solid-auth-client

solid-auth-client copied to clipboard

README example works in Chromium not Firefox

1

In Firefox, this error appears in console: ``` Error logging in with WebID-OIDC webid-oidc.js:22:12 TypeError: "NetworkError when attempting to fetch resource." webid-oidc.js:23:12 Cross-Origin Request Blocked: The Same Origin Policy disallows...

susannachen7

Cannot use with non-public domain names?

3

I can't find a way to point 'launcher.com' to 127.0.0.1 and then run https://github.com/inrupt/launcher-exploration on http://launcher.com:3000/ instead of on http://localhost:3000. To reproduce, run `npm install && npm start` in the...

michielbdejong

No support for Microsoft Edge

11

There needs to be some kind of check to make sure that features, such as TextEncoder, are available before use and if not then provide an alternative. Many work places...

RandomArker

How to validate access token after authorization is successful?

3

As title, I've built my own Solid server and Solid App. When I enter into the Solid App, do authentication and authorization on Solid Pod server via popup window. Then...

peter279k

It appears [OIDC registration request is not fully implemented](https://openid.net/specs/openid-connect-registration-1_0.html#RegistrationRequest). Is particular, fields like `client_name` and `client_name#` [are not implemented](https://github.com/solid/solid-auth-client/blob/master/src/solid-auth-client.js#L16): ```js export type loginOptions = { callbackUri: string, popupUri: string, storage:...

christophehenry

Silent token refreshing

10

Hi guys, This issue might be somehow related to : - https://github.com/solid/solid-auth-client/issues/127 - https://github.com/solid/solid-auth-client/issues/109 - https://github.com/solid/solid-auth-client/issues/37 Giving a short lifespan to the `ID token` is a security feature to reduce...

happy-dev

solidtest.space is gone

1

https://solidtest.space/ has been taken over by someone outside of the project. This repo seems to have some mentions of it, which should be removed.

kjetilk

app origin as option of popupLogin

3

If an app is deployed on a non-solid-server I need to specify it as trusted since NSS5. If I login using `popupLogin` to solid.community with `popupUri` set to the popup.html...

y0va

Seems you are using flowtype, can you generate a typing and publish it to https://github.com/flow-typed/flow-typed?

linonetwo

Local storage is insecure

21

[Local Storage is insecure](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/HTML5_Security_Cheat_Sheet.md#local-storage) and shouldn't be used for storing sensitive information. Storing authentication info (e.g. `oidc.session.privateKey` here) in local storage is not acceptable in production environment. The above linked...

mrkvon