Solid-file-client has functions to programmatically build and manage acl content with validation.
Can help if you need more documentation than the README.
Hey @jeffz
Iβm also trying to use solid-auth-client in a project.
a node.js
But when I try to use a custom log-in, I get a TypeError:
(node:36065) UnhandledPromiseRejectionWarning: TypeError: Cannot read property 'length' of null
at Object.getAuthFetcher (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-auth-fetcher/dist/obtainAuthHeaders.js:11:29)
at SolidNodeClient.<anonymous> (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:100:67)
at step (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:33:23)
at Object.next (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:14:53)
at fulfilled (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:5:58)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
Iβm just trying to log-in with
session = await client.login({
idp: "https://inrupt.net",
username: "<appropriate username>",
password: "<appropriate password>",
debug: true
});
Can you help please?
also when I installed solid-node-client I got
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Manual Review β
β Some vulnerabilities require your attention to resolve β
β β
β Visit https://go.npm.me/audit-guide for additional guidance β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β High β Prototype Pollution in node-forge β
βββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Package β node-forge β
βββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Patched in β >= 0.10.0 β
βββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Dependency of β solid-node-client β
βββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Path β solid-node-client > solid-auth-fetcher > node-jose > β
β β node-forge β
βββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β More info β https://npmjs.com/advisories/1561 β
βββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Is that normal?
Did you do the second step of the installation - set https://solid-node-client as a trustedApp in your profile? See the link in the README if you donβt know how to do that. Please let me know if this solves your problem.
NPM often reports audit issues in downstream libraries. Run βnpm audit fixβ after the install and some vulnerabilities may disappear. If they donβt you can ignore them or manually install a new version of the vulnerable library (in this case node-forge).
Hi,
I added it to trusted, as can be seen in this screenshot, before I posted on the forum.
To no avail.
There canβt be a slash at the end of the trustedApp, remove it and it should work. If that turns out to fix it, Iβll add a warning to the README.
1 Like
Hi, still having the same problem after removing the trailing slash.
the output with printout of idp and username
idpUrl: https://inrupt.net
username: johansolid
(node:124553) UnhandledPromiseRejectionWarning: TypeError: Cannot read property 'length' of null
at Object.getAuthFetcher (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-auth-fetcher/dist/obtainAuthHeaders.js:11:29)
at SolidNodeClient.<anonymous> (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:100:67)
at step (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:33:23)
at Object.next (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:14:53)
at fulfilled (/mnt/70D8F8E6D8F8AC0A/Documents/courses/stage/projects/nodeSolidAPI/node_modules/solid-node-client/src/index.js:5:58)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
and the used code
solid.client = new solid.solidClient();
console.log(`idpUrl: ${idpUrl}`);
console.log(`username: ${username}`);
let session = await solid.client.login(
{
idp: idpUrl,
username: username,
password: password
});Ok, I created a webID on solidcommunity.net and did the exact same thing.
There it did work.
Even with a trailing slash.
So Iβm thinking that thereβs a difference between how inrupt and solidcommunity manage their logins?
The cookie?
No, both inrupt.net and solidcommunity.net run NSS with the same login process. Also I am able to login to both servers with solid-node-client. Are you positive you are using the correct username/password? Do you have the most recent version of solid-node-client?
Ah, I found the problem:
It was my passwordβ¦
It ended with an ampersand.
Changed it to something else, problem solved β¦
Thanks for the help!
I knew it was going to be something stupid, automatically generated passwords, β¦
And the trailing slash apparently doesnβt matter in the trusted applications.
Ah, good, you had me worried :-). I am looking at putting in some try/catches so that the user gets a better error message when that happens.
2 Likes
Hi @jeffz.
Iβm sorry, but there seems to be a misunderstanding.
The problem isnβt my password as such, but any password ending with an ampersand.
I changed my password on the idp to one ending without an ampersand
eg. Password987654321!
And the login works
but with a password like
Password987654321&
the above mentioned error is still there.
So anybody using a password ending with an ampersand is going to have the same problem.
@johan may I ask, what is the behavior in a browser login with a password ending in ampersand? If it also denies it, then you should file a bug with Node-Solid-Server suggesting that they reject passwords ending in ampersand when they are created. If it works in the browser but not from the command line, I need to delve deeper.
Iβm sorry to say that in a browser the password ending in ampersand gives no error.
OK, that means work for me. Thanks for finding it. (really)
2 Likes
Hey @bourgeoa @jeffz
I am trying to add solid node client as a trusted app using solid file client.
I am having trouble updating the trusted app to the acl file of https:///profile/card#me. It would be helpful if you could point me to the format that can be used to update the trusted app for the same.
I have tried updating it using the βfc.acl.addUserModeβ, but the acl file gets corrupted when i do the same
You should not edit the profile/card.acl You may break your pod
It is not clear what you are trying to :
- trusted app is the root part of an app url :
https://test.comif the app you want use ishttps://test.com/test.html - the trusted app is added in https://βyourpodβ/profile/card : you should use mashlib to add one using the preferences pane.
- on certain situation where you want to limit your app on a certain container/resource it may be added to the container/resource acl. For that specific usage the trusted app in your profile/card must exist with no authorization.
I am developing an application using solid-node-client. Since solid-node-client has to be added as a trusted app before it can be used for authorized fetches, i am trying to add solid-node-client as a trusted app at the time of registration using a browser library or other auth clients so the user need not go through the extra step of adding a trusted app through the preference pane.
Is there any way this can be accomplished?
@bourgeoa Any other way solid-node-client can be added as a trusted app in NSS by default without having to do it through the preference pane would be appreciated.