Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Popup login does not allow giving a domain access rights #175

Open
navaronbracke opened this issue Dec 16, 2020 · 3 comments
Open

Popup login does not allow giving a domain access rights #175

navaronbracke opened this issue Dec 16, 2020 · 3 comments

Comments

@navaronbracke
Copy link

navaronbracke commented Dec 16, 2020
edited
Loading

When using auth.popupLogin({ popupUri });, the user does not get the option to set the access rights for the current domain url.

Actual

When logging in the popup asks the user for his credentials, logs in and closes.

However, the domain url does not become a trustedApp entry in the user's profile, despite the docs stating that the login automatically registers the app.

The docs state the following: SolidAuthClient automatically registers your OIDC client application if it is unknown to the authorization server, following the registration request spec. Does this have anything to do with the above, or am I mistaken?

Expected

The first login on a new domain (e.g. https://myhost.com) should log the user in and add a http://www.w3.org/ns/auth/acl/trustedApp entry in the user's profile.

The user should be able to select which permissions the domain gets (a combination of Read, Write, Append,Control).
This should preferably happen in a second panel within the open popup.

Reproduction steps

Before you start, verify that the domain that is about to be tested is not a trusted app in your profile document.

Create a new javascript app (standard index.html with a button for logging in. Serving with localhost should suffice).

Call await auth.popupLogin({ popupUri }); where popupUri is an Identity Provider's popup url.
For instance https://inrupt.net/common/popup.html.

Enter your Solid account credentials and log in.

Observe that the login succeeds & the popup closes.

The domain is still not under trustedApps in your Solid profile document.
The popup never gave the user the option to set the permissions for the domain.
@bourgeoa
Copy link
Member

Yes that's true. But the app you are using is https://inrupt.net/common/popup.html and https://inrupt.net should be added to the trusted apps if it was not in the list.

@navaronbracke
Copy link
Author

Thus I have to use my own popup file? E.g. https://myhost.com/common/popup.html ?
Secondly, https://inrupt.net never ends up in the list of trusted apps. It's always an empty list.
That also does not address the fact that the domain I run my application on, does not become a trusted app.

@pheyvaer
Copy link
Contributor

pheyvaer commented Jan 5, 2021

I have the same issue. I would also expect for my app to be added, because it's my app that will be adding data to the POD.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bourgeoa @pheyvaer @navaronbracke