#metabrainz

ah yes, spotify does it. but its not exactly expiring in the sense.

when you refresh a token, spotify may optionally also return a new refresh token which invalidates the existing refresh token.

but if you don't refresh then iiuc the old refresh token keeps working.

re. global scope, as a derp end user I don’t really want a list of all MetaBrainz projects. Like on Google I don’t care if a Google account lets me access YouTube and Drive etc. I just want to create an account and login

Unless it’s giving external apps access or sharing my data in some way (which creating a login isn’t, I haven’t added data yet)

mayhem: When you have a moment to task switch/for admin stuff, it would be great to have the Zoom meeting link before tomorrow. :)

To everyone at the office: choose some food from here (pizzas and others): https://cdn.website.dish.co/media/23/a2/5047358...

monkey: Barbacoa, please.

noted

monkey: funghi

👍

I'm idle at this point. anyone have anything for me to work on?

mayhem: alastairp: so do we do expiring refresh tokens or let it be not expiring for now?

the latter, unless we have a clear use case in mind

👍

monkey: diabola

then the final table for now to discuss,

table to store authorization codes

lucifer: is this an intermediate code before requesting a token?

the scopes here can also become a join table.

monkey: Pizza Mexican

👍

monkey: Bolets

OK

alastairp: yes. client redirects user to MeB.org. user approves on MeB.org and gives an authorization code to client on redirect_uri. client queries MeB.org with authorizaton code to get access token.

this is the same workflow we use in LB to auth with MB/spotify/CB etc.

lucifer: right, in that case, I think that table is probably fine

👍

it's a workflow for something that we need to do, but doesn't need anything special extra based on what we've discussed

do we want to require 3rd party apps to respond to an account deletion request?

e.g. we POST to them to say "accoutn luficer was deleted, please remove it from your app"

probably yes i guess.

but can add that later

we'll need an extra column in client table for a webhook url. and some more tables if we want to retry etc.

strava does this via webhooks: https://developers.strava.com/docs/webhooks/

yup same for stripe. stripe also retries with a backoff if the webhook responds with a 500 or is unreachable.

if we implement it via webhooks, then I guess webhook implementation is another feature that we could implement later

agreed

in fact, when creating a strava app, you don't add the webhook url. you do it via the registration api

so fine to skip that column for now

lucifer: just to confirm - these tables that you're working on are the new versions of the oauth core tables for the new auth implementation?

atj: https://galaxy.ansible.com/community/docker?ext...

reosarevok: did we ever respond to the "Album Cover Art Images feed" email?

alastairp: yes.

lucifer: great, need my help on anything?

I could do hard-coded usernames/passwords if that's not already done

(although lunch will probably be here in <20 mins too)

alastairp: just wrote down the models for these, will generate the sql to verify after that we can create tables in db to check.

ok

mayhem: I asked you to, so unless you did, no :) (sorry, forgot to remind you)

let's regroup after you have had lunch and discuss what to do next?

ops, on it.

Thanks

lucifer: lets do that.

monkey: need help fetching pizzas?

Got zas to help me, thanks

ah the frenchie express

inb4 they go on strike before they get back with the pizzas

alastairp: https://zzz.buzz/2017/12/05/jira-tips-and-trick...

bitmap: huh, is it intentional that lib/MusicBrainz/Server/Entity/Role/Editable.pm passes edits_pending as a boolean?

I guess maybe the idea is that we generally only care for display about whether there's 0 or more than 0, just a bit confusing

lucifer: we're back

lucifer: alastairp suggested I should work on the hard coded users in meb.org so we can start testing.

mayhem: alastairp: the SQL schema you'll need to create in the db.

ok, on it.

one change from what we discussed before, added a issued_at column to client_id. for marking the time of creation of an oauth app. saw that the authlib demos were using it so added.

makes sense

i am working on the MeB side server implementation meanwhile.

tables created.

anything I can do to help? like code the three fake accounts?

sure creating test accounts sounds good.

which function would get called to check to see if a login is valid?

i am not sure currently sorry. but i think regular MeB login functions.

i'd say creating user in db would be easiest

i.e. add new user to `ouath.user` table.

other than that need to follow the steps here and update the branch. some steps are already done but authlib has a version out so may need to update. https://docs.authlib.org/en/latest/flask/2/inde...

Just make sure you don't call it ouath

uh i named the sql schema oauth but we can rename it before deploying to prod.

I meant that you typoed it there, I was making sure it wasn't copied from somewhere :)

ah okk

ok, I'll start with adding rows to the table.

mayhem: alastairp: updated the branch with impl. please see the TODOs here: https://github.com/metabrainz/metabrainz.org/co... . once these are resolved we can try out the impl

(except for bugs that will show up when we run first and fix retry so on)

working through authlib docs to resolve these TODOs currently.

everyone: I've created three dummy user/password entries right now: test1/test1 , test2/test2 , test3/test3

lucifer: a bcrypted password looks like this `{CRYPT}$2b$12$VzZ0OEmapdPUqw.4.ZTeZuBUz2RE6m.oPzXRDqpt8CpMubQiJ5kVq`

when passing it to the bcrypt function, we need to remove the {crypt} which indicates to us which hash alg to use.

i see, makes sense.

oh i think i might be able to sidestep these todos. let me put up the current branch on test.meb.org and check

mayhem: how about i change the login endpoint in this branch so that anyone who logins there is logged in as test1/test1?

sure

well not even login, just click login and done

👍

yeah, understood

mayhem suggested we do a group photo with everyone here at the office wearing the amazing new summit t-shirt. It would be nice to do that at 17 in main hall, before the daylight is too low.

ok

we'll have to hold lucifer's shirt up to the laptop, I guess.

yvanzo: done. conf in email

mayhem: thanks

aerozol: just have to wait now ^

mayhem: i am getting the error that oauth.user table doesn't exist.

can you check those tables were created in the right db afterwards?

lucifer: can you join meet>

yes one sec

hi ansh

I was just talking to aerozol about the page at https://critiquebrainz.org/statistics/

it'd be great to see a breakdown of number of reviews/ratings for each entity type here

Hi! This addition sound really good.

We can probably show them similar to how we show the statistics on lb

mayhem: ah i see, tables were created in prod meb db not test meb db. i'll recreate tables there.

ansh: yes, or like musicbrainz: https://musicbrainz.org/statistics

alastairp: Yes, this is more detailed.

alastairp: But, we won't be able to show such detailed statistics for reviews for particular types of an entity_type. For example the number of reviews for Person, Group, Orchestra, Choir... which are types for artist.

ansh: given the number of reviews of artists that we have, I think it's probably OK if we just had a total count of reviews for now ;)

True

aerozol: otherwise, the easiest solution would probably be an amazon order that will get here tomorrow

there's a shopping center here, which has Carrefour (hypermarket, has electronics stuff in the top floor): https://www.google.com/maps/place/Carrefour/@41...

Pratha-Fish: hi, are you around?

alastairp: hi i am doing dinner rn. Will he back in 15 mins

Pratha-Fish: great, ping me if you're back to work this evening

alastairp: ok was able to create an application in MeB oauth, can try testing with LB now.

lucifer: awesome, is that running on test?

yes, test.metabrainz.org.

but test doesn't have a web interface to view apps, right?

what server is this running on? or do you have a psql connect string? :)

`https://test.metabrainz.org/new-oauth/authorize` and `https://test.metabrainz.org/new-oauth/token` for urls to use in LB.

sent the url

thanks!

also can create new oauth app using https://test.metabrainz.org/new-oauth/create_cl...

monkey: aerozol: one thing that irritates me sometimes is how small `i` looks `l` in the sintony fonts. you probably have noticed it on various meb sites. can that be improved?

iiuc, it happens when the text is bold. but maybe wrong.

[design-system] 14akshaaatt opened pull request #85 (03master…login): Login components added and Dependenices bump https://github.com/metabrainz/design-system/pul...

Hm, I did notice that a couple of times

Not sure what we could do to improve that other than change the font :/

Pratha-Fish: hi, so I ran your examples and saw the bit where it takes about 16 seconds to process this specific file (as you said, about 100k rows)

however, did you notice that if you run the exactly the same code again, it takes ~1.5s

I wonder if most of this time was actually loading our mapping dataframes into memory?

alastairp: yes, I noticed

Hmmm that's very likely

One option could be to avoid dataframes and process individual columns are numpy arrays