josephguillaume
commented
1 year ago New plan is that pos-app takes the attributes redirectUrl and clientId, and sets them as properties on os.session.
os.session.login is changed to use these values. Code will also need handling of missing attributes, and decisions about names for localStorage items:
async function login(oidcIssuer) {
localStorage.setItem(this.clientId, oidcIssuer);
localStorage.setItem(KEY_CURRENT_URL, window.location.href);
return this.session.login({
oidcIssuer,
redirectUrl: this.redirectUrl,
clientId: this.clientId
});
}
async function logout() {
localStorage.removeItem(this.clientId);
return this.session.logout();
}No change is needed to the login component.
Currently PodOS uses dynamic registration, which runs into the issues with solid-client-authn-js documented in https://github.com/pod-os/PodOS/issues/8
I have established that with some relatively minor changes to solid-client-authn-js a static client (using a client identifier document) is able to restore its previous session without interfering with a client on the same domain that is using dynamic registration.
redirect_uris.As a first step, PodOS needs to allow
clientIdto be specified at least in: 1) login in core https://github.com/pod-os/PodOS/blob/19b8fab8cd0167e5a53b0b971ea228accf1b65a8/core/src/authentication/index.ts#L37-L41 2) The corresponding call inpos-loginhttps://github.com/pod-os/PodOS/blob/19b8fab8cd0167e5a53b0b971ea228accf1b65a8/elements/src/components/pos-login/pos-login.tsx#L26In order for the user to be able to provide their client identifier document to the login component, it appears it would make sense to add a
clientIdprop topos-login.To include the clientId in the netlify version, it may also need to be a prop inpos-app-browserand in the Makefile. https://github.com/pod-os/PodOS/blob/19b8fab8cd0167e5a53b0b971ea228accf1b65a8/apps/Makefile#L2