Owen (degenerate aspect) on Nostr: As a wrinkle, these functionally have to be bearer tokens - I'm trying to use the ...
As a wrinkle, these functionally have to be bearer tokens - I'm trying to use the browser cookie APIs and the HTTP cookie protocol to deliver and manage them, rather than writing bespoke credential code for each client. That rules out things like client-generated HMACs, per-request signatures (comme le AWS API), and a lot of other mostly-quite-sensible but also quite complex approaches.
Published at
2025-05-06 19:48:22Event JSON
{
"id": "74583dc3afa7dc1a5c523662e6f248205e10e260a957ef7a1b72050644afa640",
"pubkey": "7e1f3bd7b02800f933c73a852021347e129894ac71afba61afa750151e4023c3",
"created_at": 1746560902,
"kind": 1,
"tags": [
[
"e",
"bd8fd43fb90bd48b8f7b2719431ec54d9f871eeef25dc4020d3efb3c9e00550f",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.transneptune.net/users/owen/statuses/114462615283441616",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "As a wrinkle, these functionally have to be bearer tokens - I'm trying to use the browser cookie APIs and the HTTP cookie protocol to deliver and manage them, rather than writing bespoke credential code for each client. That rules out things like client-generated HMACs, per-request signatures (comme le AWS API), and a lot of other mostly-quite-sensible but also quite complex approaches.",
"sig": "300f03b691e284278d5498c9420f5ed550439382fb8ec02df72cd95909c4d230c1b6d9dc3117855226bd64f90520005647c4d10d0db871f87ef100c68122f374"
}
