GNOME Online Accounts: why it is the way it is
This keeps cropping up every now and then, so I thought of writing this down once and for all. Private conversations are poisonous for a community driven free software project like GNOME.
In the new GNOME 3.x series there has been a push to integrate the user’s online accounts into the desktop. Towards this end, almost a year ago, a new single sign-on (SSO) framework was written for GNOME 3.2. However, more recently, Ubuntu created its own SSO to achieve a similar objective.
An SSO is only as effective as the applications that use it, and having to support two different frameworks with their own set of APIs and ways of doing things is a pain for application developers. Given the long history between the two projects, it is not surprising that they also share quite a few applications, and in turn developers.
Ubuntu’s SSO is based on the one used by MeeGo, while GNOME wrote its own. I do not know why Ubuntu decided not to use GNOME Online Accounts (GOA), because they decided to switch after GOA was born.
But why did GNOME write its own when MeeGo already had one? Sounds like NIH, doesn’t it?
However, it is a bit more complicated than that. MeeGo (and now Ubuntu’s) SSO has a DBus daemon written using Qt. We have been down this road before, most recently with Maliit. The daemon would have had to be rewritten without Qt using GObject for it to be a part of GNOME. This problem has only increased with Ubuntu reimplementing the signon-ui service using QWidgets and QtWebKit, which is then embedded into System Settings using XEmbed. MeeGo’s implementation of this service was proprietary.
Secondly, MeeGo used libdbus-glib-1 instead of GDBus when the discussion to use it in GNOME first took place. I do not know whether it has changed since then or not. We have been actively trying to move away from libdbus-glib-1 to GDBus. One of the problems with libdbus-glib-1 is that it is not thread-safe. If we mix the two in an application, the same process will end up having two connections to the DBus daemon. We want to avoid that. This means that we would have to migrate it to GDBus.
Both of these would require non-trivial changes to the code and hence it is not as NIH as one might think it to be.
Not to mention that the pass through authentication scheme used by MeeGo would only make it harder to patch existing applications to use the SSO.
Ofcourse, one can argue that we could have still tried to push the needed changes to MeeGo. Maybe we could have done so, but I am not convinced that it would have made life any easier for GNOME, MeeGo or Ubuntu. More on that later.
One of the ways in which Ubuntu’s SSO differs from GNOME’s is that it allows third-party plugins to offer new account types or providers. They leverage this to make Empathy export its code for adding chat accounts (Jabber, SIP, etc.) via external plugins. While we do agree that plugins can be useful, we are not too excited about allowing third-party or external plugins. We intend to support in-tree plugins for GNOME Online Accounts.
Third-party plugins lead to a kitchen sink. There is no way you can stop them from stepping on each others feet. This was one of the reasons why we stopped supporting external panels in the System Settings against a lot of stiff opposition.
Someone’s kitchen sink can be another’s extensibility. However GNOME 3 is still young and I think it is important to stay clear of kitchen sinks at this point.
There is no fundamental reason not to have all the different types of chat accounts supported by Empathy in the SSO itself, as long as we take care not to clutter the UI and keep the popular ones separate from the rest. The thumb rule for adding a new account type to the SSO is to have a GNOME application that hooks into it. In this case, we have two — Empathy and GNOME Shell.
Thirdly, having an application provide a new account type via a plugin violates the basic layering of the GNOME platform. This is mostly a good taste vs. bad taste thing. The SSO is supposed to be right at the bottom serving accounts and credentials. Things like libgdata, libzapojit, libsocialweb, etc. sit on top of it and leverage the information as GDataGoaAuthorizer and ZpjGoaAuthorizer currently do. Then you have the applications using these libraries to offer something useful to the users. In fact Empathy already works this way in GNOME.
Having a circular dependency where applications provide critical functionality to the SSO via plugins, which they then consume, only complicates the whole platform.
GNOME and Ubuntu
Recently GNOME and Ubuntu has diverged quite a bit in their plumbing layers. Think in terms of gdm vs. lightdm, systemd vs. upstart, gnome-shell vs. unity, and so on. Both projects are focused on building a vertically integrated product, and it is only fair that they get the liberty to make decisions that are best for them and be free to fail or succeed without getting flamed.
Then there is the issue of copyright license / assignment agreements that Canonical asks for those components that are hosted on Launchpad. For example, signon-ui. I am not a lawyer, but my understanding is that GNOME has always stepped carefully when it comes to signing these agreements with a company because it makes it tricky for competing commercial entities to participate.
This is why I am doubtful that we would have ever been able to merge or share everything because this divergence is only going to increase. The SSO will closely tie in to the way we will do application bundles and sandboxing in GNOME, which in turn will depend on systemd. These things are still being hotly discussed within GNOME, so I do not know what the exact implementation will be neither do I know what Ubuntu plans to do, but it is possible that theirs will be different.
So, if one wants to make sure their application is both a GNOME and an Ubuntu application they will have to spend some extra effort to make sure that it works well on both platforms. But it is not bad as it sounds. Both GNOME and Ubuntu are doing a great work of taking free software on the desktop forward, and the effort spent in supporting both will only be rewarded by a greater number of users.