Major updates to SolidOS, NSS, and solidcommunity.net

Please note : If you have a Pod on solidcommunity.net, be sure to read the impact on users section below.

After months of work, a new SolidOS is about to be released. SolidOS, the Solid operating system, comes in four flavors :

SolidOS, in all of its flavors, provides pod navigation and management tools; semantic views of all data; productivity apps like notepads, and task-mangers; and collaboration apps like chat apps and meeting schedulers. All features have the aim of supporting the core Solid vision - user control, freedom from vendor lock-in, and re-usability of data.

This release is focused on security and it makes the code stack Solid-OIDC specification compliant. All code using solid-auth-client was replaced by code using @inrupt/solid-client-authn. The release also includes improvements to handling of Javascript, JSON-LD, and a variety of bug-fixes and UI improvements. See this list of upgrade issues for details. For reference : the releases are SolidOS v1.7.7 and NSS (Node solid-server) v5.6.12.

The release impacts users of solidcommunity.net, developers using the SolidOS software stack, and pod providers who use NSS.

Impact on users

Owners of Pods on solidcommunity.net with an index.html file located in the root of their Pod (ex: https://some_user.solidcommunity.net/index.html) : your first page on the Pod will change. Previously the index.html file was provisioned with a login button which will no longer work due to the authentication library upgrade. Upon release, we will be running a server script to rename all existing index.html files in the root of Pods to index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

Impact on developers

Developers who use the SolidOS stack (mashlib, solid-panes, solid-ui, solid-logic, rdflib) should be aware that these libraries have all switched to using Inrupt’s solid-client-authn instead of solid-auth-client.

Impact on Pod providers

As mentioned above under impacts on users, index.html pages with login buttons will no longer work. You should contact us to get a script to rename these files and warn your users before installing the new NSS. There is also a similar issue related to the server-root e.g. https://solidcommunity.net/index.html. An updated version of it that works with the new auth is available in the repo’s default-templates folder.

Join our team!

The changes in SolidOS, NSS, and solidcommunity.net are the work of an active open source team led by Sir Tim Berners-Lee. The open source team actively welcomes collaborators. Please
visit our project pod or our GitHub repo for more information. For any concerns, issues or suggestions chat with the SolidOS team in the gitter chatroom or create a git issue.

7 Likes

It’s great to hear about the progress! Are these changes live on solidcommunity.net now?

Yes they are!

1 Like

I’m getting strange behaviour where it thinks I’m not logged in but is showing (presumably cached) private data, and even one case where it was showing login buttons but I could actually do private edits without problem.

Is there any specific place I should look where the intended (post-popup) login/logout experience and workflow is documented/discussed?

In terms of user experience, I’m finding the more frequent background redirects annoying but mostly ok, but unpredictability of when I’ll be logged in or out is a bit frustrating.

We experienced some of those “looks like I’m logged out but I can do certain private things” during testing but thought we had eliminated them all.

Please specify if you’re using a server frontend, the webapp or data kitchen and what page you logged in on and what IdP you used and what you clicked to get that mixed-state you described. Sorry for all the questions, but there are lots of contexts to cover.

Happy to try to debug myself if you have some guidance on when it should think I should be logged out, i.e. is the login button wrong or the tool wrong; should it be asking me at every refresh, after a token expiry time, for a new browser session…?

I’m on solidcommunity.net (IDP and pod) with the Brave browser looking at issue-pane and the generic resource browser (not sure which component that is). Not sure when/where I logged in - happened a couple of times now.

Edit: it’s definitely happened on mobile, and I think also on desktop, if that makes a difference (both still with the Brave browser)

Okay, thanks, if you could try the same thing with a different browser, that would tell us something. And if you notice it happening anywhere other than issue pane, that would be good to know also. In terms of feedback - comments in solid/solidos - Gitter are always welcome and if it isn’t about any given library you can identify, file an issue at Issues · solid/solidos · GitHub. The one that is open that is most similar to yours is Handling goto links · Issue #70 · solid/solidos · GitHub.

1 Like

I’ve added an issue: Login button visible with private resource using nss · Issue #78 · solid/solidos · GitHub

But it looks it is indeed just because the NSS cookie allows access to private resources without a solid-oidc login in that browser session, so I’m guessing there’s no point in fixing this.
If/when the NSS cookies go away, the problem will too. If cookies don’t go away, then we can’t reliably tell whether the pod thinks a user is logged in unless the use of cookies is also in the spec, and I understand that’s unlikely…

1 Like

Thanks folks, 5.6.12 is up and running on inrupt.net

Just installed community solid server with the mashlib recipe (GitHub - solid/community-server-recipes: Solid Community Server with the Mashlib Data Browser) and other than some fighting with an existing Apache installation (Using Apache as a Reverse Proxy mentions settings for the wrong server · Issue #633 · solid/solidproject.org · GitHub) it was on the whole a very nice experience. Thanks everyone!

2 Likes

What’s the best way to test this all? My guess - pull latest solidos, pull your newest mashlib, solid-ui, solid-logic into their respective workspaces under solidos, then build mashlib. If there’s an easier or way, please let me know.

MyCCPay Login

The easiest way is to get an account on solidcommunity.net - SolidOS provides the frontend so you are automatically using it when you visit the site. You can also use the SolidOS webapp to visit any Pod.

If you want to experiment with the software stack, yes you have to build things in the right order. There are some specific instructions on building the stack in the SolidOS README. If you run into problems, pop into the SolidOS Chatroom

2 Likes