search

solid-contrib / solid-auth-fetcher

A client library for authenticating with Solid
Other
2 stars 7 forks source link

Document the wire protocol #11

Open michielbdejong opened 4 years ago

michielbdejong commented 4 years ago

I added oidc-auth-manager and oidc-op as workspaces in my local mashlib-dev and then added

router.use(function (req, res, next) {
  console.log(req.method, req.url, req.headers)
  next()
})

at this line in node-solid-server.

I can now see that the requests that are made if you run npm run dev-bundle and logging in on http://localhost:3001 are the following:

GET /.well-known/openid-configuration {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
POST /register {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'content-length': '177',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  'content-type': 'application/json',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
GET /authorize?response_type=id_token%20code&redirect_uri=http%3A%2F%2Flocalhost%3A3001%2F&scope=openid%20profile%20offline_access&client_id=8749c78e98c699453ae805ea06be643d&code_challenge_method=S256&code_challenge=GlkUUyaYvDMHMv0xqfPZJqwF-6ixA8XvPKpepfJkYIc&state=global {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'upgrade-insecure-requests': '1',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'navigate',
  'sec-fetch-user': '?1',
  'sec-fetch-dest': 'document',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1',
  cookie: 'nssidp.sid=s%3AgooZCRxsXKq515ixBxD9_0Gtl9y3BShz.GZeU791kz9F%2Fa72Y8FOQO%2BDs3g1Tfh8JRpEjrPNOyNU'
}
  solid:authentication User is already authenticated as https://localhost:8443/profile/card#me +25s
GET /.well-known/openid-configuration {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/?code=af4d61ba90eb3f397045ffe9c66f0575&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlhzMnhtbWkxdzJzIn0.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzIiwiYXVkIjoiODc0OWM3OGU5OGM2OTk0NTNhZTgwNWVhMDZiZTY0M2QiLCJhenAiOiI4NzQ5Yzc4ZTk4YzY5OTQ1M2FlODA1ZWEwNmJlNjQzZCIsInN1YiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMvcHJvZmlsZS9jYXJkI21lIiwiZXhwIjoxNTk2MTA1MjE5LCJpYXQiOjE1OTQ4OTU2MTksImp0aSI6IjJlNWEwN2NjNWFiODU3ZmQiLCJjX2hhc2giOiJlTXpjSE5GdzNJaDRidTBEem02RnhnIn0.e6HtOELpRSU3WNrCMQL-q_1x6dy3WqbQMj0mW9D7Scg_GmG8yH-Gh-77RMaRGOz_SGWC6OUm4lrcDIGabWBVzN017--TPD618oSoqg5PjHedRHA_ObQc73ZjPeUtu50v3RqzLmrK75Uxz1TyHTUbWWAa76jQ0baH1JdhclwoowibgO4ttoXgUAsFuBgiNyQw9R_gB0-gu5wc8f7UtB-tftapu-lGQzOJpUfTpHsgnbYEkx96NgOtD1UmLDZvlHWJm8s0dzaiWP_IAkTdU5rf0fwiAo_QIdQvxPQfHFXfhvoGXb758jyh2gmBEubXvpl5OdZBsuOLm1p0p96fqFF0Rw&state=global',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
POST /token {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'content-length': '183',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  dpop: 'eyJhbGciOiJSUzI1NiIsInR5cCI6ImRwb3Arand0IiwiandrIjp7Imt0eSI6IlJTQSIsImtpZCI6ImxNZmFiNXRQd1FFN0ZlWkU5LW9IdjFSLWxSVzVhc1dURG5XMURhTGZscnMiLCJ1c2UiOiJzaWciLCJhbGciOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJqNHljTHVhUnBWbW9DLTFDMHFrNF9FNmhReUQwbk9kUmpBU29Na1UwZFFlaktUdlNlTGRiV0w2WGoyN1Q5TDRtMml0ZklxWWYwbUZwM3I1WjNvaWhIak44UHhMODAwYmJobVE4MDN2QzFFVWxMV0R5bnNkeWlIRm4weXpWVF90MHBiN0xwejlBb3Q2Yk1HNHV4ZHkxZmRoNVN0SDNkTTdZUzVDTXBFaFVyOGFRdVpod3JPalRlejUtd2c3bFJrOFE2cUFmaGZTTXJPc2w2Y2dSZ0dGZFNoV2hzTURqNU01MXdlMW1TTloxVS1rVVRhbXhxTzV2UmhmUVdXX1hEZHdNTzJHNUQ1YTNwWGkxYWl5WXVDYVJiTVFoUFNoZkFNVDA1S0hjLVNiSkoxQkVvQ2hhZG1QdTRVRXpfT3RjeThEUklIaDdRRjYwb0ZOTkNRUEZLNndMRVEifX0.eyJodHUiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzL3Rva2VuIiwiaHRtIjoiUE9TVCIsImp0aSI6ImI4ZTJlY2M0LWFlNWMtNDBmZC1hODIzLTJmZmQ0NzQ3MzBlMiIsImlhdCI6MTU5NDg5NTYyMSwiZXhwIjoxNTk0ODk5MjIxfQ.hrXdPI_qxOXzCL5NSrGFDv6FPuGIYx9FQMbFKdi0HoPVBXhebhGG0_L0g8fA12wlISB3nQiDQHpA0y0cH8dyhFpDxPU-7F4_KTL8X9pZgofUIo6GUXlLfauzMag4bF5gogKK_iadiCo2oDA0C7r2OpX_NP-drUUJ6RestG4rHGuAOfpHujW6Xr-j226XYtO3z5YU6K5THpH_UHiljRdMQxFhDZVFg9TimP_tOY8LbmAHgX1p5um0BnW3h2MCKG71TgFHXTSqBWSUkKTieLGSLyPUgzMTbxo-T-bxFl7jZhQGtgN3jLQNw_1l8T0sip2o-_6iR8n5Epqs1SSGUOa3RA',
  authorization: 'Basic ODc0OWM3OGU5OGM2OTk0NTNhZTgwNWVhMDZiZTY0M2Q6YzJmMDZmMDA0NWE4MmY3MjNkYTFlM2ZlZTIyNmY3Y2I=',
  'content-type': 'application/x-www-form-urlencoded',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/?code=af4d61ba90eb3f397045ffe9c66f0575&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlhzMnhtbWkxdzJzIn0.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzIiwiYXVkIjoiODc0OWM3OGU5OGM2OTk0NTNhZTgwNWVhMDZiZTY0M2QiLCJhenAiOiI4NzQ5Yzc4ZTk4YzY5OTQ1M2FlODA1ZWEwNmJlNjQzZCIsInN1YiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMvcHJvZmlsZS9jYXJkI21lIiwiZXhwIjoxNTk2MTA1MjE5LCJpYXQiOjE1OTQ4OTU2MTksImp0aSI6IjJlNWEwN2NjNWFiODU3ZmQiLCJjX2hhc2giOiJlTXpjSE5GdzNJaDRidTBEem02RnhnIn0.e6HtOELpRSU3WNrCMQL-q_1x6dy3WqbQMj0mW9D7Scg_GmG8yH-Gh-77RMaRGOz_SGWC6OUm4lrcDIGabWBVzN017--TPD618oSoqg5PjHedRHA_ObQc73ZjPeUtu50v3RqzLmrK75Uxz1TyHTUbWWAa76jQ0baH1JdhclwoowibgO4ttoXgUAsFuBgiNyQw9R_gB0-gu5wc8f7UtB-tftapu-lGQzOJpUfTpHsgnbYEkx96NgOtD1UmLDZvlHWJm8s0dzaiWP_IAkTdU5rf0fwiAo_QIdQvxPQfHFXfhvoGXb758jyh2gmBEubXvpl5OdZBsuOLm1p0p96fqFF0Rw&state=global',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
validating [Object: null prototype] {
  grant_type: 'authorization_code',
  code_verifier: 'g+5ZeOz0TG',
  code: 'd59b7e4340e94795b9f7783c379a9eeb',
  redirect_uri: 'http://localhost:3001/',
  client_id: 'bf38ed7bf2b9936eeb9d594e8e309789'
}

When fetching a resource, they are the following:

GET /private {
  host: 'alice.localhost:8443',
  connection: 'keep-alive',
  dpop: 'eyJhbGciOiJSUzI1NiIsInR5cCI6ImRwb3Arand0IiwiandrIjp7Imt0eSI6IlJTQSIsImtpZCI6ImxNZmFiNXRQd1FFN0ZlWkU5LW9IdjFSLWxSVzVhc1dURG5XMURhTGZscnMiLCJ1c2UiOiJzaWciLCJhbGciOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJqNHljTHVhUnBWbW9DLTFDMHFrNF9FNmhReUQwbk9kUmpBU29Na1UwZFFlaktUdlNlTGRiV0w2WGoyN1Q5TDRtMml0ZklxWWYwbUZwM3I1WjNvaWhIak44UHhMODAwYmJobVE4MDN2QzFFVWxMV0R5bnNkeWlIRm4weXpWVF90MHBiN0xwejlBb3Q2Yk1HNHV4ZHkxZmRoNVN0SDNkTTdZUzVDTXBFaFVyOGFRdVpod3JPalRlejUtd2c3bFJrOFE2cUFmaGZTTXJPc2w2Y2dSZ0dGZFNoV2hzTURqNU01MXdlMW1TTloxVS1rVVRhbXhxTzV2UmhmUVdXX1hEZHdNTzJHNUQ1YTNwWGkxYWl5WXVDYVJiTVFoUFNoZkFNVDA1S0hjLVNiSkoxQkVvQ2hhZG1QdTRVRXpfT3RjeThEUklIaDdRRjYwb0ZOTkNRUEZLNndMRVEifX0.eyJodHUiOiJodHRwczovL2FsaWNlLmxvY2FsaG9zdDo4NDQzL3ByaXZhdGUiLCJodG0iOiJHRVQiLCJqdGkiOiJiMTdjNjAyMC02OTllLTQ2MjUtYjczNi05ZGRhNDI0MDdjMjUiLCJpYXQiOjE1OTQ4OTU3NTIsImV4cCI6MTU5NDg5OTM1Mn0.VFoq0hjG8LSjaAsLWLvW33xu5zcuT9yWE2yrGSlxWlkxtBvZSsoXBUzLdmCMgzYUU8YdhCPYSJsLPQ3PRGJ5aPFQRd_IShZokpzCgqpKasmurFYYHY1xonYsE4OJXKaM1MXyxtA_i3GmfD1xtK03SIrLuGiVghpiC0bHmSkdKTmXbZAsIMD9nbRKRGYukmeNdHos0USGlJ9jBo-wmhn8dL1L46zSQtNt4CTBmiOc7Tm_qpvWnAnG9PasGllC8xDTUK1l0nIH3GWpbauurLTj6OpV_zrFA-7ZozO_P0pWM4Q-VT1_iYXWO1t4w98xncYP-uGtzkMW0-qSiPG7Ybx6hg',
  authorization: 'DPOP eyJhbGciOiJSUzI1NiIsImtpZCI6Im41cGVoUHV4NVpVIn0.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzIiwiYXVkIjpbIjg3NDljNzhlOThjNjk5NDUzYWU4MDVlYTA2YmU2NDNkIl0sInN1YiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMvcHJvZmlsZS9jYXJkI21lIiwiZXhwIjoxNTk2MTA1MjIxLCJpYXQiOjE1OTQ4OTU2MjEsImp0aSI6ImM3YzJlZGEyNzAxNzY4ODQiLCJjbmYiOnsiamt0IjoibE1mYWI1dFB3UUU3RmVaRTktb0h2MVItbFJXNWFzV1REblcxRGFMZmxycyJ9fQ.Al5-82WNZaNhdlovhfLOite1rzmUqHQ5Ory91P4Ht54RoRAj2y3JnhopUrQpcH9Z5d81LMSZpr554o2Xv2ADXq9FLcmZL4tdzxR0gOYOH-E6Lo93Le1P1GPc2DXfwnBPdtJdHtBBIgL7nDC49bOSfGttAVw7iRx1_j34t9H-nKgfbPZzQlE1_3ost6oT5Cg2WdHkf1mOtYcWCLxP25AxjqdkFhCh9aMgJOREeF_fVfdlzL2XhKJEOz-Idxc-zuIHonKTwMnI4CaNbI2MLQGksxyc6FTg9gXpav_cs_ui9WiOLLdAE2H8osATOHNpCVB0o7DQol-O4ecPk3v93EzQTQ',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
GET /private/ {
  host: 'alice.localhost:8443',
  connection: 'keep-alive',
  dpop: 'eyJhbGciOiJSUzI1NiIsInR5cCI6ImRwb3Arand0IiwiandrIjp7Imt0eSI6IlJTQSIsImtpZCI6ImxNZmFiNXRQd1FFN0ZlWkU5LW9IdjFSLWxSVzVhc1dURG5XMURhTGZscnMiLCJ1c2UiOiJzaWciLCJhbGciOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJqNHljTHVhUnBWbW9DLTFDMHFrNF9FNmhReUQwbk9kUmpBU29Na1UwZFFlaktUdlNlTGRiV0w2WGoyN1Q5TDRtMml0ZklxWWYwbUZwM3I1WjNvaWhIak44UHhMODAwYmJobVE4MDN2QzFFVWxMV0R5bnNkeWlIRm4weXpWVF90MHBiN0xwejlBb3Q2Yk1HNHV4ZHkxZmRoNVN0SDNkTTdZUzVDTXBFaFVyOGFRdVpod3JPalRlejUtd2c3bFJrOFE2cUFmaGZTTXJPc2w2Y2dSZ0dGZFNoV2hzTURqNU01MXdlMW1TTloxVS1rVVRhbXhxTzV2UmhmUVdXX1hEZHdNTzJHNUQ1YTNwWGkxYWl5WXVDYVJiTVFoUFNoZkFNVDA1S0hjLVNiSkoxQkVvQ2hhZG1QdTRVRXpfT3RjeThEUklIaDdRRjYwb0ZOTkNRUEZLNndMRVEifX0.eyJodHUiOiJodHRwczovL2FsaWNlLmxvY2FsaG9zdDo4NDQzL3ByaXZhdGUiLCJodG0iOiJHRVQiLCJqdGkiOiJiMTdjNjAyMC02OTllLTQ2MjUtYjczNi05ZGRhNDI0MDdjMjUiLCJpYXQiOjE1OTQ4OTU3NTIsImV4cCI6MTU5NDg5OTM1Mn0.VFoq0hjG8LSjaAsLWLvW33xu5zcuT9yWE2yrGSlxWlkxtBvZSsoXBUzLdmCMgzYUU8YdhCPYSJsLPQ3PRGJ5aPFQRd_IShZokpzCgqpKasmurFYYHY1xonYsE4OJXKaM1MXyxtA_i3GmfD1xtK03SIrLuGiVghpiC0bHmSkdKTmXbZAsIMD9nbRKRGYukmeNdHos0USGlJ9jBo-wmhn8dL1L46zSQtNt4CTBmiOc7Tm_qpvWnAnG9PasGllC8xDTUK1l0nIH3GWpbauurLTj6OpV_zrFA-7ZozO_P0pWM4Q-VT1_iYXWO1t4w98xncYP-uGtzkMW0-qSiPG7Ybx6hg',
  authorization: 'DPOP eyJhbGciOiJSUzI1NiIsImtpZCI6Im41cGVoUHV4NVpVIn0.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzIiwiYXVkIjpbIjg3NDljNzhlOThjNjk5NDUzYWU4MDVlYTA2YmU2NDNkIl0sInN1YiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMvcHJvZmlsZS9jYXJkI21lIiwiZXhwIjoxNTk2MTA1MjIxLCJpYXQiOjE1OTQ4OTU2MjEsImp0aSI6ImM3YzJlZGEyNzAxNzY4ODQiLCJjbmYiOnsiamt0IjoibE1mYWI1dFB3UUU3RmVaRTktb0h2MVItbFJXNWFzV1REblcxRGFMZmxycyJ9fQ.Al5-82WNZaNhdlovhfLOite1rzmUqHQ5Ory91P4Ht54RoRAj2y3JnhopUrQpcH9Z5d81LMSZpr554o2Xv2ADXq9FLcmZL4tdzxR0gOYOH-E6Lo93Le1P1GPc2DXfwnBPdtJdHtBBIgL7nDC49bOSfGttAVw7iRx1_j34t9H-nKgfbPZzQlE1_3ost6oT5Cg2WdHkf1mOtYcWCLxP25AxjqdkFhCh9aMgJOREeF_fVfdlzL2XhKJEOz-Idxc-zuIHonKTwMnI4CaNbI2MLQGksxyc6FTg9gXpav_cs_ui9WiOLLdAE2H8osATOHNpCVB0o7DQol-O4ecPk3v93EzQTQ',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
  solid:ACL Using ACL https://localhost:8443/private/.acl for ./ +2m
  solid:ACL    1 direct authentications about <https://localhost:8443/private/> +2ms
  solid:ACL accessDenied: checking access to <https://localhost:8443/private/> by null and origin <http://localhost:3001> +26ms
  solid:ACL    1 direct authentications about <https://localhost:8443/private/> +1ms
  solid:ACL    Checking auth <https://localhost:8443/private/.acl#owner> with agent null +0ms
  solid:ACL     Agent or group: Fail: not public and not logged on. +1ms
  solid:ACL      The agent/group check fails +0ms
  solid:ACL       Check failed: User Unauthorized +0ms
  solid:ACL accessDenied: modeURIorReasons: ["User Unauthorized"] +0ms
  solid:ACL  checking <http://www.w3.org/ns/auth/acl#Read> +0ms
  solid:ACL   MODE REQUIRED NOT ALLOWED: <http://www.w3.org/ns/auth/acl#Read> Denying with User Unauthorized +0ms
  solid:ACL Read access denied to (none): undefined - Unauthorized +0ms
  solid:server Error page because of: UnauthorizedError: Unauthorized
    at AuthenticatedRequest.unauthorized (/Users/michiel/gh/solid/mashlib-dev/workspaces/oidc-auth-manager/node_modules/@solid/oidc-rs/src/AuthenticatedRequest.js:761:19)
    at /Users/michiel/gh/solid/mashlib-dev/workspaces/oidc-auth-manager/node_modules/@solid/oidc-rs/src/AuthenticatedRequest.js:316:24 {
  handled: true,
  statusCode: 401,
  realm: 'https://localhost:8443',
  error: 'invalid_token',
  error_description: 'htu https://alice.localhost:8443/private does not match https://alice.localhost:8443/private/',
  error_uri: undefined
} +0ms
  solid:server Display login-required for https://alice.localhost:8443/private/ +0ms
GET /.well-known/openid-configuration {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
POST /token {
  host: 'localhost:8443',
  connection: 'keep-alive',
  'content-length': '114',
  'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36',
  dpop: 'eyJhbGciOiJSUzI1NiIsInR5cCI6ImRwb3Arand0IiwiandrIjp7Imt0eSI6IlJTQSIsImtpZCI6ImxNZmFiNXRQd1FFN0ZlWkU5LW9IdjFSLWxSVzVhc1dURG5XMURhTGZscnMiLCJ1c2UiOiJzaWciLCJhbGciOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiJqNHljTHVhUnBWbW9DLTFDMHFrNF9FNmhReUQwbk9kUmpBU29Na1UwZFFlaktUdlNlTGRiV0w2WGoyN1Q5TDRtMml0ZklxWWYwbUZwM3I1WjNvaWhIak44UHhMODAwYmJobVE4MDN2QzFFVWxMV0R5bnNkeWlIRm4weXpWVF90MHBiN0xwejlBb3Q2Yk1HNHV4ZHkxZmRoNVN0SDNkTTdZUzVDTXBFaFVyOGFRdVpod3JPalRlejUtd2c3bFJrOFE2cUFmaGZTTXJPc2w2Y2dSZ0dGZFNoV2hzTURqNU01MXdlMW1TTloxVS1rVVRhbXhxTzV2UmhmUVdXX1hEZHdNTzJHNUQ1YTNwWGkxYWl5WXVDYVJiTVFoUFNoZkFNVDA1S0hjLVNiSkoxQkVvQ2hhZG1QdTRVRXpfT3RjeThEUklIaDdRRjYwb0ZOTkNRUEZLNndMRVEifX0.eyJodHUiOiJodHRwczovL2xvY2FsaG9zdDo4NDQzL3Rva2VuIiwiaHRtIjoiUE9TVCIsImp0aSI6IjI3YjdiYjBlLTRmYjYtNDU5My05NmVmLTNjNjFjMGNiZDUzYSIsImlhdCI6MTU5NDg5NTc2MCwiZXhwIjoxNTk0ODk5MzYwfQ.htX92lW_EM5EYvD3ROxWi8SqkQWx1h6oDgKqjkw537CHXD3coam2QfhypHDt6X5FesHsP3ovyYpLqXNoqdQv2XV52cM5rxiN0h0jUJLXjoJeI3trxq4t_qzUejUdAFigkhKE0lAacqCbaO7vuTAWjmm1GL-07PhpLp5GqgTdIQ3ywswojrfb4QqlcF6yiX9taV6VPQUO8C6sXg8vw0MM64HoL4NW24LpDha2Now5lioV0wRzYtiv8M4hugz-S7G2gJkhERtoN3LGL5VfyXnvz2gu78LLxY9uwkv9RafR28zCSpCmn6ecgbGX_ERB3pj4bRzh-9DyNvMi6sZywtm0Rw',
  authorization: 'Basic ODc0OWM3OGU5OGM2OTk0NTNhZTgwNWVhMDZiZTY0M2Q6YzJmMDZmMDA0NWE4MmY3MjNkYTFlM2ZlZTIyNmY3Y2I=',
  'content-type': 'application/x-www-form-urlencoded',
  accept: '*/*',
  origin: 'http://localhost:3001',
  'sec-fetch-site': 'cross-site',
  'sec-fetch-mode': 'cors',
  'sec-fetch-dest': 'empty',
  referer: 'http://localhost:3001/',
  'accept-encoding': 'gzip, deflate, br',
  'accept-language': 'nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,fr-FR;q=0.6,fr;q=0.5,de-DE;q=0.4,de;q=0.3,es-ES;q=0.2,es;q=0.1,id-ID;q=0.1,id;q=0.1'
}
validating [Object: null prototype] {
  grant_type: 'refresh_token',
  refresh_token: '78e44965516e24fbb88f5537db651ee2',
  client_id: '8749c78e98c699453ae805ea06be643d'
}

The browser's developer console on http://localhost:3001 actually shows:

Fetcher.js:22 GET https://alice.localhost:8443/private/ 401 (Unauthorized)
Fetcher.js:22 POST https://localhost:8443/token 500 (Internal Server Error)

so that second error is also something to look into.

michielbdejong commented 4 years ago

should include this information in the documentation.