solidos icon indicating copy to clipboard operation
solidos copied to clipboard
verified publisher icon SolidOS

Login with google without having a pod

Open bourgeoa opened this issue 11 months ago • 3 comments

@timbl @thhck

demo https://sso-client.liquid.surf/ expose the idea to login without having a full pod but a limited one That could be used to log in other pods, store some keys and participate for example on solid chats

bourgeoa avatar Mar 29 '25 10:03 bourgeoa

That could be used to log in other pods, store some keys and participate for example on solid chats

I'm not entirely sure I understand that part, but the idea is:

The idea is to create an app-specific, limited Pod[^1] so that non-Solid users can also consume the Solid app. Later, if these users decide to become full Solid users by creating a Pod with a dedicated provider, they can easily migrate their data from the app-specific Pod[^1] to their personal datastore.

[^1]: Maybe Pod is not the right word then, and they should be call Asod (App-Specific Online Datastore ) in this context.

thhck avatar Mar 30 '25 19:03 thhck

@thhck I propose that we implement an SSO-client in mashlib databrowser as a demonstrator.

  • There is a databrowser app for mashlib : browse.html that can be called from any pod with server running mashlib like PIVOT or form gitub.io
    • https://solidos.github.io/mashlib/browse.html
    • example from root but also from any pod https://solidcommunity.net/browse.html
  • browse.html uses https://github.com/SolidOS/mashlib/blob/656fb3b81e7b9bfed59c3e9efd2c59947789b92c/static/browse.html#L56 which is https://github.com/SolidOS/solid-ui/blob/74e80203d82814ad1aa0fd4ac4674b22655d94ce/src/login/login.ts#L607

We could implement a new function ssoLoginStatusBox()

  • we could have a new browse.html that uses this new function --> browse-with-sso.html (?)
  • https://sso-server.liquid.surf/browse-with-sso.html or any CSS server with the sso component with this we can login with Google (without having a pod) browse on all solid pods --> a pod with a solid chat for example https://solidos.solidcommunity.net/Team/SolidOs%20team%20chat/

What do you think ?

bourgeoa avatar Apr 01 '25 17:04 bourgeoa

@bourgeoa , I have no knowledge on solidos and therefore I'll consider this task out of scope for my skills. But it should work as a classic solid-oidc flow, except that you need to spoof the authorization code endpoint from .oidc/auth to .auth/github/login or .auth/google/login

see:

https://github.com/Liquid-Surf/css-direct-sso-auth/blob/87d6119e213e2fffb1daefcbc9c5cdc4da1d6efd/client/src/solid.js#L109-L137

thhck avatar Apr 02 '25 12:04 thhck