Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • May 27 06:08
    User @Mitzi-Laszlo unbanned @in1t3r
  • May 23 06:49
    @Mitzi-Laszlo banned @in1t3r
  • May 16 09:49
    @Mitzi-Laszlo banned @mediaprophet
  • Feb 01 22:04
    User @melvincarvalho unbanned @namedgraph_twitter
  • Feb 01 21:49
    @melvincarvalho banned @namedgraph_twitter
Stefan Junker
@steveeJ
I'm currently writing a client library in rust. having the opposite side's functionality available in the same language would allow for really neat testing :-)
Dmitri Zagidulin
@dmitrizagidulin
@steveeJ - both good questions. So, no, in this case, by 'refresh tokens' I just mean regular OpenID Connect refresh tokens (to be used with the Authorization Code flow).
as far as scopes and sharing permissions - so right now we're not using scopes for anything. but we're discussing (in the authorization panel https://github.com/solid/authorization-and-access-control-panel ) some ways they might be used
@steveeJ also, heads up, there's going to be some proposed changes, for the next version of WebID-OIDC, in the coming weeks
Jordan Shurmer
@JordanShurmer
@steveeJ I'm familiar with the protocol at a very high level :) I definitely welcome any contribution to the solid-rust server!
Jordan Shurmer
@JordanShurmer
that's cool that you're doing a client lib for it in rust. Ultimately I want to make the whole Pod management UI logic in Rust for the solid-rust server :)
Stefan Junker
@steveeJ
@dmitrizagidulin how's the refresh token related to the pop token used in here? https://github.com/solid/solid-auth-client/blob/e8985ae3678969ae0c63fbf3959512629f8685f6/src/webid-oidc.js#L236
Jules Cole
@Julian-Cole
@theWebalyst re- data discoverability. Sometimes human interaction with complex systems can often be made easier by using elements that humans can easily relate to for example, “desktops”, “folders” “shopping baskets” etc. Adding labels as is proposed in Safe to images is useful for searching but it doesn't establish any boundaries / permissions by default; but say If I created a generic ontology set that described my pod as a basic virtual home of sorts; if I invited you in to my pod it could be assumed what you could and could not see by default; perhaps you can see my photo's / certificates on the wall and a photo album on my table etc but you wouldn't be able to walk into my garage and see the personal projects i'm working on; I could could even add a note on the fridge so you'd be able to take a look around yourself and find my photo albums, projects etc.
Dmitri Zagidulin
@dmitrizagidulin
@steveeJ - pop tokens are orthogonal/unrelated to refresh tokens. Refresh tokens are a mechanism to control the lifetime of an access token. Pop tokens are a way to securely re-use an authentication credential among several resource servers.
Mark Hughes (happybeing)
@theWebalyst
@Julian-Cole I agree. The labels idea is intended more for discovery and also to be automatically added where possible. Containers and folders will still exist and users may wish to ignore labels, and won't be required to add them. For example can be added according to RDF based metadata, MIME type, file extension etc. One key reason for including them is to make data produced by one app easily discoverable by another, avoiding the need to search across all the user's folders for example. So a photo gallery and other photo related apps would easily find all files labelled 'photo' whether copied, uploaded or generated by a camera app. And permissions could be managed based on location and/or label. You could use labels to extend the folders Morrill to things like 'stuck on my fridge' etc. I also think that labels being a marker for something in an RDF ontology is a good idea and have suggested this.
Stefan Junker
@steveeJ
@dmitrizagidulin I see. I'm just (and still) curious about the code I linked. it has a comment about deriving the pop token from the id token. yet you, and all the docs I've read so far, regard the access token as the credential. this is probably a terminology issue, but I might also have a misunderstanding about the auth flow webid-oidc is assuming
Jordan Shurmer
@JordanShurmer
responding to the "labels" discussion:
Is the "type index" stuff sill going to be part of Solid going forward? That's the current data discovery mechanism..
Mark Hughes (happybeing)
@theWebalyst
@JordanShurmer Do you have any refs to that, I don't remember reading about it?
Mark Hughes (happybeing)
@theWebalyst
Excellent :+1: very relevant.
Dmitri Zagidulin
@dmitrizagidulin
@steveeJ great point. it's a terminology issue, yeah, and one we'll be clarifying in this week & next, in the new version of the spec.
Stefan Junker
@steveeJ
@dmitrizagidulin very nice, I'm looking forward to reading more about it! thanks for the heads up
Mitzi László
@Mitzi-Laszlo
Hi all, tomorrow there was a Solid Weekly call set up at 1600 CET but I won't be able to host, unfortunately so will need to cancel. The next Solid weekly call is set for the 12th at 1000 CET.
Jules Cole
@Julian-Cole
A little while back when i was working on a Solid social demo app I came across a problem where I wanted to allow users to post images; but the problem was most images etc can be pretty big, 3k+ pixels, and a friend viewing a long post that contained lots of raw images uploaded / pulled directly from the a pod would really struggle on say a phone / tablet device; a solution to this is to use web-assembly (wasm) here's a demo http://nodeca.github.io/pica/demo/ this client-side web-assembly demo can resize a large (3k) image pretty well, and even using a nice image resampling filter like Lanczos. So, if you need some extra speed / features in your client-side js code you might want to look into wasm.
Alejandro Juan Garcia
@alexcorvis84
@Julian-Cole love the sample image showed :wink:
Stefan Junker
@steveeJ
@Julian-Cole what do you think of sending the WASM code to the pod server and having it applied to the image before download?
Tim Berners-Lee
@timbl
@julian-cole That sort of thing is certainly interesting for photo management etc — generating thumbnails of every photo the user stores. As everything has to happen on the client side with solid.
Jules Cole
@Julian-Cole
Hi @steveeJ I wouldn't be inclined to do that, instead I would try and keep as much as possible client-side, the logical place would be to add it to the solid-file-client and expose some image params. If you wrote a wasm importer for solid-file-client you could potentially parse a zip file and import data from other social sites, or perhaps parse common data files / file formats straight into RDF files etc , and all client-side.
@timbl yes it would; here's a little demo I found with some common image filter effects using wasm. https://silvia-odwyer.github.io/photon/demo.html
Stefan Junker
@steveeJ
@Julian-Cole the pod server could also fetch linked WASM scripts from other pods to exchange such functionality ;-) everything is possible really. I'd rather see image processing on the server-side, except if it's using heavily optimized code which targets specific mobile hardware
Jules Cole
@Julian-Cole
@steveeJ re- server-side vs client-side; what advantages would you have server-side over client-side?
Jim Spring
@jmspring
@steveeJ - I don’t think a pod fetching linked code to execute arbitrarily is the best in terms of security.
I’ve been reading through ldp servers, rdf discussions and related things. And there has been discussions of sharing data, but to the point of “running code”, are there references to mechanisms (maybe even smart contracts / brokers) for automating the sharing of subsections of data? Add to that the ability (be it in RDF/etc) revoking that specific sharing.
Altynbek Orumbayev
@aorumbayev
Hi all, quick question.
Does the ability to listen for changes in RDF resources inside solid pods on node-solid-server instances using web sockets is considered to be a part of solid specification or this is rather a bonus feature derived by contributors of node-solid-server?
Han Su
@suhan1996
Do you guys have any good bookmark app examples?
Alejandro Juan Garcia
@alexcorvis84
for anyone that speaks Spanish. I’ve created a thread on Twitter about Solid with some useful links (like talks, tutorials or info). I published it because i was not able to find too much information (in Spanish) regarding the project. Hope you like it -> https://twitter.com/AlexCorvis84/status/1203764300793499654?s=20
it might help you
Sarven Capadisli
@csarven
@suhan1996 https://dokie.li/ has a feature to create inline annotations ie. any specific selection in a document, with the "bookmarking" motivation.
There is also a mark-book app: https://markbook.org/
Vincent
@Vinnl_gitlab
@suhan1996 There's both Markbook (source code) and Poddit (source code) - they're compatible with each other, but neither has been touched in a while, as far as I'm aware
Sarven Capadisli
@csarven
I didnt know about poddit. is it also document level?
Vincent
@Vinnl_gitlab
Not sure what you mean by document-level, @csarven, but it uses the exact same data format as Markbook
Sarven Capadisli
@csarven
I suppose you can input any HTTP URI.
I meant more like text selection at a URL as opposed to URL entry.
bookmarking in dokieli is a text quote selector based annotation with a particular motivation.
there is also the text quote selector as a URI but that doesn't get stored anywhere.. client sees the URI updated in the addressbar.
Sarven Capadisli
@csarven
Vincent
@Vinnl_gitlab
Ah, I think I see what you mean. Bookmarks in Poddit (and Markbook) are more like a web browser's bookmarks, rather than annotations on a document
Stefan Junker
@steveeJ

@steveeJ re- server-side vs client-side; what advantages would you have server-side over client-side?

it could save resources where they are limited, e.g. on mobile devices. in your example we'd compare transferring a large file only to scale it down vs transferring a smaller file

I’ve been reading through ldp servers, rdf discussions and related things. And there has been discussions of sharing data, but to the point of “running code”, are there references to mechanisms (maybe even smart contracts / brokers) for automating the sharing of subsections of data? Add to that the ability (be it in RDF/etc) revoking that specific sharing.

a simple solution would be to require the binary to be signed with a key your pod trusts. also limiting the capabilities of specific binaries can be done. by default, WASM applications can't access the host so they would only be able to do what the chosen WASM runtime enables it do. the WASI standard uses a capability model to provide host/app communication.

Jules Cole
@Julian-Cole
@steveeJ not sure what you mean; if you say you prefer server-side you would have to transfer the full res photo from the client to the server for resizing and on my phone that would be roughly 3.8Mb. Now if you used wasm client-side to resample that image to possibly 3 target sizes for desktop / tablet and mobile, you would be looking at 1.3Mb for the set of 3 and that includes using generous low compress jpgs (photoshop 12 qual) and an icc profile each; Using full-res uploads for 6 images uploaded to you social site you'd be looking at a payload of 22Mb for mobile users. (too much IMO) a nice solution would be to resize the full res to desktop, then ask the server-side to create the tablet / phone versions, that way you'd only need to send a 675kb image payload.
Stefan Junker
@steveeJ

@steveeJ not sure what you mean; if you say you prefer server-side you would have to transfer the full res photo from the client to the server for resizing and on my phone that would be roughly 3.8Mb. Now if you used wasm client-side to resample that image to possibly 3 target sizes for desktop / tablet and mobile, you would be looking at 1.3Mb for the set of 3 and that includes using generous low compress jpgs (photoshop 12 qual) and an icc profile each; Using full-res uploads for 6 images uploaded to you social site you'd be looking at a payload of 22Mb for mobile users. (too much IMO) a nice solution would be to resize the full res to desktop, then ask the server-side to create the tablet / phone versions, that way you'd only need to send a 675kb image payload.

@Julian-Cole aha, I understood that in your original scenario the pod has the full-version stored, the mobile device downloads it and applies the WASM script to it locally. thanks for clarifying

Stefan Junker
@steveeJ
@Julian-Cole could you explain your scenario (again) ;-) are the files you want to process using WASM produced on the client and shall be immediately processed before sending to the pod? are they not sent to the pod at all?
Jules Cole
@Julian-Cole
@steveeJ my hypothetical scenario is.. a user is out on a sightseeing trip and they take 6 full-res photo's with their mobile phone; then they want to share these pics with their friends and family using a solid social app on their phone; they are also on a limited data usage plan with their phone provider. ;)