WS should be authenticated with ACL

[nicola]

Was nodeSolidServer/node-solid-server#143

[michielbdejong]

The client should probably provide the user credentials in the upgrade request.
Connecting should probably never fail.
Notifications should only be sent to authenticated users who are subscribed to a (parent-)folder containing that item, and currently have read-access to the changed item.
Maybe, subscribing to a folder to which the user has no read access should already fail with an error if the user does not have read access to the folder at that time, since the user would not receive any notifications unless the ACLs change during the period the WebSocket connection is active.

[michielbdejong]

As a first step, I'll try to restrict updates to public files when connected without credentials.

[michielbdejong]

I'm now (finally) working on a fix for this, see https://github.com/solid/specification/issues/52#issuecomment-682491952

I plan to finish this in October 2020 as part of my EU-funded solid-crud-tests milestone (will update this comment if that estimate changes).

[michielbdejong]

@jaxoncreed as discussed in the Solid OS call today, would it make sense to add a WebSockets client into ISCAJ? How can we coordinate that between the two of us?

[michielbdejong]

CC @Vinnl