Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Document how to authenticate with an app
See original GitHub issueI was excited when Ruben announced that we can start testing our apps, but I’ve been tinkering with it and I didn’t manage to get authentication working 😦.
I am using the @inrupt/solid-client-authn-browser package in my app, and I’ve searched this repo for hints on what to do. If anything, I found indications that authentication isn’t implemented yet. Looking at the authentication epic, most of the issues are still open.
I managed to create a POD looking at the POD Creation integration tests, but that’s as far as I got. When I try to log in with my application, it’s calling a .well-known/openid-configuration endpoint that doesn’t seem to exist in this repo.
It’s worth mentioning that I have no idea what DPoP is, I was hoping to delegate that to a package and focus on building my app (like I did with solid-auth-client). My app is currently working with NSS and ESS, so there must be something I’m missing here.
Issue Analytics
- State:
- Created 3 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
That would be a lookup via
solid:oidcIssuer(but @matthieubosquet is working on another suggestion).You can see what this looks like in my profile at https://ruben.verborgh.org/profile/#me, where I indicate my identity provider and storage location (indeed via
pim:storage).@RubenVerborgh I have yet another question, I hope you don’t mind me asking 😃 I also think it could be useful for other app developers who end up reading this.
I’ve looked at the sample apps you mentioned, and I think now I understand what’s going on. I have recently become familiar with the identity provider / pod provider distinction, because I had been using node-solid-server and it fulfils both roles. For example, looking at solid community, my webId is
https://noeldemartin.solidcommunity.net/profile/card#meand my data is stored underhttps://noeldemartin.solidcommunity.net/*. So it is the same domain and, as a user, it’s easy for me to understand that I need to login usingnoeldemartin.solidcommunity.netwhen asked for a url.In the current status of CSS (which I know is in beta! I’m just trying to understand what’s going), the identity provider is not implemented yet. So an app needs to know two things: the identity provider to obtain an authorization token (
broker.demo-ess.inrupt.comin your example) and the pod provider (localhostor wherever CSS is deployed). So an app that supports this workflow needs to ask users for a url two times: first the identity provider (which is hard-coded in your example, but I suppose that wouldn’t happen in a real application) and then the pod provider to read/store data.Assuming I understood all that correctly, my question is: How does this look once CSS is production ready? (or any server for that matter). I think it’s already difficult for users to understand what url they need to use when logging in, if my app has to ask two urls instead of one, that increases the barrier of entry even more. Is there something in the Solid spec, or even done in practice, to avoid that? For example, having the identity provider return the user’s preferred pod provider or something. What comes to mind from the apps I’ve build is reading the
pim:storagefrom the user’s profile, but in this example I see it’s actually pointing to something else (ldp.demo-ess.inrupt.com). Is it just a workaround until CSS is production ready, or shouldn’t my apps be relying onpim:storagein the first place?