Tag Archives: Webfinger

GNU Social now supports WebFinger (RFC7033)

So, (slightly more than) another week has passed and GNU Social has received a couple of stability and feature updates. Nothing very visible for the end-user, but administrators may appreciate it. Going chronologically through the shortlog:

First I did some minor fixes, mostly language and specifications to make more clear that we’re working in the GNU Social software. This includes removing some StatusNet names here and there, specifying our system requirements (PHP5.3) and preferring a local url shortener to a remotely hosted one (privacy issue). The “8 chars was too little” apprehends queue handlers which in the future may use longer frame-identifiers (more declarative names).

b62ac25 PHP 5.3 dependency declared in INSTALL file
f009499 minor fixes and cleanups in the scripts directory
4c6803a GNUSOCIAL is the new defined indicator
c906ab1 8 chars was too little, 32 should be enough.
c3001ff url shortening fixes for api config and not ur1.ca
792e1ae StatusNet_HTTPResponse now prefixed with GNUSocial_
a35344e instanceof instead of is_a is faster (thanks quix0r)

One goal I have with code updates are making better use of OOP, object oriented programming. It results in prettier code, which is easier to read and harder to get wrong (what with proper typing and all that). One part in this was clearing up a remnant of old times, the ‘subs.php’, and implement the same functions in the Subscription class.

There were small problems during the execution of this patch, but it was fixed in the following commits. Among these fixes were the introduction of Managed_DataObject::listFind, which instead of an array returns the actual multiple matches in an extended DB_DataObject class.

93e878d Make better use of Subscription class
39f21d6 New Managed_DataObject retrieval: listFind
6330608 Subscription "get by" functions now don't use ArrayWrappers

Proper exception handling is also a neat thing. So I introduced the ‘MethodNotFoundException’ which is thrown whenever a class hasnot implemented a function. Usually that’s handled through abstract classes and class interfaces, but abstract declarations are apparently not allowed for static functions. So instead they throw the mentioned exception. Then there was also some regression and neatness fixing to do, where the regression was related to javascript functionality.

50e611a Shouldn't define static classes as abstract.
f711f9e Fixed regression in bookmark.js that caused double-submits (jquery 2.x stuff)
5f1fea1 FavorAction upgraded to extend FormAction
e9f2a18 Wrong call signature used for Event::handle
4ca1c10 IMPORTANT: 'GNUSOCIAL' defined, or daemons wouldn't work
8205c56 Stylesheet event now removed of StatusNet-remnants
9d3abc3 $_PEAR now defined globally as new PEAR, so no static calls are made
4015a58 Sometimes there's no text content, so pad the array (thanks mrvdb)

We now support PHP5.5, at least after the following series of patches. 5.5 makes sure that PHP is not a _pure_ steaming pile of dung anymore. So I had to clear up some old programming mistakes that didn’t convert types and shut down data streams properly.

In the middle of all of this, I took the chance to update some PHP libraries too because stuff like OpenID wasn’t PHP 5.5 compatible.

1744fec Array to string conversion in queuemanager logger
1c6f9df PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
f268c3f Completing extra-element-without-text patch from 4015a58d1cfaa257fcf2b01aa6b1c9daa268c997
f01c478 htmLawed extlib updated
49b7559 Updating Janrain OpenID auth library
f7719b5 phpseclib extlib updated from phpseclib.sf.net
64df40e Filling in missing endHTML calls for Action AJAX
3ffe0e4 Added queue daemon notice about disabled forking functions
e9cc87f Updated some of the INSTALL documentation

A problem regarding URL shortening I noticed – if allowed notice length is infinite, then we ALWAYS shorten links (because two config settings were compared, where ‘0’ meant entirely different things).

858d9cc maxNoticeLength test for url-shortening failed on maxContent==0

Some minor problems I managed to introduce earlier were fixed here. Also, I applied several patches by Joshua Judson Rosen (rozzin). Thank you for these (one year old) patches!

80c6af0 Uncaught exception when no subscribers/subscriptions in ProfileList
633191d Making sure scripts and tests check for GNUSOCIAL defined (instead of STATUSNET)
981295f Autocomplete action must exist on user registration
562d5bc Remove bad common_path() call in context of cssLink().
8e5d58f Make paging work correctly in the user-directory even with the default filter set (i.e.: `all' = `no filter', so intrepret `filter=all' as `no filter').
9844ec7 Make the ForceGroup plugin work consistently for notices from remote users.
9085880 Allow the hostmeta to indirect from one domain to another. e.g.: rozzin@hackerposse.com => rozzin@status.hackerposse.com.
8e53eb2 Correct a logic-inverting typo in handling of replies to group-posts. The typo causes a tautology, which makes replies to group-posts always (or almost-always) go to the group(s). cf. http://status.net/open-source/issues/3638
44f7ad6 Correctly distribute notices from remote posters through local groups to remote group-members via OStatus. Allow the OStatus queue-handler to handle all posts, and give it the smarts required to make correct decisions about whether it should or shouldn't relay notices over OStatus. cf. http://status.net/open-source/issues/3540

…and now to the big implementation of the week – WebFinger. GNU Social now properly supports, I believe, RFC7033. Plus of course the former RFC6415 (Web Host Metadata), which StatusNet supports (but only XRD format). GNU Social supports both with both JSON and XML resource descriptors (JRD and XRD). It was followed-up by some regression fixes which were caught rather quickly thanks to debugging with postblue who tracks the master branch.

What WebFinger does is simplify and standardise metadata retrieval for users, websites, devices etc. using unique URIs – such as acct:mmn@social.umeahackerspace.se or https://social.umeahackerspace.se/mmn. What we don’t do is make use of the ‘rel’ parameters. Yet.

This also removed the previously available StatusNet hack ‘xrd.php’, replacing it with the PEAR XML_XRD library. We could probably also use Net_WebFinger for lookups, but so far no one has contributed RFC7033-compatible changes to it. It means more lines of code, but less maintenance. Code reuse is awesome.

As a bonus, or rather instead of implementing Quitter’s API changes, I pushed some Avatar class fixes. These simplify a lot of the code, as can be seen in commit b0dfc70 which replaces multiple get-avatar-check-if-it-is-there-and-get-the-url-otherwise-get-the-default-avatar-url (+ I could get rid of Twitter-specific hacks that returned 73×73 sized avatars when they sometimes should’ve been 96×96 pixels).

a0e107f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
a23c4aa Avatar resizing improvements and better code reuse
24e0535 Fix regression from WebFinger update for singleuser sites
cced063 Fixed regression in latest Avatar fixes
a7e7484 Fixed regression in OStatus sub from WebFinger/XML_XRD update
b0dfc70 Properly unlink all old avatars when deleting/uploading a new

Then I made some minor fixes to avoid filling up the avatar directory over time, and spamming the PHP error log with unnecessary notices.

1d46ca4 PHP Notice:  Undefined variable: logo
3e15bab PHP Notice:  Trying to get property of non-object

And lastly, I just now fixed a problem with a new behaviour in lib/plugin.php where all the Plugin extended classes (i.e. all plugins) automatically load files from their directory if they match desired class names. During WebFinger updates I introduced (for the LRDD methods) a snippet of code that replaces ‘_’ with ‘/’ so we can have a better directory structure for plugins which act like the LRDD plugin.

ba5e901 Plugin onAutoload replaces _ with / in lib paths, this renames some classes.

Thanks for reading. Now go federate!

Next week in GNU Social

I’ll post my little todo-list for the coming week’s development of GNU Social here:

  • Proper WebFinger support (draft 18). Preferrably both JRD and XRD style.
  • Add a Profile_prefs class, to avoid separate tables for every plugin’s preferences.
  • Implement qvitter’s API improvements

If I have time I’d also like to do:

  • Generic Avatar size retrieval (generate + cache on demand)
  • Notice retrieval interface through WebFinger.
  • Implement parent retrieval for orphaned posts.

Parent retrieval would of course not work until others also upgrade to GNU Social from StatusNet, or patch their installations with that specific functionality. However, considering the amount of broken conversations that comes with more federated users I think it’s very desirable.

Conversations in “social” media (and why OStatus rocks)

So, what’s more social than having a conversation? Two or more participants in an exchange of words or acts that relate to a common subject. It’s called communication and as human beings we have a natural born talent for maintaining several subjects in our mind at once.

The conversation is very important for humans and our social life. We not only want to interact with others – we want to understand the context of a conversation we’re not immediatly being a part of. Be it a political debate, people on the street passing by or when reading posts on an internet forum. Quotations are a great example of how maintaining the intended context is important, as many phrases have multiple interpretations. With the age of books, physically printed literature, keeping the context has been a hard task – but with computers, the internet and hypertext on the world wide web it is no longer difficult.

So one may wonder why websites that are portrayed as “social” are so bad at presenting communication. Lately we have started seeing one-level threads that contain comments and mentions in the “social media”. Not much more than bulletin board systems did during the ’70s and ’80s. The visual representations, event the metadata, of these digitally stored conversations are limited to relatively short bursts of chaotic chatter in the realtime-adapted webservices. Not a very socially sustainable style of communication.

The two major players in the area of asocial media services in Europe and the US are Facebook and Twitter. Both fail to respect human conversation in their own particular way:

  • Facebook has a single-thread style conversation. A user initiates this with a post or link. This notation may be quite long and occasionally sparks an intense debate. However, any replies that are made are only linked to the original post.
    Should a thread get multiple conversation participants that reply on several invisible subthreads it doesn’t take long before it is too chaotic to follow. Even for a trained robot or human being.
  • Twitter conversations are built on reply-to notifications. An original tweet, limited to 140 characters, can often gain attention and be subject to discussions. Any replies to this post will be required to contain a multi-character mention (@username) of the user replying to, while still being subject to a character limit.
    Assuming, contrary to experience, that a 140 char-limit is enough the available characters are quickly reduced with conversation participant, effectively disorienting any third-party that tries to follow up.
    To make matters worse there’s not even a method of linking tweet follow-ups in metadata, which has caused some clients to add any “>>”-like signature to indicate humans to continue reading in the next tweet.

Compare it to mailing lists. Any mailing list or e-mail client can handle threads, replies, carbon-copies and even blind carbon copies since decades ago. That’s like space-age technology compared to the asocial media services’ scrapbooking kit which even lacks a proper glue.

Google+ also uses the single-thread style. There are of course also many other services out there, even some of which have learned from (or even incorporate) mailing lists. Usenet for example should reasonably be an early example of an open social media, lacking only a flashy front-end, a marketing department and better anti-spam measures to be successful.

WordPress is probably the best example of a social web media and sports appealing multi-threaded comments with proper computer-readable markup. However, WordPress currently lacks integrated federation. It’s more of a social oasis, where you park your camel and talk for a while before you head off to the next water hole. Besides, that structure is better used for the topic of a discussion rather than the place of a discussion.

So welcome OStatus, the federated social web protocol. Its main implementation, the software StatusNet (see it in action on identi.ca or freesocial.org), already does threading and proper in-context metadata. It has the backbone for cross-domain notifications and replying without clogging the post with the @-mentions. As opposed to WordPress, the social bit is integrated both up- and downstream so feeds you subscribe to get pushed into your timeline and from there you can post comments upstream and interact with replies.

The OStatus protocol is open and free for anyone to use, works across domain-names and gives you control over what you share, how your data flows and especially where it is stored. You’d never give up control of your “real” social life to someone else – so why give up the digital representation of it? OStatus is an easy solution to maintaining this control.

So if one wants a true social media service, I think it is important to choose one that is not only open and free as in speech but also compatible with how humans really interact with each others. A system that not only respects the user by keeping the user in control, but also something that understands our social interactions – where conversations are a very important part.

The social web is nothing but communication anyway, so why not make sense out of it and keep its context open, transparent and clear?

An e-mail to Google about enabling Webfinger

RCPT: info@google.com
FROM: mmn@hethane.se

I’m mailing this social web feature request to the info@ address as it should reach some authoritative person at Google. At least according to some SMTP RFC I once read.

I’m a big fan of the federated social web and would very much like to see the Webfinger discovery protocol implemented on the gmail.com domain, mainly in order to find your users’ OpenID providers in a standardized way. (i.e. /.well-known/host-meta -> xrd lookup -> user data including OpenID server).

It would definitely help boost OpenID usage as a lot of people have a Gmail address – which is much easier to remember and type than the Google account OpenID provider url. It would also enable a federated web friendly version of the various “Connect” login options that the major asocial web service companies offer.


<info@google.com>: host aspmx.l.google.com[] said: 550-5.7.1 The
user or domain that you are sending to (or from) has a policy that
550-5.7.1 prohibited the mail that you sent. Please contact your domain
550-5.7.1 administrator for further details. For more information, please
visit 550 5.7.1 http://support.google.com/a/bin/answer.py?answer=172179
ig6si37627458lab.30 (in reply to end of DATA command)