Upgrade dependencies and migrate Solid auth to @uvdsl/solid-oidc-client-browser#27
Open
m5x5 wants to merge 6 commits into
Open
Upgrade dependencies and migrate Solid auth to @uvdsl/solid-oidc-client-browser#27m5x5 wants to merge 6 commits into
m5x5 wants to merge 6 commits into
Conversation
Replace Inrupt's @inrupt/solid-client-authn-browser (shipped as a prebuilt global bundle in lib/) with the npm-managed @uvdsl/solid-oidc-client-browser. - js/index.js: use the uvdsl `Session` API (handleRedirectFromLogin/restore/login/isActive/webId/authFetch) in place of the `solidClientAuthentication` global; restore() rejects on a fresh visit, so it is wrapped to fall through to the login form. - index.html: drop the <script> tag for the removed bundle. - Remove lib/solid-client-authn.bundle.js (now bundled via webpack). - Upgrade build tooling and dependencies to latest: webpack 5.107, webpack-cli 7, webpack-dev-server 5, Babel 7.29, node-polyfill-webpack-plugin 4, jsonld 9, rdf-parse 5, readable-web-to-node-stream 5, dayjs, calendar-link. - webpack: emit assets with stable names (assetModuleFilename) so the Solid-OIDC refresh worker can be gitignored like the other build artifacts. - Update README, CHANGELOG and .gitignore accordingly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
rdf-parse v5 dropped its default export; the parser is now the named export `rdfParser`. The default import resolved to undefined, causing "Cannot read properties of undefined (reading 'parse')" in getRDFasJson. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
rdf-parse v5 uses a strict, RDF 1.1-compliant N3 parser for Turtle/TriG that aborts the whole document on quirks the old lenient parser tolerated (e.g. an rdf:langString literal written with an explicit ^^ datatype instead of a language tag, as emitted by some pods). Request JSON-LD with the highest priority so the more forgiving JSON-LD parser is used, falling back to the other serialisations. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- findAndShowSlots: show a friendly message when no participant is selected instead of crashing on undefined slots. - findSlots: guard against WebIDs absent from the participant list (e.g. 'Show only my slots' uses the logged-in user's WebID, which is not listed unless they are also an employee) rather than reading availabilityCalendar of undefined. - showSlots: treat undefined/empty slots as 'no slots'. - getParticipantViaAvailabilityCalendarUrl: tolerate participants without an availabilityCalendar (invalid/unfetched entries) via optional chaining. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Fetching participant WebIDs cross-origin from a browser frequently fails (CORS/network), and the app re-tried every failing URL on every load. Now: - Failed fetches are remembered in localStorage (1-day expiry) and skipped on subsequent loads, so the participant list resolves much faster and the console is no longer flooded with repeated 'Failed to fetch' errors. - Each cached-unreachable participant gets a 'Try again' button that clears the cache entry and re-fetches just that WebID, re-rendering it into the valid or invalid list based on the outcome. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
A non-200 response (e.g. 401/403 for an availability calendar protected by ACL) was surfaced by dumping the server's raw RDF/JSON-LD error document as the error message. Now getRDFasJson throws a concise 'HTTP <status> (<Error>)' error carrying the status code, and downloadAvailabilityCalendar maps 401/403 to readable 'Not authorized'/'Forbidden' messages. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR upgrades the project's build tooling and dependencies to their latest versions and replaces Inrupt's Solid authentication with the actively-maintained
@uvdsl/solid-oidc-client-browser.Auth migration (Inrupt → uvdsl)
Previously, auth was provided by
@inrupt/solid-client-authn-browser, shipped as a prebuilt global bundle (lib/solid-client-authn.bundle.js) and consumed via asolidClientAuthenticationglobal. This is replaced with the npm-managed@uvdsl/solid-oidc-client-browser, bundled through webpack like every other dependency.API mapping in
js/index.js:solidClientAuthentication.fetchsession.authFetchhandleIncomingRedirect({ restorePreviousSession: true })session.handleRedirectFromLogin()/session.restore()getDefaultSession().info.isLoggedInsession.isActivegetDefaultSession().info.webIdsession.webIdlogin({ oidcIssuer, redirectUrl, clientName })session.login(oidcIssuer, redirectUrl)session.restore()rejects when there is no session to restore (e.g. a first visit), so it is wrapped in atry/catchthat falls through to the login form.lib/solid-client-authn.bundle.jsand its<script>tag inindex.html.Dependency upgrades
Build config
webpack.config.js: setassetModuleFilenameso the emitted Solid-OIDC refresh worker gets a stable filename (RefreshWorker.js) and can be gitignored like the other build artifacts..gitignore,README.md, andCHANGELOG.md.Testing
npx webpackbuilds successfully (only the pre-existing bundle-size warnings).restore()resolves gracefully with no session, and the WebID login form is shown with no uncaught errors in the console.🤖 Generated with Claude Code