angelo-v
commented
2 years ago @ewingson I don't see how we are using legacy auth in WebClip, since we are already using the inrupt library. Can you elaborate? How did WebClip make it on that list?
Closed ewingson closed 2 years ago
angelo-v
commented
2 years ago @ewingson I don't see how we are using legacy auth in WebClip, since we are already using the inrupt library. Can you elaborate? How did WebClip make it on that list?
ewingson
commented
2 years ago Hallo @angelo-v .
@bourgeoa and me were following the DPoP mechanism. so I tried to login with an CSS instance. ich dachte dann, wenn CSS login klappt, positiv, sonst negativ. kann man sich mit dem Pod Provider seiner Wahl bei Webclip einloggen ? sorry, wenn DPoP funktionieren würde, werde ich die Liste sofort aktualisieren.
angelo-v
commented
2 years ago You have to visit the plugin options page to enter a provider URL. It works with CSS, we are regularly are testing it with that.
ewingson
commented
2 years ago sorry for the inconvenience. so I set Webclip to "yes" and take molid off the list, is that okay ?
angelo-v
commented
2 years ago No problem, thanks to you for testing all the apps. In this case it is just a false positive I guess, so I will close this issue and you can change the list as you said.
Solid recently had an update from legacy auth to the use of DPoP auth.
We noticed that your app still is using the old auth.
We'd like to encourage you to switch to the new auth using the Demonstrating Proof of Posession technology.
Our motivation for the update was using the standard OIDC-way.
Javascript libraries using the new authentication methods include :
Some simple examples of javascript app using the DPoP auth can be found here
The list of apps using the new DPoP authorization can be followed here dpop-status.
Just let us know if we can assist you on switching your app at https://gitter.im/solid/app-development or https://forum.solidproject.org
From solid team