Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test with Solid bot example #76

Open
michielbdejong opened this issue Jun 17, 2022 · 13 comments
Open

Test with Solid bot example #76

michielbdejong opened this issue Jun 17, 2022 · 13 comments

Comments

@michielbdejong
Copy link
Member

I'm trying to use https://github.com/michielbdejong/solid-bot-example
in combination with https://github.com/pdsinterop/solid-nextcloud/blob/main/setup-test-server.sh and debuggin g the errors I run into.
@michielbdejong
Copy link
Member Author

First one:

https://test.server.com/.well-known/openid-configuration redirects to https://test.server.com/apps/solid/openid with a 302 and https://www.npmjs.com/package/openid-client doesn't like that. It wants a 200 response directly.

@michielbdejong
Copy link
Member Author

According to the openid spec

Redirects are allowed in the webfinger part of discovering someone's issuer:
https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery

but we're not allowed to do a redirect in the provider configuration response:
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse

@michielbdejong
Copy link
Member Author

The 302 is coming from https://github.com/pdsinterop/solid-nextcloud/blob/531f6c4/init-live.sh#L6

@michielbdejong
Copy link
Member Author

If I change

-sed -i '96 i\  RewriteRule ^\\.well-known/openid-configuration /apps/solid/openid [R=302,L]' /var/www/html/.htaccess
+sed -i '96 i\  RewriteRule ^\\.well-known/openid-configuration /apps/solid/openid [PT]' /var/www/html/.htaccess

I get a 404 instead of a 302, with a body {"message":"openid-configuration not supported"}
Now trying with [PT,L]

@michielbdejong
Copy link
Member Author

Hm, none of the flag combinations I tried seem to work, even though https://httpd.apache.org/docs/2.4/rewrite/flags.html seems to say it should just work the same way, but with passthrough or proxy instead of redirect.

Will try with https://github.com/pdsinterop/solid-nextcloud/tree/test-server-24 now.

@michielbdejong
Copy link
Member Author

michielbdejong commented Jun 17, 2022
edited
Loading

That fixed it! :) Next error:

request.call https://test.server.com/.well-known/openid-configuration
(node:17930) UnhandledPromiseRejectionWarning: OPError: expected 201 Created, got: 200 OK
    at processResponse (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/openid-client/lib/helpers/process_response.js:41:11)
    at Function.register (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/openid-client/lib/client.js:1460:26)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async ClientRegistrar.getClient (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/@inrupt/solid-client-authn-node/dist/login/oidc/ClientRegistrar.js:44:34)
    at async OidcLoginHandler.handle (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/@inrupt/solid-client-authn-node/dist/login/oidc/OidcLoginHandler.js:23:28)
    at async ClientAuthentication.login (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/@inrupt/solid-client-authn-node/dist/ClientAuthentication.js:13:33)
    at async Session.login (/Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/node_modules/@inrupt/solid-client-authn-node/dist/Session.js:16:31)
    at async /Volumes/Michiel Docker/gh/michielbdejong/solid-bot-example/app.js:45:3

michielbdejong added a commit that referenced this issue Jun 17, 2022
@michielbdejong
ref #76 (comment)
d45c8ab
michielbdejong added a commit that referenced this issue Jun 17, 2022
@michielbdejong
Return 201 on register, ref #76 (comment)
4054bd2
@michielbdejong
Copy link
Member Author

Fixed in the test-server-24 branch. Next error:
When clicking 'Allow' in the NC GUI you don't get redirected back to the app.

@michielbdejong
Copy link
Member Author

The web console shows:

Refused to send form data to 'https://test.server.com/apps/solid/sharing/812ec203ee00103a80d847d7c3d0ace6?returnUrl=/apps/solid/authorize?client_id%3D812ec203ee00103a80d847d7c3d0ace6%26scope%3Dopenid%2520offline_access%2520webid%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fredirect-from-solid-idp%26code_challenge%3De_fCMrHdT4oqMNY_6CgNY6L7dO4Uy9B8Xhi6v_JWMMI%26state%3DNbgUGvU2v2q3UpPpHriCUpZaC73coXOHjVWIp0BNHNM%26code_challenge_method%3DS256%26prompt%3Dconsent' because it violates the following Content Security Policy directive: "form-action 'self' localhost".

@michielbdejong
Copy link
Member Author

It does work correctly when I try to log in to https://noeldemartin.github.io/media-kraken/ with my test server.

@michielbdejong
Copy link
Member Author

Hm, I put the bot example on http://test.server.com:3000 but that didn't help either. Maybe Nextcloud wants the redirect to be https?

@michielbdejong
Copy link
Member Author

@ylebre any idea? (I sent you the test server URL and credentials via Slack)

@michielbdejong
Copy link
Member Author

I saw in the database that it does set the client id to the domain with https, so i'll try if i can get my bot example working if i deploy it to Heroku

@michielbdejong
Copy link
Member Author

Hm, same error when trying to log in to https://solid-bot-example.herokuapp.com/login :(
I'll have to leave it here, will check back when I have time next week...

@Potherca Potherca added this to the v0.8.0 milestone Oct 19, 2022
@Potherca Potherca removed this from the v0.8.0 milestone Jan 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Potherca @michielbdejong