We’ve recently published a new Github Repo comprising the entire source code for a Microsoft .NET app that authenticates against Solid Pods using OpenID Connect.
Goto Rep Page for the code.
Enjoy!
1 Like
For the method: RegisterAppAsync — I’d encourage you to use a JSON builder instead of just building it as a string.
We also have an alpha service at Inrupt for validating the public client identifier documents, it should be released more publicly soon.
We also highly recommend making the clientName property configurable/set, as this is displayed to your users as part of the OIDC flow.
Also, we’ve started to recommend a content-type of application/ld+json, instead of just application/json, and you’re missing the JSONLD context for this document (which can cause some issues)
Oh! Actually, I just noticed you’re using static client registration rather than client identifier documents.
Small HTML tip: for Button elements, they can have a value, so you can have just one javascript event handler for all buttons, which just reads the event target’s value, rather than having N separate event handlers; though I’m not sure how razor would work with that (I don’t know .Net)
Also, you shouldn’t be sending “credentials: include” with requests, as this would leak your servers’ cookies to unknown external hosts (pod providers) — just send with the DPoP header + Access Token in the authorization header, those aren’t influenced by the credentials option (at least in javascript)