Standalone Solid-OIDC Client Authorization #1880
Replies: 2 comments 2 replies
-
Hello, Currently CSS doesn't provide a UMA authorization server described in the flow you referenced. I know that there is work happening on #1154 |
Beta Was this translation helpful? Give feedback.
-
Authenticating a WebID using an access token happens in the DPoPWebIdExtractor, which then uses the access-token-verifier library to verify if the token can be used to prove that the client is allowed to identify as a specific WebID. If I understand correctly, what you want is to authenticate a WebID using a different kind of token. This would then require writing a new kind of |
Beta Was this translation helpful? Give feedback.
-
Hi :)
I'm interested in developing a server that can authenticate a user's webId, just like a solid pod does when a user requests an access-controlled resource. Obviously, I don't want to roll my own Solid-OIDC request flow and so I was hoping to use this project's implementation, but I'm struggling to get my head wrapped around the architecture of this project enough to pull out the piece I need.
Essentially, I want to add an authorization server component to my application. Clients that have already performed an Oauth2 flow and received a token from some external identity provider should be able to make a request to my authorization server that then validates that the client is indeed logged in with a particular webId. My authorization server gives the client a token that confirms this authorization which they can use to fetch and access-controlled resource from another endpoint on my server.
Can someone give me some pointers, please?
Thank you!
Theia
Beta Was this translation helpful? Give feedback.
All reactions