replace Inrupt by Uvdsl OIDC client

Author: bourgeoa

jest.config.mjs

@@ -11,6 +11,9 @@ export default {
   transform: {
     '^.+\\.[tj]sx?$': ['babel-jest', { configFile: './babel.config.mjs' }],
   },
+  moduleNameMapper: {
+    '^@uvdsl/solid-oidc-client-browser$': '<rootDir>/test/mocks/solid-oidc-client-browser.ts',
+  },
   setupFilesAfterEnv: ['./test/helpers/setup.ts'],
   testMatch: ['**/__tests__/**/*.ts?(x)', '**/?(*.)+(spec|test).ts?(x)'],
   roots: ['<rootDir>/src', '<rootDir>/test'],

package-lock.json

@@ -72,7 +72,7 @@
     "webpack-cli": "^7.0.2"
   },
   "dependencies": {
-    "@inrupt/solid-client-authn-browser": "^4.0.0",
+    "@uvdsl/solid-oidc-client-browser": "^0.2.2",
     "solid-namespace": "^0.5.4"
   },
   "peerDependencies": {

package.json

@@ -1,7 +1,54 @@
 import {
   Session,
-} from '@inrupt/solid-client-authn-browser'
+} from '@uvdsl/solid-oidc-client-browser'
 
-export const authSession = new Session()
+type LegacyEventName = 'login' | 'logout' | 'sessionRestore'
+type LegacyEventHandler = (...args: unknown[]) => void
+
+/**
+ * Minimal EventEmitter-style shim so that existing consumers using
+ * `authSession.events.on('login' | 'logout' | 'sessionRestore', handler)`
+ * continue working without modification.
+ *
+ * Events are emitted by SolidAuthnLogic.checkUser() (login/sessionRestore)
+ * and by the sessionStateChange listener below (logout).
+ */
+export class SessionEvents {
+  private readonly listeners: Map<string, Set<LegacyEventHandler>> = new Map()
+
+  on (event: LegacyEventName, handler: LegacyEventHandler): void {
+    if (!this.listeners.has(event)) this.listeners.set(event, new Set())
+    this.listeners.get(event)!.add(handler)
+  }
+
+  off (event: LegacyEventName, handler: LegacyEventHandler): void {
+    this.listeners.get(event)?.delete(handler)
+  }
+
+  emit (event: LegacyEventName, ...args: unknown[]): void {
+    this.listeners.get(event)?.forEach(h => h(...args))
+  }
+}
+
+export type SessionWithLegacyEvents = Session & { events: SessionEvents }
+
+const _session = new Session()
+const events = new SessionEvents()
+
+// Emit the legacy 'logout' event when the session transitions from active to inactive.
+// 'login' and 'sessionRestore' are emitted in SolidAuthnLogic.checkUser()
+// because only that call site knows which path activated the session.
+let _wasActive = false
+if (typeof (_session as unknown as EventTarget).addEventListener === 'function') {
+  ;(_session as unknown as EventTarget).addEventListener('sessionStateChange', () => {
+    const isNowActive = (_session as any).isActive ?? Boolean((_session as any).webId)
+    if (_wasActive && !isNowActive) {
+      events.emit('logout')
+    }
+    _wasActive = isNowActive
+  })
+}
+
+export const authSession: SessionWithLegacyEvents = Object.assign(_session, { events })
 
 

src/authSession/authSession.ts

@@ -1,26 +1,29 @@
 import { namedNode, NamedNode, sym } from 'rdflib'
 import { appContext, offlineTestID } from './authUtil'
 import * as debug from '../util/debug'
-import { EVENTS, Session } from '@inrupt/solid-client-authn-browser'
+import { SessionWithLegacyEvents } from '../authSession/authSession'
 import { AuthenticationContext, AuthnLogic } from '../types'
 
 export class SolidAuthnLogic implements AuthnLogic {
-  private session: Session
+  private session: SessionWithLegacyEvents
 
-  constructor(solidAuthSession: Session) {
+  constructor(solidAuthSession: SessionWithLegacyEvents) {
     this.session = solidAuthSession
   }
 
   // we created authSession getter because we want to access it as authn.authSession externally
-  get authSession():Session { return this.session }
+  get authSession(): SessionWithLegacyEvents { return this.session }
 
   currentUser(): NamedNode | null {
     const app = appContext()
     if (app.viewingNoAuthPage) {
       return sym(app.webId)
     }
-    if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) {
-      return sym(this.session.info.webId)
+    const sessionAny = this.session as any
+    const webId = sessionAny?.info?.webId || sessionAny?.webId
+    const isLoggedIn = sessionAny?.info?.isLoggedIn ?? sessionAny?.isActive ?? Boolean(webId)
+    if (this && this.session && webId && isLoggedIn) {
+      return sym(webId)
     }
     return offlineTestID() // null unless testing
   }
@@ -40,21 +43,51 @@ export class SolidAuthnLogic implements AuthnLogic {
     if (preLoginRedirectHash) {
       window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash)
     }
-    this.session.events.on(EVENTS.SESSION_RESTORED, (url) => {
-      debug.log(`Session restored to ${url}`)
-      if (document.location.toString() !== url) history.replaceState(null, '', url)
-    })
+    const sessionAny = this.session as any
+    if (typeof sessionAny?.events?.on === 'function') {
+      // Backward-compatible hook for auth clients exposing an EventEmitter-style API.
+      sessionAny.events.on('sessionRestore', (url: string) => {
+        debug.log(`Session restored to ${url}`)
+        if (document.location.toString() !== url) history.replaceState(null, '', url)
+      })
+    }
 
     /**
      * Handle a successful authentication redirect
      */
     const redirectUrl = new URL(window.location.href)
     redirectUrl.hash = ''
-    await this.session
-      .handleIncomingRedirect({
+    if (typeof sessionAny?.handleIncomingRedirect === 'function') {
+      await sessionAny.handleIncomingRedirect({
         restorePreviousSession: true,
         url: redirectUrl.href
       })
+    } else {
+      if (typeof sessionAny?.restore === 'function') {
+        const wasActive = sessionAny?.isActive ?? Boolean(sessionAny?.webId)
+        try {
+          await sessionAny.restore()
+        } catch (error) {
+          const message = error instanceof Error ? error.message : String(error)
+          if (!/no session to restore/i.test(message)) {
+            throw error
+          }
+          debug.log('No previous session to restore')
+        }
+        const isNowActive = sessionAny?.isActive ?? Boolean(sessionAny?.webId)
+        if (!wasActive && isNowActive) {
+          sessionAny.events?.emit('sessionRestore', window.location.href)
+        }
+      }
+      if (typeof sessionAny?.handleRedirectFromLogin === 'function') {
+        const wasActive = sessionAny?.isActive ?? Boolean(sessionAny?.webId)
+        await sessionAny.handleRedirectFromLogin()
+        const isNowActive = sessionAny?.isActive ?? Boolean(sessionAny?.webId)
+        if (!wasActive && isNowActive) {
+          sessionAny.events?.emit('login')
+        }
+      }
+    }
 
     // Check to see if a hash was stored in local storage
     const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash')
@@ -81,7 +114,7 @@ export class SolidAuthnLogic implements AuthnLogic {
       return Promise.resolve(setUserCallback ? setUserCallback(me) : me)
     }
 
-    const webId = this.webIdFromSession(this.session.info)
+    const webId = this.webIdFromSession(sessionAny?.info || sessionAny)
     if (webId) {
       me = this.saveUser(webId)
     }
@@ -119,8 +152,17 @@ export class SolidAuthnLogic implements AuthnLogic {
   /**
    * @returns {Promise<string|null>} Resolves with WebID URI or null
    */
-  webIdFromSession (session?: { webId?: string, isLoggedIn: boolean }): string | null {
-    const webId = session?.webId && session.isLoggedIn ? session.webId : null
+  webIdFromSession (session?: { webId?: string, isLoggedIn?: boolean, isActive?: boolean }): string | null {
+    const webId = session?.webId
+    if (!webId) {
+      return null
+    }
+    if (typeof session?.isLoggedIn === 'boolean') {
+      return session.isLoggedIn ? webId : null
+    }
+    if (typeof session?.isActive === 'boolean') {
+      return session.isActive ? webId : null
+    }
     return webId
   }
 

src/authn/SolidAuthnLogic.ts

@@ -1,8 +1,8 @@
-import { Session } from '@inrupt/solid-client-authn-browser'
 import * as rdf from 'rdflib'
 import { LiveStore, NamedNode, Statement } from 'rdflib'
 import { createAclLogic } from '../acl/aclLogic'
 import { SolidAuthnLogic } from '../authn/SolidAuthnLogic'
+import { SessionWithLegacyEvents } from '../authSession/authSession'
 import { createChatLogic } from '../chat/chatLogic'
 import { createInboxLogic } from '../inbox/inboxLogic'
 import { createProfileLogic } from '../profile/profileLogic'
@@ -17,7 +17,7 @@ import * as debug from '../util/debug'
 ** into a `ConnectedStore` or a `LiveStore`.  A Fetcher object is
 ** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`,
 */
-export function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: Session): SolidLogic {
+export function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: SessionWithLegacyEvents): SolidLogic {
 
     debug.log('SolidLogic: Unique instance created.  There should only be one of these.')
     const store: LiveStore = rdf.graph() as LiveStore

src/logic/solidLogic.ts

@@ -5,9 +5,17 @@ import { SolidLogic } from '../types'
 
 const _fetch = async (url, requestInit) => {
     const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'
-    if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114
+    const sessionAny = authSession as any
+    const sessionWebId = sessionAny?.info?.webId || sessionAny?.webId
+    if (sessionWebId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114
         // In fact fetch should respect credentials omit itself
-        return authSession.fetch(url, requestInit)
+        const authenticatedFetch = (typeof sessionAny.fetch === 'function')
+            ? sessionAny.fetch.bind(sessionAny)
+            : (typeof sessionAny.authFetch === 'function' ? sessionAny.authFetch.bind(sessionAny) : null)
+        if (authenticatedFetch) {
+            return authenticatedFetch(url, requestInit)
+        }
+        return window.fetch(url, requestInit)
     } else {
         return window.fetch(url, requestInit)
     }

src/logic/solidLogicSingleton.ts

@@ -1,4 +1,4 @@
-import { Session } from '@inrupt/solid-client-authn-browser'
+import { SessionWithLegacyEvents } from './authSession/authSession'
 import { LiveStore, NamedNode, Statement } from 'rdflib'
 
 export type AppDetails = {
@@ -21,7 +21,7 @@ export type AuthenticationContext = {
 }
 
 export interface AuthnLogic {
-    authSession: Session //this needs to be deprecated in the future. Is only here to allow imports like panes.UI.authn.authSession prior to moving authn from ui to logic
+    authSession: SessionWithLegacyEvents //this needs to be deprecated in the future. Is only here to allow imports like panes.UI.authn.authSession prior to moving authn from ui to logic
     currentUser: () => NamedNode | null
     checkUser: <T>(setUserCallback?: (me: NamedNode | null) => T) => Promise<NamedNode | T | null>
     saveUser: (webId: NamedNode | string | null,