So, thinking about things more, the “profile URL” scheme doesn’t make sense for pure OAuth endpoints like Twitter, Facebook, etc. I’m thinking the API should provide two discovery mechanisms: one for profile-type (OpenID, IndieAuth/RelMeAuth, Mastodon), and one for SSO-type (OAuth).
Maybe something like this:
class Authl: @property def profile_handlers(self): """ Returns a list that maps all known profile-type services from the service name to appropriate placeholder text for the profile UI. Probably enough to provide a nested list with a bunch of possibilities, really. """ @property def silo_handlers(self): """ Returns a list of information necessary to provide a link to the authorization endpoint with a name, textual description, and image """
This of course doesn’t do anything to help with “the NASCAR problem” but I don’t think that necessarily needs to be solved so much as weaned off of. And it’s still up to each site owner to decide to support each of the silo handlers and obtain the necessary API keys anyway.
Update: Or I could just, you know, ignore the username…