Implementation of Webid-OIDC in Guile

Dear all,

I am working to bring Solid to the GNU Guile programming language. I have finished the main parts of the webid-oidc authentication scheme.

I will now focus on the Web Access Control and Linked Data Platform parts.

I think Solid is a great opportunity to build user-respecting free software, because since it allows independent applications to be interoperable, it is easier to replace a proprietary application with a free one (see, What is free software? - GNU Project - Free Software Foundation). With its emphasis on linked data, it is also possible to steer away from mis-using a web browser (see, The JavaScript Trap).

(I know that the latter opinion is not widely shared among Solid developers, but it is important to me)


The source code is available on my private server, webid-oidc.git - Implementation in guile of the Solid webid-oidc spec.
It is somewhat documented,

Lovely to behold a new language implementation and that following a true GPL-licensed FOSS approach :partying_face: Congratulations on the project, and thank you.

1 Like

Great initiative and progress @vkraus! You should probably check out the latest draft of the authentication protocol - solid-oidc, which supercedes webid-oidc.

Anytime you need, you can check out Solid Technical Reports for a current listing of specs in the ecosystem.

1 Like

Thank you. I am aware that the standards are moving, I keep an eye on both this document and DPoP. I named the project when the protocol was called webid-oidc, and even if some things changed (the webid field of the ID / access token, or the client identifier, for instance), the spirit is the same. If I get a chance, I will rename it.

1 Like

Dear Solid community,

Today I finished the essential features of my server. There are known shortcomings:

  • no json-ld support (only Turtle is considered RDF);
  • no LD-PATCH support;
  • no websocket pubsub API (although, if I understand correctly, the standardization is not yet done for that part);
  • no TLS for the server, and the server is only HTTP/1.1 (it is intended to be run behind a reverse proxy).

I have not deployed it yet, because I first need to develop the client application so that I can dismiss inbox notifications before I get overwhelmed by spam. When it is done, I will put test POD online so as to test, debug and fix the myriad of embarrassing errors that I sure made.

In the mean time, if you feel curious, you can run the buggy server. I even packaged it in a docker image:

docker run --rm -it webid-oidc -h

For the full server, you would run the following command inside the container:

webid-oidc server --port 8080 --server-name '' --key-file 'key.jwk' --subject '' --password "hello" --jwks-uri '' --authorization-endpoint-uri '' --token-endpoint-uri ''

Obviously, you would change the ‘’ prefix, and the password for the identity provider, and expose port 8080.

Stay tuned, for I will deploy it on my server as soon as I can!

1 Like