Problem with authentication, no idea where to look for the answer

[frankmeeuwsen]

I'm fascinated by the ideas around the IndieWeb and I wanted to see what's possible with Micropub on my own Jekyll blog on Github pages. I've implemented the script on Heroku but for some reason I can't get it to work. I try the server tests on micropub.rocks but I get the error

HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 129
Etag: W/"81-jYBiFMfHPVqIaQiWqkputjODRRY"
Date: Sun, 05 Nov 2017 19:43:18 GMT
Via: 1.1 vegur

{
    "error": "forbidden",
    "error_description": "Token \"me\" didn't match any valid reference. Got: \"http://diggingthedigital.com/\""
}

I don't know what is going wroing and what to fix where. Any pointers would be helpful. Thanks!

Frank

[miklb]

Taking a stab – do you have any other rel=me links on your site? Also, have you tried logging into http://quill.p3k.io/ or another site that does IndieAuth?

[frankmeeuwsen]

Thanks for your help @miklb,

I have several rel=me links as described by the micropub specs. I have links with rel="me" to

• micro.blog
• Github
• Instagram
• Twitter

Logging into Quill and Indieauth works fine but when I post an update through Quill I get the same error message as above.

[frankmeeuwsen]

I puzzled some more and decided to make a new Heroku deployment. This time, I made a MICROPUB_GITHUB_TOKEN var with access to everything. The previous one just had a select scope (admin:repo_hook, notifications, repo, user). This time my check at Micropub.rocks works!

After some trying, Quill works as well. Unfortunately, my Jekyll implementation of my blog has some specific configurations I need to review to make sure new posts are published to my gh-pages branch as well.

But it seems your Github token needs full access in the scope. Is that correct? If so, I would suggest update the readme to include this information.

(edit: Quill works after all)

[miklb]

ah, yeah, I would assume the token would need read/write access since it is creating a new post. I haven't configured this in a long time so will need to review the process, but does sound like clarification in the readme is in order.

[maggerbo]

I'm so close, but I'm experiencing this exact error right now when trying to post from quill. I'm a little nervous about giving the token full access.

Can you be specific about how many privileges it needs?

Would this be enough?

Thank you very much!

[maggerbo]

I finally fixed it. It was a redirect url that wasn't correct. Nothing to do with Github privs. Thanks.

[RosemaryOrchard]

@maggerbo could you share what redirect url wasn't working?

[thejdev]

@RosemaryOrchard This is probably way too late, but I was receving the same error as @maggerbo until I changed the link rel="micropub" on my site to: <link rel="micropub" href="https://_server_/micropub/main"> Where server is where you are running the micropub to github code.

Hope that helps.