The biggest resulting change is that the consent page always appears
after logging in.
Some minor fixes to be closer to the spec are included
together with some minor structural refactors.
This is a revert of a previous change
but is now possible due to the use of JSON bodies.
This does mean JavaScript is required in the HTML page,
but that will be required for future changes anyway.
Account settings are stored using the WebID as key.
Reason for using the WebID is that this allows faster access to the settings
in authenticated requests.
A consequence of this is that passwords are now always required during registration,
and that there can only be 1 account per WebID.
The IDP behaviour has been changed to move all error related knowledge
to the IdentityProviderHttpHandler instead of managing it
in the Interactionhandlers.
Each IDP class using storage now has a different storage.
This way those classes don't have to worry about clashing keys anymore.
All internal storage is now in the /.internal/ container,
thereby making it easier to take the location of the internal data into account:
only 1 path needs to be blocked and a regex router handling internal data
differently only has to match 1 path as well.
* chore(deps): update dependency jest to v27
* chore: Update (ts-)jest and use modern fake timers where possible
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
* Add identity provider handler as a dependency
* Temp Identity
* Figured out how to get koa to work
* Hooked up idp to networking
* Feat/idp architecture refactor (#430)
* Logs in with solid oidc
* Refactored Provider
* Attempt to hook up dependencies
* Partial wiring of oidc provider components
* IdP networking now works with architecture
* Interaction Handlers Set Up
* fix: Rename & adapt to CSS
* Included Login Interaction
* Refactored architecture to bind Interaction Policy to HttpHandlers
Co-authored-by: Matthieu Bosquet <matthieubosquet@gmail.com>
* fix: Rebase on master
* fix: DI after rebase
* Reimplemented Routing
* Renamed modules and removed ProviderFactory (#450)
* refactor: Solid IdP DI
* refactor: IdP interaction handler DI
* refactor: IdP interaction waterfall
* refactor: Remove unnecessary legacy URL parse
* fix: Add legacy parse back in
* feat: adapter & fix: handlers
* Removed adapter factory
* fix: refactor IdP
* fix: refactor IdP
* fix: refactor IdP
* feat: Add IdP to file storage config
* fix: Unintended commit
* fix: Components ignore
* feat: Basic resource store adapter
* Partially complete idp routing
* Set up initial routing injection graph
* Clean up ResourceStorageAdapter
* Refactored configuration architecture
* Hooked up Login UIs (#518)
* feat: Use template path & run fileserver
* feat: Use util function to read resource
* Fixed DI JSON-LD context
* fixed rendering
* WebId validator
* Set up persistent storage for loing and register
* Fixed ejs template routing
* Refactored StorageAdapters
* NSS login successful
* Forgot password infrastructure
* Can send email (#557)
* Can send email
* fix: IdP crashes if interaction ID doesn't exist (#587)
* feat: Require an issuer registration token
* fix: Issuer registration token typo in error
* fix: Remove dummy IdP storage adapter
* fix: Remove unused library lodash
* fix: Remove unused library lru-cache
* Production ready keystore
* Ruben comments before clownface removal
* Removed clownface
* Change key value store
* Completed Ruben's comments
* Added comments to each class
* Fixed errors on login
* Ruben feedback
* Refactored out getPostRenderHandler
* Identity provider tests (#622)
* corrected tests lacking <void> on promises
* Added files for all idp tests
* Added unfinished tests for all added files
* ErrorHandlingWaterfallHandler
* RenderEjsHandler and RouterHandler tests
* GetPostRouterHandler and BasicOnErrorHandler tests
* Corrected tests for updates to Idp
* fix: missing export
* fix: audience claim
* Client Id Support (#630)
* Added client_id for the auth challenge
* Update src/identity/storage/ClientWebIdFetchingStorageAdapterFactory.ts
Co-authored-by: Matthieu Bosquet <matthieubosquet@gmail.com>
Co-authored-by: Matthieu Bosquet <matthieubosquet@gmail.com>
* fix: Rebase fixes
* Several minor Idp changes/refactors (#656)
* fix: Minor changes
* refactor: Split EmailPasswordInteractionPolicy
* refactor: Remove ErrorHandlingWaterfallHandler
* refactor: Clean up dependencies
* fix: Add dummy IdentityProviderHandler to fix integration tests
* Replace KeyValueStore with KeyValueStorage (#663)
* feat: Create WrappedExpiringStorage
* refactor: Update ResourceStoreEmailPasswordStore to use KeyValueStorage
* refactor: Update KeyGeneratingIdpConfigurationGenerator to use KeyValueStorage
* refactor: Update ResourceStoreStorageAdapterFactory to use ExpiringStorage
* refactor: Removed KeyValueStore
* refactor: Simplify EmailPassword handlers (#664)
* refactor: Order index.ts
* test: Add EmailPasswordForgotPasswordHandler unit tests
* test: Add EmailPasswordGetResetPasswordHandler unit tests
* test: Add EmailPasswordLoginHandler unit tests
* test: Add EmailPasswordRegistrationHandler unit tests
* test: Add EmailPasswordResetPasswordHandler unit tests
* test: Remove unnecessary test file
* feat: Basic instructions for using the IdP
* fix: IdP instructions and add example WebID
* fix: IdP registration copy
* fix: IdP instruction editorial
* Update README.md
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
* Update README.md
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
* test: Add KeyGeneratingIdpConfigurationGenerator unit tests
* test: Add KeyValueEmailPasswordStore unit tests
* test: Create IdP integration test
* test: Add EmailPasswordInteractionPolicy unit tests
* test: Add BasicIssuerReferenceWebIdOwnershipValidator unit tests
* test: Add ChooseInitialInteractionHandler unit tests
Also fixes the config warning.
* test: Add EjsTemplateRenderer unit tests
* test: Add EmailSender unit tests
* test: Add FormDataUtil unit tests
* test: Add IdpRouteController unit tests
* test: Add OidcInteractionCompleter unit tests
* refactor: Simplify ClientWebIdFetchingStorageAdapterFactory
* test: Add ClientWebIdFetchingStorageAdapterFactory unit tests
* refactor: Fix ejs html warnings
* test: Add step to test logging in again
Included are updates to handle cookies more correctly.
* feat: Add IdpConfirmHttpHandler
This way there's a handler for the confirm page.
* test: Add ExpiringStorageAdapterFactory unit tests
* test: Add IdentityProviderFactory unit tests
* test: Add IdentityProviderHttpHandler unit tests
* refactor: Minor refactors
* refactor: Use jose instead of node-jose
* refactor: Use jose instead of node-jose
Reduces the number of dependencies since other libraries
also depend on jose.
* Update src/identity/configuration/KeyGeneratingIdpConfigurationGenerator.ts
Co-authored-by: Matthieu Bosquet <matthieubosquet@gmail.com>
* refactor: Use interfaces instead of abstract classes
* refactor: Make WebIdOwnershipValidator an AsyncHandler
* refactor: Make TemplateRenderer an AsyncHandler
* fix: Fix typing issue
* fix: Convert JWK to plain object for node 15
* feat: Update CI configuration
--ignore-scripts was removed because it also stopped dependency scripts,
which was a requirement for bcrypt.
15.0 was removed since that version doesn't run the required scripts after install.
14.0 was removed since the somehow it caused the solid-authn client to do the wrong calls.
* test: Run integration tests on Node 14.2
This is the lowest 14.x version where the IdP integration tests succeed.
* feat: Use ErrorResponseWriter for handling oidc errors
* test: Mock Date in OidcInteractionCompleter tests
* fix: Correctly generate new identifiers
Previously there could be double slashes if the base URL ended in slash.
* fix: Correctly handle storagePathName in ExpiringStorageAdapterFactory
* fix: Fix issue with new CliRunner test in rebase
* fix: Handle unknown errors more consistently
* feat: Make idp parameter dynamic
* feat: Add more logging
* refactor: Link css instead of injecting
* fix: Fix redis integration tests with idp
* refactor: Shorten idp class names
* refactor: Remove e-mail configuration from default config
* feat: Store JsonResourceStorage data in a single container
* feat: Make sure expired data gets removed at some point
* feat: Only accept strings as keys in KeyValueStorage
* fix: Various minor fixes based on review
Co-authored-by: Matthieu Bosquet <matthieubosquet@gmail.com>
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
