Zwifi
The reason why the `Session#login` function returns a `Promise` is because logging in redirects the user away from the page: between the `login` and the `handleIncomingRedirect`, the context is lost...
Oh I see, I didn't realize this was about the Node behaviour. I'll see what can be done, but consider the following: 1. The user initiates login in the app,...
Ok I see what you mean now. We are considering making a split between a low-level and a high-level library, the low-level one giving a finer control to application developers...
This is now fixed by https://github.com/inrupt/solid-client-authn-js/commit/bd14278e0cc34b223f1e7b26cade8fc9fb73e833
I'll have to think twice about it, but I'm afraid running the app in an iframe could be hard to support, at least until we support popup-based login. In the...
If it were a use case, it would not work with the library as it is built at the moment for the reasons described (shortly) in this issue, so let's...
Actually, https://tools.ietf.org/html/rfc7519#section-4.1.4 registers `exp` as an optional 'interoperable' JWT claim. https://tools.ietf.org/html/draft-fett-oauth-dpop-04#section-4.1 being a subset of this RFC, I don't think the `exp` claim is actually incorrect on a DPoP header,...
It is indeed a bug that the DPoP header is expected to have a `exp` claim. When this bug is fixed on the IdP, we can merge #476.
Hi @zg009, thanks for giving this a go! You won't be able to run the end-to-end tests in CI, because a PR has to be opened by a repo owner...
Good point. The local storage is cleared on login/logout, so this would not really be an issue, but it would absolutely be cleaner to have this in the session storage.