-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trying to sign in with https://crspybits.trinpod.us: Blank redirect screen #4
Comments
It seems pretty clear that the registration isn't working as intended. This is what I get back from https://solidcommunity.net:
|
But I should probably use https://trinpod.net as the issuer. However, that shows exactly the same blank screen and result:
|
I'm noticing that I'm using
|
I'm confused right now about where
However, https://solid.github.io/solid-oidc/primer/#authorization-code-pkce-flow-step-14 suggests to use a DPoP token. These seem conflicting statements. |
I made some changes and am having pretty good success with the broker.pod.inrupt.com issuer. See #3 (comment) However, these changes don't help with trinpod. I still get the same blank screen. Taking an example from https://connect2id.com/products/server/docs/guides/client-registration, I'm beginning to think that trinpod just doesn't support dynamic registration:
RESULT:
There is no client secret in the response as I'd expect. See also https://connect2id.com/products/server/docs/guides/client-registration |
I just tried this again. Getting the same result. 2021-10-16T20:26:56-0600 debug : JSONString: dict: [AnyHashable("grant_types"): ["refresh_token", "authorization_code"], AnyHashable("client_name"): "Neebla", AnyHashable("post_logout_redirect_uris"): ["biz.SpasticMuffin.Neebla.demo:/mypath"], AnyHashable("token_endpoint_auth_method"): "client_secret_basic", AnyHashable("application_type"): "native", AnyHashable("redirect_uris"): ["biz.SpasticMuffin.Neebla.demo:/mypath"], AnyHashable("response_types"): ["code"]] OIDRegistrationResponse |
Hey there @crspybits, happy new year. I've been experimenting with my own server and ran into this bug. I'm using the latest version of Community Solid Server. In my experimentation CSS is rejecting the client because the redirect_url is not "Secure". The particular error I am seeing in Debug is: If I prepend an https:// to my redirect URL it clears up the I'm still investigating but it appears that CSS, in a default state, is validating the redirect URL for security when id_token is included (which was the only token claim available in the default server I setup). I'm still getting familiar with AppAuth and reviewing your sample libraries, but it seems that we either need to add internal app urls to the validation in CSS somehow, or approach this a different way. (I'm currently reviewing how AppAuth handles the redirect url). If you have any thoughts please let me know! |
Your public Solid POD URL will be:
https://crspybits.trinpod.us
Your public Solid WebID will be:
https://crspybits.trinpod.us/i
I used https://crspybits.trinpod.us as the issuer.
My logs show:
The text was updated successfully, but these errors were encountered: