas who wanted to see it uses Chrome and I use Firefox.

The Chrome Web Store has version 0.6.1 (link) and the version on Firefox is 0.6.2 (link), but I think those are the same?

In Firefox I was able to login and make a post, but in Chrome it complains about not finding the endpoints:

I was trying to set-up from the repository today and had issues installing the dependencies. Odd errors about missing files and unmet dependencies everywhere.

After removing the package-lock.json file everything installed like a charm.

Looking at my diff, some dependencies had never resolved to a URL in the repo’s lock file. The lock file is also still for version 0.7.0 of Omnibear. I feel like it has somehow gotten out of date with your actual package.json.

Extremely long urls break the layout of the header in the popup. This pushes the 'like' and 'repost' buttons out of view to the right.

https://omnibear.com/ links to https://addons.mozilla.org/en-US/firefox/addon/omnibear/ which gives a 404

I got a 500 from my micropub endpoint, but it displayed the normal "successfully posted" message, which is obviously incorrect. Something is slipping through the error handling for that request.

Firefox seems to be really buggy and/or particular about the icon it uses for the plugin button. Omnibear is displaying using the generic green puzzle piece icon instead of the Omnibear icon.