A few years ago, with @jeffz help, I got a sucessful login using the Anvilworks Python environment.
For whatever reason I stopped working on the project and focussed on larger corporate knowledge graphs in RDF.
Recently, I was asked to give a detailed update on the solid initiative at my firm. It seemed that some things had moved forward, so I set my mind to trying again. I took a new login at Inrrupt ESS and tried to follow the directions given in the OICD-Primer. Needless to say, things are not looking good using this approach.
I like to understand how things work before I commit to library solutions. I have made some progress and seem to be failing on the last hurdle. In this repo, I use the ‘pyoidc’ library for the main authentication, it seems to give an auth code and state (end of step 11).
However, after forming the DPoP, I get back “invalid client credentials”.
ESS do not recomend dynamic client registration, which ‘pyoidc’ seems to use. I also don’t understand the relationship between the client’s id document and the client_id from the manual registration process and the role of webid’s of the primary user of the app and any other users who might have authorised access (say for photo sharing).
I really feel that I am not alone in this sea of confusion around the auth process, which is the centrepiece of solid. After all, at heart it is a webserver with OIDC for security. The complexity is a real impediment to adoption.