Anyone have experience testing HTTP methods (like PUT, POST, etc) on a local node-solid-server using Postman? I need to improve on some HTTP handling and would like to use Postman to test and explore this part, but ain’t to familiar with how to set up the authentication part of it.
I have set up a simple local instance of NSS with self-signed certificates (running lib/solid-test when I need to test the server), and have created some WebIDs (and PODs) using OIDC. I’m unable to find a method for authorization method for it on Postman’s documentation on Authorization, so I reckon it’s not supported…
If I’m unable to handle it with Postman, I’ll probably just bootstrap a simple Solid app that handles it for me (using solid-auth-client or maybe a simple Fetch), but wanted to explore the possibility of using Postman first.
Ok, so, I’ve played around with Postman, and here’s what I recommend for the moment:
Option 1 - Use a cookie
Easiest way to do it - open up Developer Tools / Web Console (the thing that has the Network tab) in your browser. Log in to whichever Solid server you’re testing, enter in your username & password, etc.
In the Network tab, find a POST to /login/password, look for the set-cookie: connect.sid=s%3ApEnyYz3UWh..; Domain=whatever; Path=... header in the Response.
Now you can include that cookie with all your Postman requests. So, in Postman, switch to the Headers tab, and add Cookie header, with value connect.sid=s%3ApEnyYz3UWh.. (obviously substitute your own cookie value).
Option 2 - Use solid-auth-client
Though you can do the whole “register an app, then do a 3-legged OAuth2 flow” process in Postman, it’s way simpler to let solid-auth-client do it for you.
All that said, we should put on the roadmap to make a dev-friendly UI (kind of like Facebook’s Graph Explorer) that will let people register their sample apps, get tokens, etc.
@codenamedmitri I’m able to make HTTP request using Postman on a Solid server that has proper certificates using the approaches you mentioned, but on my local machine where I have self-signed certificates I’m failing. So just to double-check, were you successful with these methods on a local setup with self-signed certificates?