New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure the “it just works” scenario works in TLS and OIDC modes #138
Comments
Using your pod at https://ruben-just-works.solid.community/public/, here are my observations: [1] I can authenticate and login using WebID-TLS Error: A 401 message shouldn't be returned for an identity that has been successfully authenticated. |
So that we have a coherent interop exercise, that's ongoing rather than fragmented, here are the existing TLS-mode pods that pass basic "it just works!" interop tests:
What are the basic steps?
ACL Raw Data:
|
@RubenVerborgh ,
I don't have this problem with TLS-mode pods. |
My WebID is: https://kidehen6.solid.openlinksw.com:8443/profile/card#me, it should show up in Yo too. |
I get the following error message when I perform your steps:
Error: Error writing meeting configuration: Web error: 401
(Unauthorized) on PUT of
<https://ruben-just-works.solid.community/public/Kingsley-Test/index.ttl>
|
@RubenVerborgh , [1] solid-server -- node.js module that allows read-write operations using LDP (HTTP PUT and PATCH methods) used to create and interact with solid pods/data spaces. [2] data browser -- an solid-server can be configured to use a variety of data browsers, with Tabulator as the default [3] Tabulator uses "mashilib.js" as a vehicle for delivering the app/pane experience against data in a pod. Other Data Browsers could emulate Tabulator re. its use of "mashlib.js" for visual data interaction that also manifest as panes/apps. Does this reconcile with your understanding? |
What's the relation used to indicate the Idp of a WebID? Basically, how a person asserts that an Idp is a trusted provider of identity claims verification? Note: I looked around a few WebIDs and couldn't find the relation in question there, I know its documented somewhere :) |
Heh, as usual, documentation could definitely be improved. |
(The predicate is |
Basically, the following:
Example snippets: My OIDC-mode pod WebID-Profile docs.
|
Success regarding the following:
See: https://ruben-just-works.solid.community/public/Kingsley-Test/. Next Steps: Repeating with different WebIDs deployed via OIDC-pod and verifying ACLs etc. |
Give me a few minutes, I am repeating using other WebIDs. |
Please add https://kidehen7.solid.openlinksw.com:8444/profile/card#me to <#RWWCrew> acl. Right now I get 403 (which is consistent with current ACL state). Revised ACL should be:
Added new WebID. |
Okay, I have https://kidehen7.solid.openlinksw.com:8444/public/ up now. ACLs testing passes, but there is still a subtle problem with logging in an out. Right now, I have to manually remove data from local storage to ensure my logout-login sequence is clean re. current identity. In my case, our use of an icon to display current WebID helped me, but for others it will be a problem if they don't have their browser inspector window running while testing. This issue can be closed, but there is another taking shape re item above. |
The logout thing seems like a bug. An auth client should be clearing local storage on logout. |
solid-auth-client is not forgetting my prior credentials, even when I remove them manually from my browser via its inspector utility . |
No description provided.
The text was updated successfully, but these errors were encountered: