Add note for WebID authenticated fetch #1709
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
This pull request is automatically built and testable in CodeSandbox. To see build info of the built libraries, click here or the icon next to each commit SHA. Latest deployment of this branch, based on commit 1adc390:
|
src/profile/webid.ts
Outdated
| @@ -76,7 +76,9 @@ export function getAltProfileUrlAllFrom( | |||
| * A WebID Profile may be any RDF resource on the Web, it doesn't have | |||
| * to be a Solid resource. That is why, in order to expose a Solid-enabled part | |||
| * of their profile, some WebID profiles link to a Profile Resource, which may | |||
| * be a Solid resource. | |||
| * be a Solid resource. A WebID resource should be public, so `getProfileAll` will | |||
There was a problem hiding this comment.
So ... since we state "to expose a Solid-enabled part ..." above, should "a Profile Resource, which may be a Solid resource" be just "a Profile Resource, which is ..."? Or even "an Extended Profile, which is a Solid Resource"?
And, with "WebID resource should be public" -- is it a should be or is it a must? If a must, I'd just say "A WebID profile is publicly readable"
There was a problem hiding this comment.
Oh ... also, in case your "should be public" stands -- such that, some people make their profiles not publicly readable (mistakenly or not), just wondering, for the WebID profile part of getProfileAll, do we first do an unauthed fetch, and then, if that fails, we do an authe'd fetch?
There was a problem hiding this comment.
"Do we first do a...", yes, that's the implementation: https://github.com/inrupt/solid-client-js/pull/1709/files#diff-df051b184aa88ad98045d31b7def5698e9b5c75b17fd85b15bc8a8790cf82798R122
keep in mind this isn't strictly specified by a spec yet.
|
Why don't we just add a "getWebId" method? |
|
We can also add a |
|
@NSeydoux hmm, okay, yeah, agreed. |
src/profile/webid.ts
Outdated
| @@ -76,7 +76,9 @@ export function getAltProfileUrlAllFrom( | |||
| * A WebID Profile may be any RDF resource on the Web, it doesn't have | |||
| * to be a Solid resource. That is why, in order to expose a Solid-enabled part | |||
| * of their profile, some WebID profiles link to a Profile Resource, which may | |||
| * be a Solid resource. | |||
| * be a Solid resource. A WebID resource should be public, so `getProfileAll` will | |||
There was a problem hiding this comment.
"Do we first do a...", yes, that's the implementation: https://github.com/inrupt/solid-client-js/pull/1709/files#diff-df051b184aa88ad98045d31b7def5698e9b5c75b17fd85b15bc8a8790cf82798R122
keep in mind this isn't strictly specified by a spec yet.
src/profile/webid.ts
Outdated
| @@ -76,7 +76,9 @@ export function getAltProfileUrlAllFrom( | |||
| * A WebID Profile may be any RDF resource on the Web, it doesn't have | |||
| * to be a Solid resource. That is why, in order to expose a Solid-enabled part | |||
| * of their profile, some WebID profiles link to a Profile Resource, which may | |||
| * be a Solid resource. | |||
| * be a Solid resource. A WebID resource should be public, so `getProfileAll` will | |||
There was a problem hiding this comment.
| * be a Solid resource. A WebID resource should be public, so `getProfileAll` will | |
| * be a Solid resource. A WebID resource MUST be public, so `getProfileAll` will |
I think this is what the spec says, but I might be wrong
There was a problem hiding this comment.
Spec doesn't say "MUST" nor "should", in fact, it no longer says anything about WebID's other than they're resources — i.e., it reintroduced as of September 10th the ability for WebID's to require authentication to read, by way of omitting to specify that they must be publicly readable.
There was a problem hiding this comment.
Arguably, https://www.w3.org/2005/Incubator/webid/spec/identity/ can be interpreted to mandate the WebID to be public (that's the worst sentence to say about a specification), so unless the Solid-WebID spec adds additional constraints, it sounds like a fair assumption that WebID profiles are public documents.
|
Relates to #1761 |
|
Let's merge after #1765 is merged and the new environments roll out, that'll fix the CI issues here. |
ThisIsMissEm
force-pushed
the
fix/get-profile-all-doc
branch
from
c052001
to
2628ce5
Compare
ThisIsMissEm
had a problem deploying
to
ESS PodSpaces
GitHub Actions
Error
ThisIsMissEm
had a problem deploying
to
ESS PodSpaces
GitHub Actions
Error
ThisIsMissEm
had a problem deploying
to
ESS PodSpaces
GitHub Actions
Error
ThisIsMissEm
had a problem deploying
to
ESS Dev-Next
GitHub Actions
Error
ThisIsMissEm
had a problem deploying
to
ESS PodSpaces
GitHub Actions
Error
ThisIsMissEm
had a problem deploying
to
ESS Dev-Next
GitHub Actions
Error
WebID must be public resources, and may not be Solid resources. As a result, by default they should be fetched unauthenticated. This commit simply adds a note describing this already implemented behaviour.
ThisIsMissEm
force-pushed
the
fix/get-profile-all-doc
branch
from
2628ce5
to
6bd69f0
Compare
ThisIsMissEm
temporarily deployed
to
ESS PodSpaces
GitHub Actions
Inactive
ThisIsMissEm
temporarily deployed
to
ESS PodSpaces
GitHub Actions
Inactive
ThisIsMissEm
temporarily deployed
to
ESS Dev-Next
GitHub Actions
Inactive
ThisIsMissEm
temporarily deployed
to
ESS PodSpaces
GitHub Actions
Inactive
ThisIsMissEm
temporarily deployed
to
ESS PodSpaces
GitHub Actions
Inactive
ThisIsMissEm
temporarily deployed
to
ESS Dev-Next
GitHub Actions
Inactive
* Add note for WebID authenticated fetch WebID must be public resources, and may not be Solid resources. As a result, by default they should be fetched unauthenticated. This commit simply adds a note describing this already implemented behaviour. * Mention Extended Profiles
WebID must be public resources, and may not be Solid resources. As a result, by default they should be fetched unauthenticated. This commit simply adds a note describing this already implemented behavior.