solid-community-client-simple 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f3179178af2f1aa377389010b0c70b3f5f3fbb5fd1d3f7e236eb5d1a51c14744
+  data.tar.gz: 6f0d2834a7ba126bca117223ebc6fda28b9ae752bc935cefa7ead948084e50eb
+SHA512:
+  metadata.gz: f4309001b3d49ebf7dc1124f15e59999160eb060b0af21991777520809918f2010f51d9d68109f19deb6cdaf5d0c54c4e9502fdc723c29c3cfc858b3a49928dd
+  data.tar.gz: 4f675efc01c2a5fb9c832c3053914abed55921c06499073400584856c3b28b83575644e6f480e660375b2ac92e29171d264a0eee39c79382301ecbf4c32f79bc

data/Gemfile

@@ -0,0 +1,36 @@
+# frozen_string_literal: false
+
+source 'https://rubygems.org'
+
+gemspec
+ruby '~> 3.0.6'
+gem 'debase', git: 'https://github.com/ruby-debug/debase.git', tag: 'v0.2.5.beta2'
+gem 'json', '~> 2.7.1'
+gem 'linkeddata', '~> 3.2.0'
+gem 'rake', '~> 13.0'
+gem 'rdf-raptor', '~> 3.1.0'
+gem 'require_all', '~> 3.0.0'
+gem 'rest-client', '~>2.1.0'
+gem 'xml-simple', '~>1.1.8'
+
+gem 'metainspector', '~> 5-11-2'
+
+gem 'base64', '~> 0.2.0'
+
+gem 'thin', '~> 1.8'
+
+gem 'tux', '~> 0.3.0'
+
+gem 'rubocop', '~> 1.62'
+
+gem 'bcrypt', '~> 3.1'
+
+gem 'tempfile', '~> 0.2.1'
+
+gem 'securerandom', '~> 0.3.1'
+
+gem 'rdf-vocab', '~> 3.3'
+
+gem 'openssl', '~> 3.2'
+
+gem 'activesupport', '7.0.3.1'

data/Gemfile.lock

@@ -0,0 +1,405 @@
+GIT
+  remote: https://github.com/ruby-debug/debase.git
+  revision: a90f2270351ae0f48370d60809ecd82d6110c85c
+  tag: v0.2.5.beta2
+  specs:
+    debase (0.2.5.beta2)
+      debase-ruby_core_source (>= 0.10.12)
+
+PATH
+  remote: .
+  specs:
+    solid-community-client-simple (1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (7.0.3.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    addressable (2.8.6)
+      public_suffix (>= 2.0.2, < 6.0)
+    ast (2.4.2)
+    base64 (0.2.0)
+    bcp47_spec (0.2.1)
+    bcrypt (3.1.20)
+    bond (0.5.1)
+    builder (3.2.4)
+    cgi (0.4.1)
+    concurrent-ruby (1.2.3)
+    connection_pool (2.4.1)
+    daemons (1.4.1)
+    debase-ruby_core_source (3.3.1)
+    diff-lcs (1.5.1)
+    domain_name (0.6.20240107)
+    dpop (0.1.3)
+      activesupport
+      jwt
+      openssl
+    ebnf (2.4.0)
+      htmlentities (~> 4.3)
+      rdf (~> 3.3)
+      scanf (~> 1.0)
+      sxp (~> 1.3)
+      unicode-types (~> 1.8)
+    eventmachine (1.2.7)
+    faraday (2.9.0)
+      faraday-net_http (>= 2.0, < 3.2)
+    faraday-cookie_jar (0.0.7)
+      faraday (>= 0.8.0)
+      http-cookie (~> 1.0.0)
+    faraday-encoding (0.0.5)
+      faraday
+    faraday-follow_redirects (0.3.0)
+      faraday (>= 1, < 3)
+    faraday-gzip (1.0.0)
+      faraday (>= 1.0)
+      zlib (~> 2.1)
+    faraday-http-cache (2.5.1)
+      faraday (>= 0.8)
+    faraday-net_http (3.1.0)
+      net-http
+    faraday-retry (2.2.0)
+      faraday (~> 2.0)
+    fastimage (2.3.1)
+    ffi (1.16.3)
+    fileutils (1.5.0)
+    haml (6.3.0)
+      temple (>= 0.8.2)
+      thor
+      tilt
+    hamster (3.0.0)
+      concurrent-ruby (~> 1.0)
+    htmlentities (4.3.4)
+    http-accept (1.7.0)
+    http-cookie (1.0.5)
+      domain_name (~> 0.5)
+    i18n (1.14.5)
+      concurrent-ruby (~> 1.0)
+    json (2.7.2)
+    json-canonicalization (1.0.0)
+    json-ld (3.3.1)
+      htmlentities (~> 4.3)
+      json-canonicalization (~> 1.0)
+      link_header (~> 0.0, >= 0.0.8)
+      multi_json (~> 1.15)
+      rack (>= 2.2, < 4)
+      rdf (~> 3.3)
+    json-ld-preloaded (3.3.0)
+      json-ld (~> 3.3)
+      rdf (~> 3.3)
+    jwt (2.8.2)
+      base64
+    language_server-protocol (3.17.0.3)
+    ld-patch (3.3.0)
+      ebnf (~> 2.4)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+      sparql (~> 3.3)
+      sxp (~> 1.3)
+    link_header (0.0.8)
+    linkeddata (3.2.2)
+      json-ld (~> 3.2, >= 3.2.5)
+      json-ld-preloaded (~> 3.2, >= 3.2.2)
+      ld-patch (~> 3.2, >= 3.2.2)
+      nokogiri (~> 1.13, >= 1.13.8)
+      rdf (~> 3.2, >= 3.2.1)
+      rdf-aggregate-repo (~> 3.2, >= 3.2.1)
+      rdf-hamster-repo (~> 3.2, >= 3.2.1)
+      rdf-isomorphic (~> 3.2, >= 3.2.1)
+      rdf-json (~> 3.2)
+      rdf-microdata (~> 3.2, >= 3.2.1)
+      rdf-n3 (~> 3.2, >= 3.2.1)
+      rdf-normalize (~> 0.6, >= 0.6.1)
+      rdf-ordered-repo (~> 3.2, >= 3.2.1)
+      rdf-rdfa (~> 3.2, >= 3.2.3)
+      rdf-rdfxml (~> 3.2, >= 3.2.2)
+      rdf-reasoner (~> 0.8)
+      rdf-tabular (~> 3.2, >= 3.2.1)
+      rdf-trig (~> 3.2)
+      rdf-trix (~> 3.2)
+      rdf-turtle (~> 3.2, >= 3.2.1)
+      rdf-vocab (~> 3.2, >= 3.2.7)
+      rdf-xsd (~> 3.2, >= 3.2.1)
+      shacl (~> 0.3)
+      shex (~> 0.7, >= 0.7.1)
+      sparql (~> 3.2, >= 3.2.6)
+      sparql-client (~> 3.2, >= 3.2.2)
+      yaml-ld (~> 0.0)
+    logger (1.6.0)
+    matrix (0.4.2)
+    metainspector (5.15.0)
+      addressable (~> 2.8.4)
+      faraday (~> 2.5)
+      faraday-cookie_jar (~> 0.0)
+      faraday-encoding (~> 0.0)
+      faraday-follow_redirects (~> 0.3)
+      faraday-gzip (>= 0.1, < 2.0)
+      faraday-http-cache (~> 2.5)
+      faraday-retry (~> 2.0)
+      fastimage (~> 2.2)
+      nesty (~> 1.0)
+      nokogiri (~> 1.13)
+    mime-types (3.5.2)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2024.0305)
+    minitest (5.24.1)
+    multi_json (1.15.0)
+    mustermann (2.0.2)
+      ruby2_keywords (~> 0.0.1)
+    nesty (1.0.2)
+    net-http (0.4.1)
+      uri
+    net-http-persistent (4.0.2)
+      connection_pool (~> 2.2)
+    netrc (0.11.0)
+    nokogiri (1.16.3-aarch64-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.3-arm-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.3-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.3-x86-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.3-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.3-x86_64-linux)
+      racc (~> 1.4)
+    openssl (3.2.0)
+    parallel (1.24.0)
+    parser (3.3.0.5)
+      ast (~> 2.4.1)
+      racc
+    psych (5.1.2)
+      stringio
+    public_suffix (5.0.5)
+    racc (1.7.3)
+    rack (2.2.9)
+    rack-protection (2.2.4)
+      rack
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rainbow (3.1.1)
+    rake (13.2.1)
+    rdf (3.3.1)
+      bcp47_spec (~> 0.2)
+      link_header (~> 0.0, >= 0.0.8)
+    rdf-aggregate-repo (3.3.0)
+      rdf (~> 3.3)
+    rdf-hamster-repo (3.3.0)
+      hamster (~> 3.0)
+      rdf (~> 3.3)
+    rdf-isomorphic (3.3.0)
+      rdf (~> 3.3)
+    rdf-json (3.3.0)
+      rdf (~> 3.3)
+    rdf-microdata (3.3.0)
+      htmlentities (~> 4.3)
+      nokogiri (~> 1.15, >= 1.15.4)
+      rdf (~> 3.3)
+      rdf-rdfa (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-n3 (3.3.0)
+      ebnf (~> 2.4)
+      rdf (~> 3.3)
+      sparql (~> 3.3)
+      sxp (~> 1.3)
+    rdf-normalize (0.7.0)
+      rdf (~> 3.3)
+    rdf-ordered-repo (3.3.0)
+      rdf (~> 3.3)
+    rdf-raptor (3.1.0)
+      ffi (~> 1.11)
+      rdf (~> 3.1)
+    rdf-rdfa (3.3.0)
+      haml (~> 6.1)
+      htmlentities (~> 4.3)
+      rdf (~> 3.3)
+      rdf-aggregate-repo (~> 3.3)
+      rdf-vocab (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-rdfxml (3.3.0)
+      builder (~> 3.2, >= 3.2.4)
+      htmlentities (~> 4.3)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-reasoner (0.9.0)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-tabular (3.3.0)
+      addressable (~> 2.8)
+      bcp47_spec (~> 0.2)
+      json-ld (~> 3.3)
+      rdf (~> 3.3)
+      rdf-vocab (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-trig (3.3.0)
+      ebnf (~> 2.4)
+      rdf (~> 3.3)
+      rdf-turtle (~> 3.3)
+    rdf-trix (3.3.0)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+    rdf-turtle (3.3.0)
+      ebnf (~> 2.4)
+      rdf (~> 3.3)
+    rdf-vocab (3.3.0)
+      rdf (~> 3.3)
+    rdf-xsd (3.3.0)
+      rdf (~> 3.3)
+      rexml (~> 3.2)
+    regexp_parser (2.9.0)
+    require_all (3.0.0)
+    rest-client (2.1.0)
+      http-accept (>= 1.7.0, < 2.0)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    rexml (3.2.6)
+    ripl (0.7.1)
+      bond (~> 0.5.1)
+    ripl-multi_line (0.3.1)
+      ripl (>= 0.3.6)
+    ripl-rack (0.2.1)
+      rack (>= 1.0)
+      rack-test (~> 0.6.2)
+      ripl (>= 0.7.0)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.1)
+    rubocop (1.62.1)
+      json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
+      parallel (~> 1.10)
+      parser (>= 3.3.0.2)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.31.2)
+      parser (>= 3.3.0.4)
+    ruby-progressbar (1.13.0)
+    ruby2_keywords (0.0.5)
+    scanf (1.0.0)
+    securerandom (0.3.1)
+    shacl (0.4.1)
+      json-ld (~> 3.3)
+      rdf (~> 3.3)
+      sparql (~> 3.3)
+      sxp (~> 1.2)
+    shex (0.8.0)
+      ebnf (~> 2.4)
+      htmlentities (~> 4.3)
+      json-ld (~> 3.3)
+      json-ld-preloaded (~> 3.3)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+      sparql (~> 3.3)
+      sxp (~> 1.3)
+    sinatra (2.2.4)
+      mustermann (~> 2.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.4)
+      tilt (~> 2.0)
+    sinatra-cross_origin (0.4.0)
+    sparql (3.3.0)
+      builder (~> 3.2, >= 3.2.4)
+      ebnf (~> 2.4)
+      logger (~> 1.5)
+      rdf (~> 3.3)
+      rdf-aggregate-repo (~> 3.3)
+      rdf-xsd (~> 3.3)
+      sparql-client (~> 3.3)
+      sxp (~> 1.3)
+    sparql-client (3.3.0)
+      net-http-persistent (~> 4.0, >= 4.0.2)
+      rdf (~> 3.3)
+    stringio (3.1.0)
+    swagger-blocks (3.0.0)
+    sxp (1.3.0)
+      matrix (~> 0.4)
+      rdf (~> 3.3)
+    tempfile (0.2.1)
+    temple (0.10.3)
+    thin (1.8.2)
+      daemons (~> 1.0, >= 1.0.9)
+      eventmachine (~> 1.0, >= 1.0.4)
+      rack (>= 1, < 3)
+    thor (1.3.1)
+    tilt (2.3.0)
+    tux (0.3.0)
+      ripl (>= 0.3.5)
+      ripl-multi_line (>= 0.2.4)
+      ripl-rack (>= 0.2.0)
+      sinatra (>= 1.2.1)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.5.0)
+    unicode-types (1.9.0)
+    uri (0.12.2)
+    xml-simple (1.1.9)
+      rexml
+    yaml-ld (0.0.3)
+      json-ld (~> 3.3)
+      psych (>= 3.3)
+      rdf (~> 3.3)
+      rdf-xsd (~> 3.3)
+    zlib (2.1.1)
+
+PLATFORMS
+  aarch64-linux
+  arm-linux
+  arm64-darwin
+  x86-linux
+  x86_64-darwin
+  x86_64-linux
+
+DEPENDENCIES
+  activesupport (= 7.0.3.1)
+  base64 (~> 0.2.0)
+  bcrypt (~> 3.1)
+  cgi (~> 0.4.1)
+  debase!
+  dpop (~> 0.1.3)
+  fileutils (~> 1.5.0)
+  json (~> 2.7.1)
+  linkeddata (~> 3.2.0)
+  metainspector (~> 5.pre.11.pre.2)
+  openssl (~> 3.2)
+  rake (~> 13.0)
+  rdf-raptor (~> 3.1.0)
+  rdf-vocab (~> 3.3)
+  require_all (~> 3.0.0)
+  rest-client (~> 2.1.0)
+  rspec (~> 3.11.0)
+  rubocop (~> 1.62)
+  securerandom (~> 0.3.1)
+  sinatra (~> 2.2)
+  sinatra-cross_origin
+  solid-community-client-simple!
+  swagger-blocks (~> 3.0.0)
+  tempfile (~> 0.2.1)
+  thin (~> 1.8)
+  tux (~> 0.3.0)
+  uri (~> 0.12.2)
+  xml-simple (~> 1.1.8)
+
+RUBY VERSION
+   ruby 3.0.6p216
+
+BUNDLED WITH
+   2.5.5

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Wilkinson Laboratory for Biological Informatics
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,10 @@
+# SOLID Client for Community Server
+
+Talk to SOLID Pods
+
+# This is not guaranteed to be useful for any purpose whatsoever
+
+If you want an idea of what's happening behind the scenes, have a look at this Gist:  
+https://gist.github.com/markwilkinson/c5e819ae08d3753b1ee63edb2a504401
+
+I will get around to documentation as soon as I can.  In the meantime, have a look at demo.rb for simple simple simple examples of how to use this gem.

data/demo.rb

@@ -0,0 +1,8 @@
+ require "./lib/solid.rb"
+#require "solid-community-client-simple"
+s = SOLID::CommunityClient.new(server: "http://localhost:3000/", username: "mark.wilkinson@upm.es", password: "markw")
+s.login
+at = s.get_current_access_token(webid: "http://localhost:3000/markw/profile/card#me", name: "codetest")
+dpop = s.prepare_dpop(url: "http://localhost:3000/markw/", method: "get")
+res = s.execute_with_proof(dpop: dpop, data: "", content_type: "text/turtle", current_access_token: at)
+puts res.body

data/lib/account.rb

@@ -0,0 +1,25 @@
+module SOLID
+  class Account
+    attr_accessor :json
+
+    def initialize(json:)
+      @json = json
+    end
+
+    def login_url
+      login = json['controls']['password']['login']
+      warn "login #{login}"
+      login
+    end
+
+    def credentials_url
+      json['controls']['account']['clientCredentials']
+    end
+
+    def webid_url
+      json['controls']['account']['webId']
+    end
+
+  end
+end
+

data/lib/config.rb

@@ -0,0 +1,16 @@
+module SOLID
+  class CommunityClientConfig
+
+    require 'base64'
+    require 'openssl'
+    require 'rest-client'
+    require 'json'
+    require 'jwt'
+    require 'securerandom'
+
+    require_relative './account'
+    require_relative './dpop'
+    require_relative './login'
+
+  end
+end

data/lib/dpop.rb

@@ -0,0 +1,42 @@
+module SOLID
+
+  class DPOP
+    attr_accessor :public_key, :private_key, :header, :current_payload, :method, :url, :proof
+
+    def initialize (public_key: nil, private_key: nil, method:, url:)
+      private_key ||= OpenSSL::PKey::RSA.generate 2048
+      public_key ||= private_key.public_key
+      @public_key = public_key
+      @private_key = private_key
+      @method = method
+      @url = url
+      
+      @header = {
+        alg: 'RS256',       # Signing algorithm
+        typ: 'dpop+jwt',    # Token type
+        jwk: {
+          kty: 'RSA',
+          e: Base64.urlsafe_encode64(public_key.e.to_s(2)), # see above for explanation
+          n: Base64.urlsafe_encode64(public_key.n.to_s(2))
+        }
+        }
+
+      @current_payload = {
+        htu: @url,  # Target URI
+        htm: @method.upcase,                          # HTTP method
+        jti: SecureRandom.uuid,               # Unique token ID
+        iat: Time.now.to_i                    # Issued at time
+      }
+    end
+
+    def get_proof
+      proof = JWT.encode(self.current_payload, self.private_key, 'RS256', self.header)  # PRIVATE key!!
+      warn "DPoP Proof: #{proof}"
+      @proof = proof
+      @proof
+    end
+
+
+  end
+end
+

data/lib/login.rb

@@ -0,0 +1,19 @@
+
+module SOLID
+  class Login
+    attr_accessor :json
+
+    def initialize(json:)
+      @json = json
+    end
+
+    def login_token
+      auth_token = json['authorization']
+      warn "auth_token #{auth_token}"
+      auth_token
+    end
+  end
+end
+
+
+

data/lib/solid-community-client-simple.rb

@@ -0,0 +1 @@
+require_relative "./solid.rb"

data/lib/solid.rb

@@ -0,0 +1,168 @@
+module SOLID
+  class CommunityClient
+    require_relative './config'
+
+    attr_accessor :username, :password, :server, :account_meta, :login_meta, :credentials_url, :webid_url, :webids,
+                  :css_account_token, :tokenid, :secret, :auth_string, :encoded_auth, :current_access_token
+
+    def initialize(server:, username: ENV['SOLIDUSER'], password: ENV['SOLIDPASSWORD'], webid: nil)
+      @username = username
+      @password = password
+      @server = server
+      abort "can't proceed without usernme password" unless @username && @password
+      @webid = webid
+    end
+
+    def login
+      account = server + '.account/'
+
+      resp = RestClient::Request.new({
+                                       method: :get,
+                                       url: account,
+                                       headers: { accept: 'application/json' }
+                                     }).execute
+
+      @account_meta = SOLID::Account.new(json: JSON.parse(resp.body))
+      login_url = account_meta.login_url
+
+      # I take my username and password from the environment
+      payload = { "email": username, "password": password }.to_json
+      resp = RestClient::Request.new({
+                                       method: :post,
+                                       url: login_url,
+                                       headers: {
+                                         content_type: 'application/json',
+                                         accept: 'application/json'
+                                       },
+                                       payload: payload
+                                     }).execute
+
+      @login_meta = SOLID::Login.new(json: JSON.parse(resp.body))
+      @css_account_token = login_meta.login_token
+
+      # with the authoization, the return message for the /.account GET call is richer
+      resp = RestClient::Request.new({
+                                       method: :get,
+                                       url: 'http://localhost:3000/.account/',
+                                       headers: {
+                                         accept: 'application/json',
+                                         authorization: "CSS-Account-Token #{css_account_token}"
+                                       }
+                                     }).execute
+
+      @account_meta = SOLID::Account.new(json: JSON.parse(resp.body))
+      @credentials_url = account_meta.credentials_url
+      @webid_url = account_meta.webid_url
+      true
+    end
+
+    def get_webids
+      resp = RestClient::Request.new({
+                                       method: :get,
+                                       url: webid_url,
+                                       headers: {
+                                         accept: 'application/json',
+                                         authorization: "CSS-Account-Token #{css_account_token}"
+                                       }
+                                     }).execute
+
+      j = JSON.parse(resp.body)
+      @webids = j['webIdLinks'].keys
+      webids
+    end
+
+    def create_access_token(webid:, name: 'my-token')
+      payload = { "name": name, "webId": webid }.to_json
+      warn "", "", credentials_url, css_account_token, payload, "", ""
+      resp = RestClient::Request.new({
+                                       method: :post,
+                                       url: credentials_url,
+                                       headers: { content_type: 'application/json', accept: 'application/json',
+                                                  authorization: "CSS-Account-Token #{css_account_token}" },
+                                       payload: payload
+                                     }).execute
+      # puts resp.body
+      j = JSON.parse(resp.body)
+      @tokenid = j['id'] # this is the ID that you see on the localhost:3000/yourpod Web page....
+      @secret = j['secret']
+      # concatenate tokenid and secret with a ":"
+      @auth_string = "#{tokenid}:#{secret}"
+
+      # BE CAREFUL!  Base64 encoders may add newline characters
+      # pick an encoding method that does NOT do this!
+      @encoded_auth = Base64.strict_encode64(auth_string)
+
+      # where do I get a token?
+      tokenurl = "#{server}.well-known/openid-configuration"
+      resp = RestClient.get(tokenurl)
+      j = JSON.parse(resp.body)
+      token_endpoint = j['token_endpoint']
+      warn "token endpoint #{token_endpoint}"
+
+      payload = 'grant_type=client_credentials&scope=webid'
+      resp = RestClient::Request.new({
+                                       method: :post,
+                                       url: token_endpoint,
+                                       headers: {
+                                         content_type: 'application/x-www-form-urlencoded',
+                                         accept: 'application/json',
+                                         authorization: "Basic #{encoded_auth}" # BASIC Auth
+                                         #  'dpop': proof
+                                       },
+                                       payload: payload
+                                     }).execute
+      # puts resp.body
+      j = JSON.parse(resp.body)
+      @current_access_token = j['access_token']
+    end
+
+    def get_current_access_token(webid:, name: "my-token")
+      create_access_token(webid: webid, name: name) unless current_access_token && !(current_access_token.empty?)
+
+      # by default, I find the community server to make tokens that last for 10 minutes
+      decoded_token = JWT.decode(current_access_token, nil, false)
+      # Access the payload (claims)
+      payload = decoded_token[0]
+      # Print the entire payload
+      puts "Token Payload: #{payload}"\
+      # Check the expiry time
+      if payload['exp']
+        expiry_time = Time.at(payload['exp'])
+        warn "Token Expiry Time: #{expiry_time} (#{expiry_time.utc})"
+        if (expiry_time - Time.now) < 30
+          puts "token will expire. Getting new one."
+          create_access_token(webid: webid, name: name)
+        else
+          puts "The access token is still valid."
+        end
+      else
+        puts "No expiration time (exp) claim found."
+      end
+      current_access_token
+    end
+
+    def prepare_dpop(url:, method:)
+      SOLID::DPOP.new(url: url, method: method)
+    end
+
+
+    def execute_with_proof(dpop:, data:, content_type:, current_access_token:)
+
+      req = RestClient::Request.new({
+                                 method: dpop.method.downcase.to_sym,  #   htm: 'POST',    
+                                 url: dpop.url, #  htu: 'http://localhost:3000/markw/'
+                                 headers: {
+                                  # "Link": "<http://www.w3.org/ns/ldp/BasicContainer>; rel='type'",
+                                  content_type: content_type, # if you're sending turtle
+                                  # content_type: 'application/json',
+                                  accept: 'text/turtle',
+                                  #  slug: "container8",  # I am allowed to select my preferred resource name
+                                   authorization: "Bearer #{current_access_token}", # Note switch to Bearer auth!
+                                   'DPoP': dpop.proof
+                                 },
+                                 payload: data
+                                })
+      req.execute
+    end
+  end
+end

data/lib/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module SOLID
+  module CommunityClient
+    VERSION = "0.0.2"
+  end
+end

data/test.rb

@@ -0,0 +1,280 @@
+# This is written in the Ruby language, but it tries to avoid using 
+# too many libraries that will obfuscate what is happening.  
+# The REST calls are explicit so you can see all of the required 
+# parameters at each point.  Nothing is assumed #(including your own WebID!) 
+# though of course, you will already know that.  
+# You will possibly also already have a token
+#
+# In this example, you are assumed to be running the Community Server
+# on port 3000 (e.g. via the docker image).  You have already created an account
+# your username and password are in the environemnt variables
+# ENV['SOLIDUSER'] and ENV['SOLIDPASS']
+
+require 'base64'
+require 'openssl'
+require 'rest-client'
+require 'json'
+require 'jwt'
+require 'securerandom'
+
+# get login address
+resp = RestClient::Request.new({
+                                 method: :get,
+                                 url: 'http://localhost:3000/.account/',
+                                 headers: { accept: 'application/json' }
+                               }).execute
+
+j = JSON.parse(resp.body)
+login = j['controls']['password']['login']
+warn "login #{login}"
+
+# I take my username and password from the environment
+payload = { "email": ENV['SOLIDUSER'].to_s, "password": ENV['SOLIDPASS'].to_s }.to_json
+resp = RestClient::Request.new({
+                                 method: :post,
+                                 url: login,
+                                 headers: { content_type: 'application/json', accept: 'application/json' },
+                                 payload: payload
+                               }).execute
+
+# puts resp.body
+
+# get the authorization token from response message
+j = JSON.parse(resp.body)
+auth_token = j['authorization']
+warn "auth_token #{auth_token}"
+
+# with the authoization, the return message for the /.account GET call is richer
+resp = RestClient::Request.new({
+                                 method: :get,
+                                 url: 'http://localhost:3000/.account/',
+                                 headers: { accept: 'application/json',
+                                            authorization: "CSS-Account-Token #{auth_token}" }
+                               }).execute
+# puts resp.body
+
+# get credentialsURL and WebID URL
+j = JSON.parse(resp.body)
+credurl = j['controls']['account']['clientCredentials']
+warn "credurl #{credurl}"
+webidurl = j['controls']['account']['webId']
+warn "webIdurl #{webidurl}"
+
+resp = RestClient::Request.new({
+                                 method: :get,
+                                 url: webidurl,
+                                 headers: { accept: 'application/json',
+                                            authorization: "CSS-Account-Token #{auth_token}" }
+                               }).execute
+# puts resp.body
+
+# get your WebID (I am selecting the first WebID in the possible list, because I have only one)
+j = JSON.parse(resp.body)
+webid = j['webIdLinks'].keys.first
+warn "webid #{webid}"
+
+# Prepare to create an access token. you can name it whatever you wish
+payload = { "name": 'my-token', "webId": "#{webid}" }.to_json
+resp = RestClient::Request.new({
+                                 method: :post,
+                                 url: credurl,
+                                 headers: { content_type: 'application/json', accept: 'application/json',
+                                            authorization: "CSS-Account-Token #{auth_token}" },
+                                 payload: payload
+                               }).execute
+# puts resp.body
+j = JSON.parse(resp.body)
+tokenid = j['id']  # this is the ID that you see on the localhost:3000/yourpod Web page....
+secret = j['secret']
+# concatenate tokenid and secret with a ":"
+authstring = "#{tokenid}:#{secret}"
+
+# BE CAREFUL!  Base64 encoders may add newline characters
+# pick an encoding method that does NOT do this!
+encoded_auth = Base64.strict_encode64(authstring)
+
+# where do I get a token?
+resp = RestClient.get('http://localhost:3000/.well-known/openid-configuration')
+j = JSON.parse(resp.body)
+token_endpoint = j['token_endpoint']
+warn "token endpoint #{token_endpoint}"
+
+# prepare to request an access token
+# note switch to "Basic" auth
+payload = 'grant_type=client_credentials&scope=webid'
+resp = RestClient::Request.new({
+                                 method: :post,
+                                 url: token_endpoint,
+                                 headers: {
+                                   content_type: 'application/x-www-form-urlencoded',
+                                   accept: 'application/json',
+                                   authorization: "Basic #{encoded_auth}",  # BASIC Auth
+                                  #  'dpop': proof
+                                 },
+                                 payload: payload
+                               }).execute
+# puts resp.body
+j = JSON.parse(resp.body)
+access_token = j['access_token']
+warn "access_token #{access_token}"
+
+
+############################  BEGIN DPOP   #################################################################
+
+private_key = OpenSSL::PKey::RSA.generate 2048
+  
+# this is what you are creating here...
+# warn private_key.to_s
+# -----BEGIN RSA PRIVATE KEY-----
+# MIIEpgIBAAKCAQEA3Tef264buPI0FjIOnb4MxYLJn+E0C57MXzLT7A6C+D04/YSR
+# +nmiqAls+5PS7po0oYggLQ9HXAKvduE2f6PDGp0pjMWkmJKE8xQ9Jx6Ue1FzClSt
+# vVzcvN6+GjVYk64DqeVWm5N4eBHTgoFkYLBq1tUyfjo6iNUU0gBLfDfBYejVqH5f
+# ...
+# zfjMIvzM439RqE5jTOQYI0mFv1tumwFiIEZfcm2oh9CPeDoXB26WlSbe
+# -----END RSA PRIVATE KEY-----
+
+public_key = private_key.public_key
+
+# warn public_key.to_s
+# -----BEGIN PUBLIC KEY-----
+# MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RCfc+IdrVBNTnmO7gla
+# LhitaX0Ikahyt4+wDk+c3nClhUiRB+oR9M0ga+2gZ8oqkMAul1D18EegaHS0lx7t
+# ...
+# HwIDAQAB
+# -----END PUBLIC KEY-----
+
+
+# two things are happening in the next section:
+# The public key needs to be represented in bigendian base 2
+# it then needs to be URL-base64 encoded
+# You have to figure out how to make your code do this!
+# Note that you are using the PUBLIC KEY here!!!!
+warn "key e" , Base64.urlsafe_encode64(public_key.e.to_s(2)) # AQAB
+warn "key n", Base64.urlsafe_encode64(public_key.n.to_s(2)) # wPIlffH...h61J3w==
+
+# the final result is like this:
+# "jwk": {
+#   "kty": "RSA",
+#   "e": "AQAB",
+#   "n": "wPIlffH...h61J3w=="
+# }
+
+# DPoP Header
+header = {
+alg: 'RS256',       # Signing algorithm
+typ: 'dpop+jwt',    # Token type
+jwk: {
+  kty: 'RSA',
+  e: Base64.urlsafe_encode64(public_key.e.to_s(2)), # see above for explanation
+  n: Base64.urlsafe_encode64(public_key.n.to_s(2))
+}
+}
+
+
+# Create DPoP Payload
+# you need to do this FOR EVERY CALL!
+# what is the URL you will call, and with what HTTP method
+# then you get a "proof" for that call, and you can execute it.
+payload = {
+  htu: 'http://localhost:3000/markw/container8/',  # Target URI
+  htm: 'POST',                          # HTTP method
+  jti: SecureRandom.uuid,               # Unique token ID
+  iat: Time.now.to_i                    # Issued at time
+}
+
+# Generate the DPoP proof
+proof = JWT.encode(payload, private_key, 'RS256', header)  # PRIVATE key!!
+
+puts "DPoP Proof: #{proof}"
+puts "Access Token: #{access_token}"
+
+
+# JUST FYI - you can inspect the token, especially to see if it is still valid
+# by default, I find the community server to make tokens that last for 10 minutes
+# decoded_token = JWT.decode(access_token, nil, false)
+# # Access the payload (claims)
+# payload = decoded_token[0]
+# # Print the entire payload
+# puts "Token Payload: #{payload}"\
+# # Check the expiry time
+# if payload['exp']
+#   expiry_time = Time.at(payload['exp'])
+#   puts "Token Expiry Time: #{expiry_time} (#{expiry_time.utc})"
+#   if expiry_time < Time.now
+#     puts "The access token has expired."
+#   else
+#     puts "The access token is still valid."
+#   end
+# else
+#   puts "No expiration time (exp) claim found."
+# end
+# # Check the scope
+# if payload['scope']
+#   scopes = payload['scope'].split(' ')
+#   puts "Token Scopes: #{scopes.join(', ')}"
+# else
+#   puts "No scope claim found."
+# end
+
+
+# Data to be posted to the Solid POD
+# data = {
+#   name: 'Mark',
+#   age: 30,
+#   occupation: 'Software Developer'
+# }
+
+# json_data = data.to_json
+
+
+data = "@prefix ldp: <http://www.w3.org/ns/ldp#>. <> a ldp:Container, ldp:BasicContainer ."
+
+# this request matches my proof:
+# it is to the same URL using the same HTTP Method
+
+req = RestClient::Request.new({
+                                 method: :put,  #   htm: 'POST',    
+                                 url: 'http://localhost:3000/markw/container8/', #  htu: 'http://localhost:3000/markw/'
+                                 headers: {
+                                  "Link": "<http://www.w3.org/ns/ldp/BasicContainer>; rel='type'",
+                                  content_type: 'text/turtle', # if you're sending turtle
+                                  # content_type: 'application/json',
+                                  accept: 'text/turtle',
+                                  #  slug: "container8",  # I am allowed to select my preferred resource name
+                                   authorization: "Bearer #{access_token}", # Note switch to Bearer auth!
+                                   'DPoP': proof
+                                 },
+                                 payload: data
+                                })
+_resp = req.execute
+
+payload = {
+  htu: 'http://localhost:3000/markw/container8/',  # Target URI
+  htm: 'GET',                          # HTTP method
+  jti: SecureRandom.uuid,               # Unique token ID
+  iat: Time.now.to_i                    # Issued at time
+}
+
+# Generate the DPoP proof
+proof = JWT.encode(payload, private_key, 'RS256', header)  # PRIVATE key!!
+
+req = RestClient::Request.new({
+                                 method: :get,  
+                                 url: 'http://localhost:3000/markw/container8/', #  htu: 'http://localhost:3000/markw/'
+                                 headers: {
+                                  content_type: 'text/turtle', # if you're sending turtle
+                                  # content_type: 'application/json',
+                                  accept: 'text/turtle',
+                                   authorization: "Bearer #{access_token}", # Note switch to Bearer auth!
+                                   'DPoP': proof
+                                 },
+                                 payload: data
+                                })
+resp = req.execute
+puts resp.inspect
+puts resp.headers
+puts resp.body
+
+
+
+

metadata

@@ -0,0 +1,65 @@
+--- !ruby/object:Gem::Specification
+name: solid-community-client-simple
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Mark Wilkinson
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2024-08-13 00:00:00.000000000 Z
+dependencies: []
+description: A simple client to interact with the SOLID Community Server.  NOTA BENE
+  - this is NOT a fully functional SOLID client. It does only what I need it to do
+  for a specific project.  It may or may not be useful to anyone else.  It is badly
+  documented (if at all!). It has only been tested against the Docker version of the
+  Solid Community Server runnign on localhost.  Don't blame me if it doesn't work
+  for you.  Enough said?
+email:
+- mark.wilkinson@upm.es
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- demo.rb
+- lib/account.rb
+- lib/config.rb
+- lib/dpop.rb
+- lib/login.rb
+- lib/solid-community-client-simple.rb
+- lib/solid.rb
+- lib/version.rb
+- test.rb
+homepage: https://github.com/markwilkinson/solid-community-client-simple
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/markwilkinson/solid-community-client-simple
+  source_code_uri: https://github.com/markwilkinson/solid-community-client-simple
+  changelog_uri: https://github.com/markwilkinson/solid-community-client-simple/blob/master/CHANGELOG.md
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.6
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.33
+signing_key: 
+specification_version: 4
+summary: A simple client to interact with the SOLID Community Server.
+test_files: []