@fleetbase/solid-engine 0.0.2

package/package.json

@@ -0,0 +1,134 @@
+{
+    "name": "@fleetbase/solid-engine",
+    "version": "0.0.2",
+    "description": "Solid Protocol Extension to Store and Share Data with Fleetbase",
+    "fleetbase": {
+        "route": "solid-protocol"
+    },
+    "keywords": [
+        "fleetbase-extension",
+        "solid",
+        "solid-protocol",
+        "decentralized",
+        "decentralized-data",
+        "fleetbase",
+        "fleetbase-pod",
+        "rdf",
+        "linked-data",
+        "ember-addon",
+        "ember-engine"
+    ],
+    "repository": "https://github.com/fleetbase/solid",
+    "license": "MIT",
+    "author": "Fleetbase Pte Ltd <hello@fleetbase.io>",
+    "directories": {
+        "app": "app",
+        "addon": "addon",
+        "tests": "tests"
+    },
+    "scripts": {
+        "build": "ember build --environment=production",
+        "lint": "concurrently \"npm:lint:*(!fix)\" --names \"lint:\"",
+        "lint:css": "stylelint \"**/*.css\"",
+        "lint:css:fix": "concurrently \"npm:lint:css -- --fix\"",
+        "lint:fix": "concurrently \"npm:lint:*:fix\" --names \"fix:\"",
+        "lint:hbs": "ember-template-lint .",
+        "lint:hbs:fix": "ember-template-lint . --fix",
+        "lint:js": "eslint . --cache",
+        "lint:js:fix": "eslint . --fix",
+        "start": "ember serve",
+        "test": "concurrently \"npm:lint\" \"npm:test:*\" --names \"lint,test:\"",
+        "test:ember": "ember test",
+        "test:ember-compatibility": "ember try:each",
+        "publish:npm": "npm config set registry https://registry.npmjs.org/ && npm publish",
+        "publish:github": "npm config set '@fleetbase:registry' https://npm.pkg.github.com/ && npm publish"
+    },
+    "dependencies": {
+        "@babel/core": "^7.23.2",
+        "@fleetbase/ember-core": "^0.2.8",
+        "@fleetbase/ember-ui": "^0.2.12",
+        "@fleetbase/fleetops-data": "^0.1.14",
+        "@fortawesome/ember-fontawesome": "^0.4.1",
+        "@fortawesome/fontawesome-svg-core": "^6.4.0",
+        "@fortawesome/free-solid-svg-icons": "^6.4.0",
+        "broccoli-funnel": "^3.0.8",
+        "ember-cli-babel": "^8.2.0",
+        "ember-cli-htmlbars": "^6.3.0",
+        "ember-intl": "6.3.2",
+        "ember-radio-button": "^3.0.0-beta.1",
+        "ember-wormhole": "^0.6.0"
+    },
+    "devDependencies": {
+        "@babel/eslint-parser": "^7.22.15",
+        "@babel/plugin-proposal-decorators": "^7.23.2",
+        "@ember/optional-features": "^2.0.0",
+        "@ember/test-helpers": "^3.2.0",
+        "@embroider/test-setup": "^3.0.2",
+        "@glimmer/component": "^1.1.2",
+        "@glimmer/tracking": "^1.1.2",
+        "broccoli-asset-rev": "^3.0.0",
+        "concurrently": "^8.2.2",
+        "ember-auto-import": "^2.6.3",
+        "ember-cli": "~5.4.1",
+        "ember-cli-clean-css": "^3.0.0",
+        "ember-cli-dependency-checker": "^3.3.2",
+        "ember-cli-inject-live-reload": "^2.1.0",
+        "ember-cli-sri": "^2.1.1",
+        "ember-cli-terser": "^4.0.2",
+        "ember-composable-helpers": "^5.0.0",
+        "ember-concurrency": "^2.3.7",
+        "ember-concurrency-decorators": "^2.0.3",
+        "ember-data": "~5.3.0",
+        "ember-engines": "^0.9.0",
+        "ember-load-initializers": "^2.1.2",
+        "ember-math-helpers": "^4.0.0",
+        "ember-page-title": "^8.0.0",
+        "ember-qunit": "^8.0.1",
+        "ember-resolver": "^11.0.1",
+        "ember-source": "~5.4.0",
+        "ember-source-channel-url": "^3.0.0",
+        "ember-template-lint": "^5.11.2",
+        "ember-try": "^3.0.0",
+        "eslint": "^8.52.0",
+        "eslint-config-prettier": "^9.0.0",
+        "eslint-plugin-ember": "^11.11.1",
+        "eslint-plugin-n": "^16.2.0",
+        "eslint-plugin-prettier": "^5.0.1",
+        "eslint-plugin-qunit": "^8.0.1",
+        "loader.js": "^4.7.0",
+        "prettier": "^3.0.3",
+        "qunit": "^2.20.0",
+        "qunit-dom": "^2.0.0",
+        "stylelint": "^15.11.0",
+        "stylelint-config-standard": "^34.0.0",
+        "stylelint-prettier": "^4.0.2",
+        "webpack": "^5.89.0"
+    },
+    "peerDependencies": {
+        "ember-engines": "^0.9.0"
+    },
+    "engines": {
+        "node": ">= 18"
+    },
+    "ember": {
+        "edition": "octane"
+    },
+    "ember-addon": {
+        "configPath": "tests/dummy/config"
+    },
+    "prettier": {
+        "trailingComma": "es5",
+        "tabWidth": 4,
+        "semi": true,
+        "singleQuote": true,
+        "printWidth": 190,
+        "overrides": [
+            {
+                "files": "*.hbs",
+                "options": {
+                    "singleQuote": false
+                }
+            }
+        ]
+    }
+}

package/phpstan.neon.dist

@@ -0,0 +1,8 @@
+parameters:
+    level: max
+    paths:
+        - server/src
+
+    checkMissingIterableValueType: true
+    checkGenericClassInNonGenericObjectType: false
+    reportUnmatchedIgnoredErrors: true

package/phpunit.xml.dist

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:noNamespaceSchemaLocation="./server_vendor/phpunit/phpunit/phpunit.xsd"
+         colors="true"
+>
+    <testsuites>
+        <testsuite name="default">
+            <directory suffix=".php">./server/tests</directory>
+        </testsuite>
+    </testsuites>
+    <filter>
+        <whitelist processUncoveredFilesFromWhitelist="true">
+            <directory suffix=".php">./server/src</directory>
+        </whitelist>
+    </filter>
+</phpunit>

package/server/config/solid.php

@@ -0,0 +1,21 @@
+<?php
+
+/**
+ * -------------------------------------------
+ * Fleetbase Core API Configuration
+ * -------------------------------------------
+ */
+return [
+    'api' => [
+        'version' => '0.0.1',
+        'routing' => [
+            'prefix' => 'solid',
+            'internal_prefix' => 'int'
+        ],
+    ],
+    'server' => [
+        'host' => env('SOLID_HOST', 'http://solid'),
+        'port' => (int) env('SOLID_PORT', 3000),
+        'secure' => (bool) env('SOLID_SECURE', false)
+    ]
+];

package/server/migrations/2024_04_09_064616_create_solid_identities_table.php

@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('solid_identities', function (Blueprint $table) {
+            $table->id();
+            $table->uuid('uuid')->nullable()->index();
+            $table->foreignUuid('company_uuid')->nullable()->index()->references('uuid')->on('companies');
+            $table->foreignUuid('user_uuid')->nullable()->index()->references('uuid')->on('users');
+            $table->string('identifier')->nullable();
+            $table->json('token_response')->nullable();
+            $table->timestamps();
+            $table->softDeletes();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('solid_identities');
+    }
+};

package/server/src/Client/OpenIDConnectClient.php

@@ -0,0 +1,217 @@
+<?php
+
+namespace Fleetbase\Solid\Client;
+
+use Fleetbase\Solid\Models\SolidIdentity;
+use Illuminate\Http\Client\Response;
+use Illuminate\Support\Facades\Redis;
+use Illuminate\Support\Str;
+use Jumbojett\OpenIDConnectClient as BaseOpenIDConnectClient;
+use Jumbojett\OpenIDConnectClientException;
+
+const CLIENT_NAME     = 'Fleetbase';
+final class OpenIDConnectClient extends BaseOpenIDConnectClient
+{
+    private ?SolidClient $solid;
+    private ?SolidIdentity $identity;
+    private ?\stdClass $openIdConfig;
+
+    public function __construct(array $options = [])
+    {
+        $this->solid    = data_get($options, 'solid');
+        $this->identity = data_get($options, 'identity');
+        if ($this->identity instanceof SolidIdentity) {
+            $this->setRedirectURL($this->identity->getRedirectUri());
+        }
+        $this->setCodeChallengeMethod('S256');
+        $this->setClientName(data_get($options, 'clientName', CLIENT_NAME));
+        $this->setClientID(data_get($options, 'clientID'));
+        $this->setClientSecret(data_get($options, 'clientSecret'));
+
+        // Restore client credentials
+        if (isset($options['restore'])) {
+            $this->restoreClientCredentials();
+        }
+    }
+
+    public static function create(array $options = []): OpenIDConnectClient
+    {
+        $client       = new static($options);
+        $openIdConfig = $client->getOpenIdConfiguration();
+        $client->setProviderURL($openIdConfig->issuer);
+        $client->setIssuer($openIdConfig->issuer);
+        $client->providerConfigParam((array) $openIdConfig);
+
+        return $client;
+    }
+
+    public function register(array $options = []): OpenIDConnectClient
+    {
+        // Get registration options
+        $clientName        = (string) data_get($options, 'clientName', CLIENT_NAME);
+        $requestParams     = (array) data_get($options, 'requestParams', []);
+        $requestOptions    = (array) data_get($options, 'requestOptions', []);
+        $redirectUri       = (string) data_get($options, 'redirectUri', $this->identity ? $this->identity->getRedirectUri() : null);
+        $saveCredentials   = (bool) data_get($options, 'saveCredentials', false);
+        $withCredentials   = data_get($options, 'withCredentials');
+
+        // Get OIDC Config and Registration URL
+        $openIdConfig      = $this->getOpenIdConfiguration();
+
+        // Setup OIDC Client
+        $this->setIssuer($openIdConfig->issuer);
+        $this->providerConfigParam((array) $openIdConfig);
+        $this->setRedirectURL($redirectUri);
+
+        // Get Registration URL
+        $registrationUrl = $openIdConfig->registration_endpoint;
+
+        // Request registration for Client which should handle authentication
+        $registrationResponse = $this->solid->post($registrationUrl, ['client_name' => $clientName, 'redirect_uris' => [$redirectUri], ...$requestParams], $requestOptions);
+        if ($registrationResponse->successful()) {
+            $clientCredentials = (object) $registrationResponse->json();
+            $this->setClientCredentials($clientName, $clientCredentials, $saveCredentials, $withCredentials);
+        } else {
+            throw new OpenIDConnectClientException('Error registering: Please contact the OpenID Connect provider and obtain a Client ID and Secret directly from them');
+        }
+
+        return $this;
+    }
+
+    public function authenticate(): bool
+    {
+        $this->setCodeChallengeMethod('S256');
+        $this->addScope(['openid', 'webid', 'offline_access']);
+
+        return parent::authenticate();
+    }
+
+    private function setClientCredentials(string $clientName = CLIENT_NAME, $clientCredentials, bool $save = false, \Closure $callback = null): OpenIDConnectClient
+    {
+        $this->setClientID($clientCredentials->client_id);
+        $this->setClientName($clientCredentials->client_name);
+        $this->setClientSecret($clientCredentials->client_secret);
+
+        // Save the client credentials
+        if ($save) {
+            $this->saveClientCredentials($clientName, $clientCredentials);
+        }
+
+        // Run callback if provided
+        if (is_callable($callback)) {
+            $callback($clientCredentials);
+        }
+
+        return $this;
+    }
+
+    private function saveClientCredentials(string $clientName = CLIENT_NAME, $clientCredentials): OpenIDConnectClient
+    {
+        $key = $this->getClientCredentialsKey($clientName);
+
+        return $this->save($key, $clientCredentials);
+    }
+
+    public function restoreClientCredentials(string $clientName = CLIENT_NAME, array $overwrite = []): OpenIDConnectClient
+    {
+        $key                    = $this->getClientCredentialsKey($clientName);
+        $savedClientCredentials = $this->retrieve($key);
+        if (!$savedClientCredentials) {
+            throw new \Exception('No saved client credentials to restore.');
+        }
+
+        $restoredClientCredentials = (object) array_merge((array) $savedClientCredentials, $overwrite);
+        $this->setClientCredentials($clientName, $restoredClientCredentials);
+
+        return $this;
+    }
+
+    private function getClientCredentialsKey(string $clientName = CLIENT_NAME): string
+    {
+        if ($this->identity instanceof SolidIdentity) {
+            return 'oidc:client_credentials:' . Str::slug($clientName) . ':' . $this->identity->uuid;
+        }
+
+        return 'oidc:client_credentials:' . Str::slug($clientName);
+    }
+
+    private function save(string $key, $value): OpenIDConnectClient
+    {
+        if (is_object($value) || is_array($value)) {
+            $value = json_encode($value);
+        }
+
+        Redis::set($key, $value);
+
+        return $this;
+    }
+
+    private function retrieve(string $key)
+    {
+        $value = Redis::get($key);
+        if (Str::isJson($value)) {
+            $value = (object) json_decode($value);
+        }
+
+        return $value;
+    }
+
+    public function getOpenIdConfiguration(string $key = null)
+    {
+        $openIdConfigResponse = $this->solid->get('.well-known/openid-configuration');
+        if ($openIdConfigResponse instanceof Response) {
+            $openIdConfig = (object) $openIdConfigResponse->json();
+            if ($key) {
+                return $openIdConfig->{$key};
+            }
+
+            $this->openIdConfig = $openIdConfig;
+
+            return $openIdConfig;
+        }
+
+        return null;
+    }
+
+    protected function getSessionKey($key)
+    {
+        if (Redis::exists('oidc:session' . Str::slug($key))) {
+            return $this->retrieve('oidc:session' . Str::slug($key));
+        }
+
+        return false;
+    }
+
+    protected function setSessionKey($key, $value)
+    {
+        $this->save('oidc:session' . Str::slug($key), $value);
+    }
+
+    protected function unsetSessionKey($key)
+    {
+        Redis::del('oidc:session' . Str::slug($key));
+    }
+
+    protected function getAllSessionKeysWithValues()
+    {
+        $pattern = 'oidc:session*'; // Pattern to match keys
+        $keys    = [];
+        $cursor  = 0;
+
+        do {
+            // Use the SCAN command to find keys matching the pattern
+            [$cursor, $results] = Redis::scan($cursor, 'MATCH', $pattern);
+
+            foreach ($results as $key) {
+                // Retrieve each value and add it to the keys array
+                $keys[$key] = Redis::get($key);
+            }
+        } while ($cursor);
+
+        return $keys;
+    }
+
+    // public static function createDPoP(string $method, string $url, string $accessToken = null): string
+    // {
+    // }
+}

package/server/src/Client/SolidClient.php

@@ -0,0 +1,186 @@
+<?php
+
+namespace Fleetbase\Solid\Client;
+
+use Fleetbase\Solid\Models\SolidIdentity;
+use Illuminate\Http\Client\Response;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Str;
+
+class SolidClient
+{
+    private string $host = 'localhost';
+    private int $port    = 3000;
+    private bool $secure = true;
+    public ?SolidIdentity $solidIdentity;
+    public ?OpenIDConnectClient $oidc;
+    private const DEFAULT_MIME_TYPE   = 'text/turtle';
+    private const LDP_BASIC_CONTAINER = 'http://www.w3.org/ns/ldp#BasicContainer';
+    private const LDP_RESOURCE        = 'http://www.w3.org/ns/ldp#Resource';
+    private const OIDC_ISSUER         = 'http://www.w3.org/ns/solid/terms#oidcIssuer';
+
+    /**
+     * Constructor for the SolidClient.
+     *
+     * Initializes the client with the provided options or defaults.
+     *
+     * @param array $options configuration options for the client
+     */
+    public function __construct(array $options = [])
+    {
+        $this->identity = data_get($options, 'identity');
+        $this->host     = config('solid.server.host', data_get($options, 'host'));
+        $this->port     = (int) config('solid.server.port', data_get($options, 'port'));
+        $this->secure   = (bool) config('solid.server.secure', data_get($options, 'secure'));
+        $this->oidc     = OpenIDConnectClient::create(['solid' => $this, ...$options]);
+    }
+
+    /**
+     * Factory method to create a new instance of the SolidClient.
+     *
+     * @param array $options configuration options for the client
+     *
+     * @return static a new instance of SolidClient
+     */
+    public static function create(array $options = []): self
+    {
+        return new static($options);
+    }
+
+    /**
+     * Constructs the URL to the Solid server based on the configured host, port, and security.
+     *
+     * @return string the fully constructed URL
+     */
+    public function getServerUrl(): string
+    {
+        $protocol = $this->secure ? 'https' : 'http';
+        $host     =  preg_replace('#^.*://#', '', $this->host);
+
+        return "{$protocol}://{$host}:{$this->port}";
+    }
+
+    /**
+     * Creates a full request URL based on the server URL and the provided URI.
+     *
+     * This function constructs a complete URL by appending the given URI to the base server URL.
+     * It ensures that there is exactly one slash between the base URL and the URI.
+     *
+     * @param string|null $uri The URI to append to the server URL. If null, only the server URL is returned.
+     *
+     * @return string the fully constructed URL
+     */
+    private function createRequestUrl(string $uri = null): string
+    {
+        if (Str::startsWith($uri, 'http')) {
+            return $uri;
+        }
+
+        $url = $this->getServerUrl();
+        if (is_string($uri)) {
+            $uri = '/' . ltrim($uri, '/');
+            $url .= $uri;
+        }
+
+        return $url;
+    }
+
+    /**
+     * Set the identity to use for authenticated request.
+     */
+    public function withIdentity(SolidIdentity $identity): SolidClient
+    {
+        $this->identity = $identity;
+
+        return $this;
+    }
+
+    /**
+     * Make a HTTP request to the Solid server.
+     *
+     * @param string $method  The HTTP method (GET, POST, etc.)
+     * @param string $uri     The URI to send the request to
+     * @param array  $options Options for the request
+     */
+    protected function request(string $method, string $uri, array $data = [], array $options = []): Response
+    {
+        $url = $this->createRequestUrl($uri);
+
+        return Http::withOptions($options)->{$method}($url, $data);
+    }
+
+    /**
+     * Send an authenticated request with the current identity.
+     */
+    public function authenticatedRequest(string $method, string $uri, array $data = [], array $options = []): Response
+    {
+        if (!$this->identity) {
+            throw new \Exception('Solid Identity required to make an authenticated request.');
+        }
+
+        $url         = $this->createRequestUrl($uri);
+        $accessToken = $this->identity->getAccessToken();
+        if ($accessToken) {
+            $options['headers']                  = is_array($options['headers']) ? $options['headers'] : [];
+            $options['headers']['Authorization'] = 'DPoP ' . $accessToken;
+            $options['headers']['DPoP']          = OpenIDConnectClient::createDPoP($method, $url, $accessToken);
+        }
+
+        return Http::withOptions($options)->{$method}($url, $data);
+    }
+
+    /**
+     * Send a GET request to the Solid server.
+     *
+     * @param string $uri     The URI to send the request to
+     * @param array  $options Options for the request
+     */
+    public function get(string $uri, array $data = [], array $options = []): Response
+    {
+        return $this->request('get', $uri, $data, $options);
+    }
+
+    /**
+     * Send a POST request to the Solid server.
+     *
+     * @param string $uri  The URI to send the request to
+     * @param array  $data Data to be sent in the request body
+     */
+    public function post(string $uri, array $data = [], array $options = []): Response
+    {
+        return $this->request('post', $uri, $data, $options);
+    }
+
+    /**
+     * Send a PUT request to the Solid server.
+     *
+     * @param string $uri  The URI to send the request to
+     * @param array  $data Data to be sent in the request body
+     */
+    public function put(string $uri, array $data = [], array $options = []): Response
+    {
+        return $this->request('put', $uri, $data, $options);
+    }
+
+    /**
+     * Send a PATCH request to the Solid server.
+     *
+     * @param string $uri  The URI to send the request to
+     * @param array  $data Data to be sent in the request body
+     */
+    public function patch(string $uri, array $data = [], array $options = []): Response
+    {
+        return $this->request('patch', $uri, $data, $options);
+    }
+
+    /**
+     * Send a DELETE request to the Solid server.
+     *
+     * @param string $uri     The URI to send the request to
+     * @param array  $options Options for the request
+     */
+    public function delete(string $uri, array $data = [], array $options = []): Response
+    {
+        return $this->request('delete', $uri, $data, $options);
+    }
+}

package/server/src/Http/Controllers/OIDCController.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace Fleetbase\Solid\Http\Controllers;
+
+use Fleetbase\Http\Controllers\Controller as BaseController;
+use Fleetbase\Solid\Client\SolidClient;
+use Fleetbase\Solid\Models\SolidIdentity;
+use Fleetbase\Support\Utils;
+use Illuminate\Http\Request;
+
+class OIDCController extends BaseController
+{
+    public function completeRegistration(string $identifier, Request $request)
+    {
+        if ($request->has('code') && $identifier) {
+            try {
+                $identity = SolidIdentity::where('identifier', $identifier)->first();
+                if ($identity) {
+                    $solid = SolidClient::create(['identity' => $identity, 'restore' => true]);
+                    $solid->oidc->authenticate();
+                    $identity->update(['token_response' => $solid->oidc->getTokenResponse()]);
+                }
+            } catch (\Throwable $e) {
+                return redirect(Utils::consoleUrl('solid-protocol', ['error' => $e->getMessage()]));
+            }
+
+            return redirect(Utils::consoleUrl('solid-protocol', $request->all()));
+        }
+
+        return redirect(Utils::consoleUrl('solid-protocol', ['error' => 'Unable to authenticate with provider']));
+    }
+}