Solid-client-authn-node - getSessionFromStorage returns a session, but session.info.isLoggedIn is false

Build a Solid App
1

Hi, I’m using the new library solid-client-authn-node to authenticate against my local community solid server (v1.0.0).

Based on the example code for multiple sessions.
Is it correct that console.log(session.info.isLoggedIn); in /fetch prints false?

const express = require("express");
const cookieSession = require("cookie-session");

const { 
  getSessionFromStorage,
  getSessionIdFromStorageAll,
  Session
} = require("@inrupt/solid-client-authn-node");

const app = express();
const port = 8081;

// The following snippet ensures that the server identifies each user's session
// with a cookie using an express-specific mechanism
app.use(
  cookieSession({
    name: "session",
    // These keys are required by cookie-session to sign the cookies.
    keys: [
      "Required, but value not relevant for this demo - key1",
      "Required, but value not relevant for this demo - key2",
    ],
    maxAge: 24 * 60 * 60 * 1000, // 24 hours
  })
);


app.get("/login", async (req, res, next) => {
    const session = new Session();
  req.session.sessionId = session.info.sessionId;
  const redirectToSolidIdentityProvider = (url) => {

    res.redirect(url);
  };

  await session.login({
    redirectUrl: `http://localhost:${port}/redirect-from-solid-idp`,
    oidcIssuer: "http://localhost:3000",
    clientName: "Demo app",
    handleRedirect: redirectToSolidIdentityProvider,
  });
});

app.get("/redirect-from-solid-idp", async (req, res) => {
  const session = await getSessionFromStorage(req.session.sessionId);
  await session.handleIncomingRedirect(`http://localhost:${port}${req.url}`);
  if (session.info.isLoggedIn) {
    return res.send(`<p>Logged in with the WebID ${session.info.webId}.</p>`)
  }
});

app.get("/fetch", async (req, res, next) => {
  if(typeof req.query["resource"] === "undefined") {
    res.send(
      "<p>Please pass the (encoded) URL of the Resource you want to fetch using `?resource=&lt;resource URL&gt;`.</p>"
    );
  }
  const session = await getSessionFromStorage(req.session.sessionId);
  console.log(session.info.isLoggedIn);
  console.log(await (await session.fetch(req.query["resource"])).text());
  res.send("<p>Performed authenticated fetch.</p>");
});

// 7. To log out a session, just retrieve the session from storage, and 
//    call the .logout method.
app.get("/logout", async (req, res, next) => {
  const session = await getSessionFromStorage(req.session.sessionId);
  session.logout();
  res.send(`<p>Logged out.</p>`);
});

// 8. On the server side, you can also list all registered sessions using the
//    getSessionIdFromStorageAll function.
app.get("/", async (req, res, next) => {
  const sessionIds = await getSessionIdFromStorageAll();
  for(const sessionId in sessionIds) {
    // Do something with the session ID...
  }
  res.send(
    `<p>There are currently [${sessionIds.length}] visitors.</p>`
  );
});

app.listen(port, () => {
  console.log(
    `Server running on port [${port}]. ` +
    `Visit [http://localhost:${port}/login] to log in to [broker.pod.inrupt.com].`
  );
});
2

Hi @tobbawi ! Glad that you are experimenting with @inrupt/solid-client-authn-node and CSS. It looks like the issue comes from the fact that The identity provider associated to CSS does not return a refresh token, although we request one. I’ll investigate a bit to see if the issue comes from the library or the server, and in any case I’ll update this thread with a GH issue so that you can follow the resolution :).

3

This issue is also being discussed in solid/community-server - Gitter.

4

Thanks for the heads-up @jeffz , I wasn’t on that channel :).

It looks like the issue lies on CSS side, I opened an issue at Refresh tokens are not consistently issued · Issue #909 · solid/community-server · GitHub, and we’ll see with the CSS developers how that can be fixed :slight_smile:

1 Like
6

Well my bad, and kudos to the CSS developers for helping me out (special thanks to @joachimvh), because the issue was actually coming from a bug in @inrupt/solid-client-authn-node. The latest release (v1.11.1) should get you back on track. Please let me know if the problem persists.

1 Like
7

It works with v1.11.1.
Many thanks!

1 Like