fix: Update OIDC provider dependency to v7

The biggest resulting change is that the consent page always appears
after logging in.
Some minor fixes to be closer to the spec are included
together with some minor structural refactors.

test/integration/Identity.test.ts

@@ -138,10 +138,11 @@ describe('A Solid server with IDP', (): void => {
     });
 
     it('initializes the session and logs in.', async(): Promise<void> => {
-      const url = await state.startSession();
+      let url = await state.startSession();
       const res = await state.fetchIdp(url);
       expect(res.status).toBe(200);
-      await state.login(url, email, password);
+      url = await state.login(url, email, password);
+      await state.consent(url);
       expect(state.session.info?.webId).toBe(webId);
     });
 
@@ -162,16 +163,12 @@ describe('A Solid server with IDP', (): void => {
     it('can log in again.', async(): Promise<void> => {
       const url = await state.startSession();
 
-      let res = await state.fetchIdp(url);
+      const res = await state.fetchIdp(url);
       expect(res.status).toBe(200);
 
       // Will receive confirm screen here instead of login screen
-      res = await state.fetchIdp(url, 'POST', '', APPLICATION_X_WWW_FORM_URLENCODED);
-      const json = await res.json();
-      const nextUrl = json.location;
-      expect(typeof nextUrl).toBe('string');
+      await state.consent(url);
 
-      await state.handleLoginRedirect(nextUrl);
       expect(state.session.info?.webId).toBe(webId);
     });
   });
@@ -223,10 +220,11 @@ describe('A Solid server with IDP', (): void => {
     });
 
     it('initializes the session and logs in.', async(): Promise<void> => {
-      const url = await state.startSession(clientId);
+      let url = await state.startSession(clientId);
       const res = await state.fetchIdp(url);
       expect(res.status).toBe(200);
-      await state.login(url, email, password);
+      url = await state.login(url, email, password);
+      await state.consent(url);
       expect(state.session.info?.webId).toBe(webId);
     });
 
@@ -318,7 +316,8 @@ describe('A Solid server with IDP', (): void => {
     });
 
     it('can log in with the new password.', async(): Promise<void> => {
-      await state.login(nextUrl, email, password2);
+      const url = await state.login(nextUrl, email, password2);
+      await state.consent(url);
       expect(state.session.info?.webId).toBe(webId);
     });
   });
@@ -397,10 +396,11 @@ describe('A Solid server with IDP', (): void => {
 
     it('initializes the session and logs in.', async(): Promise<void> => {
       state = new IdentityTestState(baseUrl, redirectUrl, oidcIssuer);
-      const url = await state.startSession();
+      let url = await state.startSession();
       const res = await state.fetchIdp(url);
       expect(res.status).toBe(200);
-      await state.login(url, newMail, password);
+      url = await state.login(url, newMail, password);
+      await state.consent(url);
       expect(state.session.info?.webId).toBe(newWebId);
     });
 

test/integration/IdentityTestState.ts

@@ -89,7 +89,7 @@ export class IdentityTestState {
 
     // Need to catch the redirect so we can copy the cookies
     let res = await this.fetchIdp(nextUrl);
-    expect(res.status).toBe(302);
+    expect(res.status).toBe(303);
     nextUrl = res.headers.get('location')!;
 
     // Handle redirect
@@ -109,22 +109,26 @@ export class IdentityTestState {
    * Logs in by sending the corresponding email and password to the given form action.
    * The URL should be extracted from the login page.
    */
-  public async login(url: string, email: string, password: string): Promise<void> {
+  public async login(url: string, email: string, password: string): Promise<string> {
     const formData = stringify({ email, password });
-    const res = await this.fetchIdp(url, 'POST', formData, APPLICATION_X_WWW_FORM_URLENCODED);
+    let res = await this.fetchIdp(url, 'POST', formData, APPLICATION_X_WWW_FORM_URLENCODED);
     expect(res.status).toBe(200);
     const json = await res.json();
-    const nextUrl = json.location;
-
-    return this.handleLoginRedirect(nextUrl);
+    res = await this.fetchIdp(json.location);
+    expect(res.status).toBe(303);
+    return res.headers.get('location')!;
   }
 
   /**
-   * Handles the redirect that happens after logging in.
+   * Handles the consent screen at the given URL and the followup redirect back to the client.
    */
-  public async handleLoginRedirect(url: string): Promise<void> {
-    const res = await this.fetchIdp(url);
-    expect(res.status).toBe(302);
+  public async consent(url: string): Promise<void> {
+    let res = await this.fetchIdp(url, 'POST', '', APPLICATION_X_WWW_FORM_URLENCODED);
+    expect(res.status).toBe(200);
+    const json = await res.json();
+
+    res = await this.fetchIdp(json.location);
+    expect(res.status).toBe(303);
     const mockUrl = res.headers.get('location')!;
     expect(mockUrl.startsWith(this.redirectUrl)).toBeTruthy();
 

test/integration/RestrictedIdentity.test.ts

@@ -94,10 +94,11 @@ describe('A server with restricted IDP access', (): void => {
   it('can still access registration with the correct credentials.', async(): Promise<void> => {
     // Logging into session
     const state = new IdentityTestState(baseUrl, 'http://mockedredirect/', baseUrl);
-    const url = await state.startSession();
+    let url = await state.startSession();
     let res = await state.fetchIdp(url);
     expect(res.status).toBe(200);
-    await state.login(url, settings.email, settings.password);
+    url = await state.login(url, settings.email, settings.password);
+    await state.consent(url);
     expect(state.session.info?.webId).toBe(webId);
 
     // Registration still works for this WebID