Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • May 16 14:43
    elf-pavlik opened #216
  • May 16 14:43

    elf-pavlik on minutes-2022-05-16

    minutes 2022-05-16 (compare)

  • May 12 12:06
    NSeydoux opened #215
  • May 04 12:24

    elf-pavlik on main

    Create 2022-04-25.md Apply suggestions from code rev… Apply suggestions from code rev… and 1 more (compare)

  • May 04 12:24
    elf-pavlik closed #213
  • May 04 12:24
    elf-pavlik synchronize #213
  • May 04 12:23
    elf-pavlik synchronize #213
  • May 03 12:05

    elf-pavlik on meeting-minutes-05-02

    (compare)

  • May 03 12:05

    elf-pavlik on main

    Add meeting minutes from 2 May … Apply suggestions from code rev… Minor correction and 1 more (compare)

  • May 03 12:05
    elf-pavlik closed #214
  • May 02 16:00
    acoburn synchronize #214
  • May 02 16:00

    acoburn on meeting-minutes-05-02

    Minor correction (compare)

  • May 02 15:59

    acoburn on meeting-minutes-05-02

    Apply suggestions from code rev… (compare)

  • May 02 15:59
    acoburn synchronize #214
  • May 02 15:31
    acoburn opened #214
  • May 02 15:31

    acoburn on meeting-minutes-05-02

    Add meeting minutes from 2 May … (compare)

  • Apr 26 20:16
    NSeydoux opened #213
  • Apr 06 12:19

    elf-pavlik on main

    Create 2022-04-04.md Apply suggestions from code rev… Merge pull request #212 from NS… (compare)

  • Apr 06 12:19
    elf-pavlik closed #212
  • Apr 06 12:19
    elf-pavlik synchronize #212
matrixbot
@matrixbot
aveltens at least this is what worked for me. But I am no expert in Solid-OIDC, so anybody please feel free to correct or complement me
naturzukunft
@naturzukunft_gitlab

so if i understand you correct, that it is:

curl --location --request POST 'https://solidcommunity.net/authorize' \
--header 'Content-Type: application/json' \
--data-raw '{
"response_type":"code",
"client_id":"2ee6e1aebef0f7491462242faa45fd0b",
"scope":"openid",
"redirect_uri":"https://app.example/oidc_callback"
}
'
with this request here, i get the login HTML site. That is maybe correct, but i don't want to run in the browser ;-(

Aaron Coburn
@acoburn
With authorization code flow, a browser will need to be involved at some point. What might work for you is to request a scope of “openid offline_access” (provided that the identity server supports this scope). This will still involve an initial browser-based login process, but the token endpoint will deliver a refresh token. That refresh token can then be used indefinitely without any further browser interaction.
Sarven Capadisli
@csarven

Proposing agenda item for the next meeting (today): https://github.com/WICG/WebID/issues/41#issuecomment-716446481 (see rest of the repo for details on WICG's WebID re authentication space). There is a TPAC breakout session on WICG/WebID: https://www.w3.org/2020/10/TPAC/breakout-schedule.html#webid .

As said, we (Solid CG) should identify areas where they may be synergy with the WICG looking into "WebID".

Sarven Capadisli
@csarven
^ @acoburn @bblfish
Dmitri Zagidulin
@dmitrizagidulin
(oh eep, I just realized the Secure Data Storage WG breakout is right during the Authn Panel call today!)
Dmitri Zagidulin
@dmitrizagidulin
@csarven I talked to Sam Goto (the Chrome dev team guy behind WICG/WebID) this past week at IIW. Seems like a really great project (aside from unfortunate name collision :) ), potentially very helpful to Solid & solid auth. Also a lot of overlap with the Credential Handler API (CHAPI) wallet work
elf Pavlik
@elf-pavlik
I racall Sam Goto leading work on Schema.org Actions many years ago http://blog.schema.org/2014/04/announcing-schemaorg-actions.html I guess he should be familiar with structured data.
At the end of last week's meeting we already created pad for today's agenda: https://hackmd.io/NttcxtwiQGawjki8yGDTkA
q+ re :point_up:
elf Pavlik
@elf-pavlik
q+ to add access scenarios which don't require webid
Aaron Coburn
@acoburn
+1 on proposing a PR (or proposing solutions in an issue)
Sarven Capadisli
@csarven
Is the rpimer rendered somewhere?
Dmitri Zagidulin
@dmitrizagidulin
has the meeting link changed?
Sarven Capadisli
@csarven
having bikeshed / syntax highlighting errror
Dmitri Zagidulin
@dmitrizagidulin
(was trying the usual inrupt/webex link, doesn't seem to be working?)
Aaron Coburn
@acoburn
@dmitrizagidulin we finished a few minutes early
Dmitri Zagidulin
@dmitrizagidulin
ah ok whew :)
thanks
Justin Bingham
@justinwb
git action probably needs a slight tweak to pickup and render any .bs
Matthieu Bosquet
@matthieubosquet
@csarven https://solid.github.io/authentication-panel/solid-oidc/primer.html
I tweaked the GitHub actions as part of the pull request.
Sarven Capadisli
@csarven
Thanks!
Dmitri Zagidulin
@dmitrizagidulin
@csarven well written & nicely phrased!
Sarven Capadisli
@csarven

The name collision is significant but a temporary issue if addressed soon. This is where communities acting in good faith goes a long way.

A much bigger and a long-term issue is communities addressing similar problems/needs re Web identifiers (and linked identities) and authentication - at least the rough bits right now if we compare their notes with ours. Soon enough it will affect authorization, payments...

This is all part of a broad and complicated discussion involving different communities with their preferred stuff. And, it is in the camp of age old issues eg. identity in the browser, formats, .. through OWP.

I suggest that we identify areas where synergy may - should! - be possible. Components/mechanisms that UAs can handle natively or provide good support would be preferable than using/injecting separate libraries/systems. (Related obvious example: it doesn't take much to know that browsers natively handling RDF parsing/serializing would make things heck of a lot simpler/better for developers and end-users than...)

Perhaps we need an issue on this in solid/specification or solid/authentication-panel ... but first I suggest that we review their WIP, come up with the overlap/delta.. and discuss with WICG. Relatively simple: Could/Will they use RWW/Solid's WebID? Same same but different? (Their examples seems to be using domains or emails, and seems to have room for DIDs... so WebID can also be part of the picture) Complex: authentication.. what does that entail for the Solid ecosystem? Obviously we don't want to be in a situation where browsers natively do something similar to what Solid proposes. If sufficiently compatible, it'll be easy to transition I presume, but my concern is that we should not end up in that situation, if we take the right steps, now.

elf Pavlik
@elf-pavlik
@/all hi, i've just created pad for today: https://hackmd.io/Ak2k9kX3T4qjp0tr5Ndp1w
AFAIK we didn't have any existing agenda for today
Aaron Coburn
@acoburn
I will have to miss the first half of the meeting
Dmitri Zagidulin
@dmitrizagidulin
regrets for today's meeting (have to miss it due to TPAC DID day)
elf Pavlik
@elf-pavlik
Actually I didn't have chance to make my PR addressing #60, should we just skip the call today?
I will dial in anyways but possibly we'll just pick things up next week
Justin Bingham
@justinwb
AFAIK #60 is the primary focus - +1 to skip if there aren’t other agenda items and #60 isn’t ready to review
anyone have other agenda items?
Sarven Capadisli
@csarven
Not super urgent.. but we should gather sometime soon (if not today, next week) and have a common understanding/plan re WebID/authn dev across communities (above).
Justin Bingham
@justinwb
okay @elf-pavlik want to add #60 and that topic from @csarven to next week’s agenda then?
elf Pavlik
@elf-pavlik
@csarven should we just close #71 ?
@justinwb I've just made direct commit with netlify setup, as well as moved primer to dedicated directory in proposals to have the same setup across all the repos, could you please enable netlify previes for this repo as well ?
Justin Bingham
@justinwb
yup i’ll get to that tonight - will do the same on authz panel too
Sarven Capadisli
@csarven
@elf-pavlik Yea.
Will that netfly thing include their blurb in the spec? I think it was mentioned in one of the calls.. is that still a thing or a nonissue?
elf Pavlik
@elf-pavlik
We ended up just using regular free account registered with email @solidproject.org, this doesn't require any attribution to netlify
Justin Bingham
@justinwb
@elf-pavlik netlify should be enabled now for authentication panel PRs to proposals/
naturzukunft
@naturzukunft_gitlab
Hi there, if i get the openid-configuration with: https://solidcommunity.net/.well-known/openid-configuration
i get the userinfo_endpoint: https://solidcommunity.net/userinfo
But if i call the https://solidcommunity.net/userinfo i get an time out.
Any Idea ?
naturzukunft
@naturzukunft_gitlab
ok, seems to be not supported in that way:
It's also worth mentioning that while traditional OpenID Connect use cases are concerned with retrieving user-related claims from UserInfo endpoints, most WebID based systems replace the UserInfo mechanism with the contents of WebID Profile documents.
Aaron Coburn
@acoburn
@naturzukunft_gitlab I do not believe that NSS supports the userinfo endpoint. You may want to bring this up with the maintainers of that codebase
naturzukunft
@naturzukunft_gitlab
@acoburn my sample is now workingt without the userinfo enpoint. As result I anyway get the web-Id . So i'm able to get the data of the user, if his fine with that.
https://github.com/naturzukunft/keycloak-springsecurity5-sample
thanks !
elf Pavlik
@elf-pavlik
I hope this gives us enough of a reference to discuss it next Monday solid/authentication-panel#94