Closed jermnelson closed 5 years ago
jmartin-sul
commented
5 years ago see also #42. not sure if this is a duplicate of that? that ticket is really just about "given the webid, write some JS client code to update an ACL", but there's also the obtaining-the-webID part, which this ticket title touches on more.
jmartin-sul
commented
5 years ago per this trellis documentation, we'll want to do this by passing the entire JWT to trellis in the auth header:
A JWT token appears in a header as:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ3ZWJpZCI6Imh0dHA6Ly9leGFtcGxlLmNvbS91c2VyIn0.YyVrlxXVQXFtg6euOl7I1GTMwdm7SiHcIZb6L0brBqI
trellis is then configured to decode and validate the JWT, and to use the webID provided therein if the JWT is valid.
see also: https://github.com/trellis-ldp/trellis/tree/master/auth/oauth https://github.com/trellis-ldp/trellis/wiki/App-Configuration-Guide https://github.com/LD4P/sinopia_server/issues/70
jmartin-sul
commented
5 years ago due to slowly shifting title, it seems i accidentally repurposed what started out as an ACL update ticket, and turned it into something about generally passing the JWT to trellis.
i'll open a new ticket for the latter issue (what my last comment was about).
since it seems like #42 adequately captured the beginnings of our ACL editing work, i'm just going to close this ticket.
jmartin-sul
commented
5 years ago feel free to reopen and edit if i got this wrong.
For a resource stored in Trellis, store a user's WebID in a Group container's ACL,this issue was (i think) initially a sort of conflation of: authenticate a user, make sure they're authorized to do ACL updates, do the ACL update
those separate things are now captured in other tickets and their follow on tickets (#42, #71, #70).