I have some data in a private part of my pod which I need to analyse with a Jupyter Notebook using Python. How do I gain access to my private area, without downloading the file to my local drive?
EDIT: See below - copy/pasted the wrong link
Thanks. I was hoping that someone had a port of it to python. or instructions on how to get there from say Authlib
a Python library in building OAuth and OpenID Connect clients and servers.
Yes, as a matter of fact someone did port my library to python. I don’t know if it is still maintained - GitHub - twonote/solid-file-python: solid-file-python is a Python library for creating and managing files and folders in Solid pods. and there is also Rai / solid-flask · GitLab which handles Solid auth in python.
Sadly, they are both around two years old. I had the most progress with Rai, but it fails at the last hurdle with “Invalid client credentials”. I can honestly say that the difficulties of dealing with login is a key factor in not taking up Solid. This is the second time in the past few years that I have hit a roadblock here.
It must be possible to be more specific inthe specifications, or in the documentation on NSS, CSS, and ESS to set out the precise steps (including when to use jwt etc) so that other languages can move forward.
The mention of client credentials is a clue to where the problem lies and it should not be hard to add to existing libraries. There is not currently any spec that defines how apps (as distinct from users of apps) are authorized. So each server does it differently. Client credentials sound to me like ESS, so if that is the case, look at Inrupt docs you’ll see what you need to add to get the auth to work.
It must be possible to be more specific inthe specifications, or in the documentation
Indeed.
I forgot to mention @kushal_das was working on a python Solid server at one point, you might want to contact him.
There is not currently any spec that defines how apps (as distinct from users of apps) are authorized.
Can you clarify what you mean by this? Is it because an app wouldn’t have a webID?
In this case, I think this post is relevant.
Yes, that post explains how to authenticate an app on various servers given the current state of affairs. These are not based, AFAIK, on any existing specification of how apps should be authorized. The interoperability panel has a proposed method of authenticating apps but it does not match any of the ones on the link you gave.
I’ve created a python library to authenticate with client credentials: SolidClientCredentials
I think on a server hosted with ESS / CSS it should be more straightforward: Follow the links to get client credentials, plug them into the example and use it.
If it’s hosted somewhere else, I guess you can: (1) create a second webId on either ESS/CSS. (2) give this ESS/CSS webId access to the data you want to access on your pod. (3) proceed with the example usage of the library. I guess it should work, but I didn’t try it and don’t fully understand the concepts yet.
I’ve fixed this error in this merge request and extracted a solid-OIDC library out of it: solid-oidc-client · PyPI. It should work with all Solid providers.
Feel free to try it out and give feedback