Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Aug 11 20:52
    @RubenVerborgh banned @mikeadams1
Joachim Van Herwegen
@joachimvh

@elf-pavlik To give you an overview, the OIDC/IDP component was originally written by Jackson and Matthieu, with a lot of the heavy lifting being done by the node-oidc-provider library. Afterwards I have made several changes based on issues and extra features. So if a new feature needs to be added it would probably be done by me, but my OIDC knowledge is mostly based on the issues I encountered and conversations I had with @matthieubosquet so is definitely not comprehensive.

I can join such a meeting though, just not sure what level of OIDC spec knowledge is required to have a valuable discussion :D

elf Pavlik
@elf-pavlik
Thank you @joachimvh Now I know who to ask questions and I can always check relevant details directly in the codebase :eyes:
Aaron Coburn
@acoburn
@joachimvh the most relevant specification for this conversation is OAuth2. But there is a high-level discussion to be had that will be somewhat independent of the arcane details of those specifications. IOW, you will surely be able to provide valuable insight from the CSS perspective.
Matthias Evering
@ewingson
@jeff-zucker @RubenVerborgh @joachimvh have I tracked down this right https://github.com/solid/community-server-recipes/blob/main/mashlib/config-mashlib.json#L59 that needs work for mashlib as default for CSS ?
Jeff Zucker
@jeff-zucker
@ewingson - yes, I used a modified version of that.
Matthias Evering
@ewingson
okay, then I'm not nuts ;-) can I help you testing ?
Jeff Zucker
@jeff-zucker
Except, I removed line #59 and relied instead on solid-client-authn-browser which is imported in mashlib and doesn't need to be imported here.
Matthias Evering
@ewingson
will you give me a green lantern if I can use some recipe for production ?
Jeff Zucker
@jeff-zucker
That one for mashlib is very close
You could probably use it as-is with the new mashlib
Matthias Evering
@ewingson
I don't have SolidOS on the production machine, just CSS
hmm in the meantime... as much as I caught up I will wait for a recipe
Jeff Zucker
@jeff-zucker
A recipe is not what is missing, you pointed to it above.
Matthias Evering
@ewingson
hmm help me understand.. I omit Line 59 and do what exactly ?
Jeff Zucker
@jeff-zucker
You use that for your config instead of file.json and install mashlib
Matthias Evering
@ewingson
per npm ?
Jeff Zucker
@jeff-zucker
you can use the npm for mashlib@1.7.5-alpha or wait a week or so until it goes out of alpha into production
I will give you the green light when that is ready, I'm just saying it's not the recipe part you need to wait for
Matthias Evering
@ewingson
I'll wait and I delete Line 59 cause that uses solid-auth-client ?
Jeff Zucker
@jeff-zucker
Right. Though that line doesn't actually use solid-auth-client, it just says "if someone asks for solid-auth-client, this is where to find it. The line has no impact on the new mashlib or its authn system
I can submit a PR to remove that from the CSS mashlib recipe when the new mashlib is ready
Matthias Evering
@ewingson
and that line would open a popup which is done otherwise with an redirect through the new authn-upgrade ? that direction ?
Jeff Zucker
@jeff-zucker
No, that line does not do anything but give the location of solid-auth-client so that if some app imports it, it will find it; Yes the new mashlib will handle authn via a redirect, not a popup.
ch1ch0gz
@ch1ch0gz
Hi, not sure if someone has already asked this here, so apologies in advance, just joined this chat.
I am trying to check out the new CSS on my own server. I can run it locally but not on a specific URL. I could not find in README how to do it? I already tried --baseUrl. -b parameter.
Are there any extra steps?I get a :
image.png
11 replies
ch1ch0gz
@ch1ch0gz
When you install the CSS in your server, where are the created pods stored? I memory? I do not seem to find them.
Jeff Zucker
@jeff-zucker
@ch1ch0gz if you start the server without specifying one of the configs, it is all in-memory; use -c @css:config/file.json -f rootFilePath when you start. The -c tells CSS to store in files, the -f tells it where to store those files
ch1ch0gz
@ch1ch0gz
I will try that, thanks!
Matthias Evering
@ewingson
am I right, when in production to use -b flag instead of -f ?
Jeff Zucker
@jeff-zucker
@ewingson AFAIK -b should be used in addition to, not instead of -f. The baseUrl (-b) is the URL that outside clients will contact. The rootFilePath (-f) is the path on the server where files will be stored.
Jeff Zucker
@jeff-zucker
^^ -f assumes you want to store data in files, there are other options
Matthias Evering
@ewingson
I guess that would be the -f webroot then ?
Jeff Zucker
@jeff-zucker
If webroot is the container on your server where data is stored, yes
ch1ch0gz
@ch1ch0gz
When using Penny I seem to have access to the pod root directory...which allows me to see all the pods available in my CSS...Is that normal? Also what are the idp and locks folders?
ch1ch0gz
@ch1ch0gz
Additionally, how can I enable and send a query using the sparql endpoint in CSS?
Joachim Van Herwegen
@joachimvh
@ch1ch0gz the /index.html in the root container contains some more information, by default the root /.acl allows access to everyone so that needs to be changed if you don't want that
the idp and locks folders are for internal data, we're looking into making sure those are hidden in the future
CSS itself does not provide support (yet?) for sending SPARQL queries. It simply allows you to use a sparql endpoint for storing the Solid data. If you want to send queries you'll have to send them to the endpoint directly
Ruben Verborgh
@RubenVerborgh
@ch1ch0gz Plus, if the folder you start the server from contains an .acl file, or if you would edit the created .acl, then you can set permissions any way you want (even before starting the server)
ch1ch0gz
@ch1ch0gz
@RubenVerborgh @joachimvh . Thanks for the answers.
ch1ch0gz
@ch1ch0gz
@joachimvh I have been trying to run the CSS as per your solution https://gist.github.com/joachimvh/da75e1239fb026db0b3375ded505b21f
community-solid-server --baseUrl https://dev.ideniox.com -c @css:config/sparql-endpoint.json -f /var/www/css -s http://dev.ideniox.com:8890/sparql
But it seems that if add the sparwl-endpoint.json, then -f /var/www/css is completely ignored...
ch1ch0gz
@ch1ch0gz
To make it clearer I want to be able to store data either on the file system and or on the backend.
ch1ch0gz
@ch1ch0gz
currently I get a "No ACL document found for root container" when trying to log in...
Jeff Zucker
@jeff-zucker
does /var/www/css/.acl exist? If not, copy one there from the templates/root folder of CSS
ch1ch0gz
@ch1ch0gz
it does exists and I also tried copying from the template
Joachim Van Herwegen
@joachimvh
@ch1ch0gz did you use the config from the first comment or the third comment in the gist? Because there was an issue with the one in the first comment (that causes that specific error)
the way that config is written the acl resources would be stored in the sparql endpoint, not the file system. The file system is only used for some internal data management of the server
13 replies
Matthias Evering
@ewingson
@joachimvh can you have a look at https://gist.github.com/ewingson/ec12d9a85744428d8d68816408287ae3 (the CSS config section) ? in particular if a config location starts with / ? is that seen from the CSS directory or the file system root ? @jeff-zucker gave me the hint to store the config outside of the CSS location, because otherwise it wouldn't survive a potential update... do you think that config would work ? (will go into production when we have production mashlib) .... thanx
7 replies
Theo
@joeitu

Hello,

As part of my CS master thesis, I will work on the deployment of a CSS instance at CERN.

With Maria, we established two main features to work on: the integration of a UI and the integration of an SSO login.

To make my thesis valid toward my university, I must: ① "make something new" like writing a new piece of software ② be able to measure its success ( for eg. through tests or interviews)

I would like to ask the CSS developers two things: First, do you have some pointers on what I could work on regrading the UI and/or the SSO integration that could meet my university requirement. Secondly, considering the 3.5 month timeframe that I have, do you believe both (SSO and UI) are doable or should I focus only on one of them ?

6 replies
Ángel Araya
@angel.araya:matrix.org
[m]

Hi! While writing a custom configuration I'm getting this:

ErrorResourcesContext: Could not find (valid) component types for config "urn:solid-server:default:ResourceStore" among its types, or a requireName

In my config I have this:

    {
      "@id": "urn:solid-server:default:ResourceStore",
      "@type": "DataAccessorBasedStore",
      "DataAccessorBasedStore:_accessor": {
        "@id": "urn:solid-server:default:SqlDataAccessor"
      },
      "DataAccessorBasedStore:_identifierStrategy": {
        "@id": "urn:solid-server:default:IdentifierStrategy"
      },
      "DataAccessorBasedStore:_auxiliaryStrategy": {
        "@id": "urn:solid-server:default:AuxiliaryStrategy"
      }
    },
    {
      "@id": "urn:solid-server:default:SqlDataAccessor",
      "@type": "SqlDataAccessor",
      "SqlDataAccessor:_identifierStrategy": {
        "@id": "urn:solid-server:default:IdentifierStrategy"
      },
      "SqlDataAccessor:_database": {
        "@id": "urn:solid-server:default:Database"
      },
      "SqlDataAccessor:_schema": "public"
    },

The IdentifierStrategy and AuxiliaryStrategy are the default ones. Any ideas? To me it looks like it has all that's needed to create a ResourceStore.