Node is not a solution for my idea in the long term. I was simply using it to test if I could have a machine maintain long-term access to a pod without needing a user to actively open a browser (a single browser session during initialization would be acceptable). In the long term, if the spec is stable, I would have to reimpliment the auth flow from solid-client-authn-node or solid-node-client into something which can run on embedded devices (i.e. c, micropython, rust). But that’s not something I’m willing to do if the spec is going to change under my feet.
I’ve spent some significant time trying to wrap my head around the various auth flows, but so far I don’t have a good grasp of it. It sounds like I will need to do some more reading. If you could point me at what you think is an appropriate flow, I would really appreciate it.
Ideally, I could simply store my identity provider, username, and password on a device, which could use these to authenticate and access my pod on its own with no browser involved. (as is claimed is possible for NSS-style pods. Is this part of the standard now? will this soon be possible with ESS pods and any theoretical future servers?)
Alternatively, what could be possible, is using a mobile device to retrieve an OIDC token once, and then transfer that token to the device, which could then use it to access the pod. However, as I understand it, the OIDC token - even if refreshed correctly - is only valid for 3 days. Meaning this would have to be repeated frequently. This would be a deal-breaker for many of the ideas I have in mind.