Cy on Nostr: OK the Fediverse is still better than whatever you're schilling. But just to give you ...
OK the Fediverse is still better than whatever you're schilling. But just to give you an idea of how fucked up the Fediverse is, every user has a URL known as an "APID" that uniquely refers to them, and can be used to request information on their profile. The format of that APID is completely up in the air arbitrary and you'll see:
https://instance/users/:name
489292983892778942
https://instance/@:name
https://instance/@name@otherinstance
https://instance/users/xxx879x798x98xx978x789x that only redirects to https://instance/@:name if you request it without an accept header, otherwise just returns an error.
The people who wrote the Fediverse thought it perfectly acceptable to use all of these formats interchangeably, some simultaneously on the same instance, and the only way to get a users main URL (their actual APID) is to use webfinger:
https://instance/.well-known/webfinger?resource=acct:@name@instance
Now, you have an ID https://instance/users/xxx879x798x98xx978x789x. How exactly do you get the username that webfinger requires that you know?
https://instance/.well-known/webfinger?resource=https://instance/users/xxx879x798x98xx978x789x is forbidden, because that would actually make sense and we can't have that.
So my "create profile source" function has to go from
url → APID
to
url → check for redirects → count the '@'s in it → swap @ for /users/ → actually swap /users/ for @ → lookup https://instance/api/v1/accounts/489292983892778942 → actually that's forbidden without logging in → negotiate OAUTH login → ask the user for a verification code → fuck around → login → swap @ for /users/ again → APID
Don't even get me started on statuses... #fediverse #wtf
https://instance/users/:name
489292983892778942
https://instance/@:name
https://instance/@name@otherinstance
https://instance/users/xxx879x798x98xx978x789x that only redirects to https://instance/@:name if you request it without an accept header, otherwise just returns an error.
The people who wrote the Fediverse thought it perfectly acceptable to use all of these formats interchangeably, some simultaneously on the same instance, and the only way to get a users main URL (their actual APID) is to use webfinger:
https://instance/.well-known/webfinger?resource=acct:@name@instance
Now, you have an ID https://instance/users/xxx879x798x98xx978x789x. How exactly do you get the username that webfinger requires that you know?
https://instance/.well-known/webfinger?resource=https://instance/users/xxx879x798x98xx978x789x is forbidden, because that would actually make sense and we can't have that.
So my "create profile source" function has to go from
url → APID
to
url → check for redirects → count the '@'s in it → swap @ for /users/ → actually swap /users/ for @ → lookup https://instance/api/v1/accounts/489292983892778942 → actually that's forbidden without logging in → negotiate OAUTH login → ask the user for a verification code → fuck around → login → swap @ for /users/ again → APID
Don't even get me started on statuses... #fediverse #wtf