@fleetbase/solid-engine 0.0.4 → 0.0.5

package/server/src/Http/Controllers/SolidController.php

@@ -7,16 +7,24 @@ use Fleetbase\Http\Requests\AdminRequest;
 use Fleetbase\Models\Setting;
 use Fleetbase\Solid\Client\SolidClient;
 use Fleetbase\Solid\Models\SolidIdentity;
+use Fleetbase\Solid\Services\PodService;
 use Fleetbase\Solid\Support\Utils;
 use Illuminate\Http\Request;
-use Illuminate\Support\Str;
+use Illuminate\Support\Facades\Log;
 
 class SolidController extends BaseController
 {
+    protected PodService $podService;
+
+    public function __construct(PodService $podService)
+    {
+        $this->podService = $podService;
+    }
+
     /**
      * Welcome message only.
      */
-    public function hello()
+    public function hello(Request $request)
     {
         return response()->json(
             [
@@ -30,7 +38,7 @@ class SolidController extends BaseController
     {
         $defaultConfig = config('solid.server');
         $savedConfig   = Setting::system('solid.server');
-        $config        = array_merge($defaultConfig, $savedConfig);
+        $config        = array_merge($defaultConfig, $savedConfig ?? []);
 
         return response()->json($config);
     }
@@ -55,116 +63,202 @@ class SolidController extends BaseController
 
     public function authenticate(string $identifier)
     {
-        $identity = SolidIdentity::initialize();
-        $oidc     = SolidClient::create(['identity' => $identity])->oidc->register(['saveCredentials' => true]);
+        try {
+            Log::info('[SOLID AUTH START]', ['identifier' => $identifier]);
 
-        return $oidc->authenticate();
-    }
+            $identity = SolidIdentity::where('identifier', $identifier)->first();
 
-    public function getAccountIndex()
-    {
-        $solidIdentity   = SolidIdentity::current();
-        $accountResponse = $solidIdentity->request('get', '.account');
-        dd($accountResponse->json());
+            if (!$identity) {
+                throw new \Exception('Identity not found for identifier: ' . $identifier);
+            }
+
+            Log::info('[SOLID IDENTITY FOUND]', [
+                'identity_id'  => $identity->id,
+                'redirect_uri' => $identity->getRedirectUri(),
+            ]);
+
+            $oidc = SolidClient::create(['identity' => $identity])->oidc->register(['saveCredentials' => true]);
+
+            Log::info('[SOLID OIDC REGISTERED]', ['client_id' => $oidc->getClientID()]);
+
+            // This will redirect to the authorization server
+            return $oidc->authenticate();
+        } catch (\Throwable $e) {
+            Log::error('[SOLID AUTH ERROR]', [
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+
+            // Redirect back to frontend with error
+            return redirect(Utils::consoleUrl('solid-protocol', ['error' => $e->getMessage()]));
+        }
     }
 
-    public function play(Request $request)
+    /**
+     * Get authentication status and account details.
+     */
+    public function getAuthenticationStatus(Request $request)
     {
-        $action      = $request->input('action');
-        $identity    = SolidIdentity::first();
-        $solid       = new SolidClient(['identity' => $identity]);
+        try {
+            $identity = SolidIdentity::current();
 
-        if ($action === 'register_client') {
-            $registeredClient = $solid->oidc->register();
-        }
+            if (!$identity || !$identity->getAccessToken()) {
+                return response()->json([
+                    'authenticated' => false,
+                    'identity'      => null,
+                    'profile'       => null,
+                ]);
+            }
 
-        if ($action === 'restore') {
-            $solid->identity->restoreClientCredentials();
-        }
+            // Get WebID and profile information
+            $profile = $this->podService->getProfileData($identity);
 
-        if ($action === 'login') {
-            $loginResponse = $solid->post(
-                '.account/login/password',
-                [
-                    'email'    => 'ron@fleetbase.io',
-                    'password' => 'Zerina30662!',
-                    'remember' => true,
+            return response()->json([
+                'authenticated' => true,
+                'identity'      => [
+                    'id'               => $identity->id,
+                    'identifier'       => $identity->identifier,
+                    'created_at'       => $identity->created_at,
+                    'has_access_token' => (bool) $identity->getAccessToken(),
                 ],
-                [
-                    'withoutAuth' => true,
-                    'headers'     => [
-                        'Cookie' => '_interaction=TDQMh2DWuC8wZvkEB2n_G; _interaction.sig=3HHA_FUVo7Cw9up2keCJ7IaQJws; _session.legacy=jdxTxnTGmvWx2ECaiwYeP; _session.legacy.sig=EUGYX6DAKtBNQqZN5PGcbIJ-5ac',
-                    ],
-                ]
-            );
-            dump($loginResponse->json());
+                'profile' => $profile,
+            ]);
+        } catch (\Throwable $e) {
+            Log::error('[SOLID AUTH STATUS ERROR]', [
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+
+            return response()->json([
+                'authenticated' => false,
+                'identity'      => null,
+                'profile'       => null,
+                'error'         => $e->getMessage(),
+            ]);
         }
+    }
+
+    /**
+     * Logout user by clearing identity tokens.
+     */
+    public function logout(Request $request)
+    {
+        try {
+            $identity = SolidIdentity::current();
 
-        if ($action === 'test') {
-            // $solidClient->identity->restoreTokens();
-            dump('AccessToken: ' . $solid->identity->getAccessToken());
-            dump('IdToken: ' . $solid->identity->getIdToken());
+            if ($identity) {
+                // Clear token response
+                $identity->update(['token_response' => null]);
 
-            $indexResponse = $solid->get('.account', [], ['withoutAuth' => true]);
-            dump($indexResponse->json());
+                // Clear any cached client credentials
+                $solid = SolidClient::create(['identity' => $identity]);
+                $solid->oidc->clearClientCredentials();
+            }
 
-            // $createPodResponse = $solidClient->post('rondon/blog');
-            // dump($createPodResponse->json());
+            return response()->json([
+                'success' => true,
+                'message' => 'Logged out successfully',
+            ]);
+        } catch (\Throwable $e) {
+            Log::error('[SOLID LOGOUT ERROR]', [
+                'error' => $e->getMessage(),
+            ]);
 
-            // $createFileResponse = $solidClient->put('test.txt', ['test'], ['content-type' => 'text/plain']);
-            // dump($createFileResponse->json());
+            return response()->json([
+                'success' => false,
+                'error'   => $e->getMessage(),
+            ], 500);
         }
     }
 
+    /**
+     * Get real pods from Solid server.
+     */
     public function getPods(Request $request)
     {
-        // Retrieve search and sort parameters from the request
-        $query = $request->searchQuery();
-        $sort  = $request->input('sort', '-created_at');
-        $id    = $request->input('id');
-        $slug  = $request->input('slug');
+        try {
+            $identity = SolidIdentity::current();
 
-        // Collection of pods data
-        $pods = json_decode(file_get_contents(base_path('vendor/fleetbase/solid-api/server/data/pods.json')));
-
-        // Get single content from pod via slug
-        if ($slug) {
-            $result = Utils::searchPods($pods, 'slug', $slug);
+            if (!$identity || !$identity->getAccessToken()) {
+                return response()->json([
+                    'error' => 'Not authenticated',
+                ], 401);
+            }
 
-            return response()->json($result);
-        }
+            $profile          = $this->podService->getProfileData($identity);
+            $storageLocations = data_get($profile, 'parsed_profile.storage_locations', []);
 
-        // Get a single item via ID
-        if ($id && is_array($pods)) {
-            $result = Utils::searchPods($pods, 'id', $id);
-            if ($result && $query) {
-                $result->contents = array_values(
-                    array_filter(
-                        data_get($result, 'contents', []),
-                        function ($content) use ($query) {
-                            return Str::contains(strtolower(data_get($content, 'name')), strtolower($query));
-                        }
-                    )
-                );
+            $pods = [];
+            foreach ($storageLocations as $storageUrl) {
+                try {
+                    $podResponse = $identity->request('get', $storageUrl);
+                    if ($podResponse->successful()) {
+                        $pods[] = [
+                            'url'        => $storageUrl,
+                            'name'       => $this->extractPodName($storageUrl),
+                            'content'    => $podResponse->body(),
+                            'status'     => $podResponse->status(),
+                            'containers' => $this->parseContainers($podResponse->body()),
+                        ];
+                    }
+                } catch (\Throwable $e) {
+                    Log::warning('[SOLID POD FETCH ERROR]', [
+                        'storage_url' => $storageUrl,
+                        'error'       => $e->getMessage(),
+                    ]);
+                }
             }
 
-            return response()->json($result);
-        }
+            return response()->json([
+                'pods'              => $pods,
+                'storage_locations' => $storageLocations,
+            ]);
+        } catch (\Throwable $e) {
+            Log::error('[SOLID PODS ERROR]', [
+                'error' => $e->getMessage(),
+            ]);
 
-        // Filtering by search query
-        if ($query) {
-            $pods = array_filter($pods, function ($pod) use ($query) {
-                return Str::contains(strtolower(data_get($pod, 'name')), strtolower($query));
-            });
+            return response()->json([
+                'error' => $e->getMessage(),
+            ], 500);
         }
+    }
 
-        // Determine sorting direction and key
-        $sortDesc = substr($sort, 0, 1) === '-';
-        $sortKey  = ltrim($sort, '-');
+    /**
+     * Extract pod name from URL.
+     */
+    private function extractPodName(string $url): string
+    {
+        $parts = explode('/', rtrim($url, '/'));
 
-        // Sorting by specified field
-        $pods = collect($pods)->sortBy($sortKey, SORT_REGULAR, $sortDesc);
+        return end($parts) ?: 'Root Pod';
+    }
 
-        return response()->json($pods->values());
+    /**
+     * Parse containers from pod content.
+     */
+    private function parseContainers(string $content): array
+    {
+        $containers = [];
+
+        // Parse LDP containers from RDF
+        if (preg_match_all('/<([^>]+)>\s+a\s+ldp:Container/', $content, $matches)) {
+            foreach ($matches[1] as $containerUrl) {
+                $containers[] = [
+                    'url'  => $containerUrl,
+                    'name' => $this->extractPodName($containerUrl),
+                    'type' => 'container',
+                ];
+            }
+        }
+
+        return $containers;
+    }
+
+    public function getAccountIndex()
+    {
+        $solidIdentity   = SolidIdentity::current();
+        $accountResponse = $solidIdentity->request('get', '.account');
+        dd($accountResponse->json());
     }
 }

package/server/src/Models/SolidIdentity.php

@@ -56,7 +56,17 @@ class SolidIdentity extends Model
 
     public function getAccessToken(): ?string
     {
-        return data_get($this, 'token_response.access_token');
+        // Use OIDC token only (proper Solid protocol)
+        $oidcToken = data_get($this, 'token_response.access_token');
+        
+        if ($oidcToken) {
+            \Illuminate\Support\Facades\Log::info('[USING OIDC TOKEN]', ['has_token' => true]);
+            return $oidcToken;
+        }
+        
+        // No token available
+        \Illuminate\Support\Facades\Log::warning('[NO ACCESS TOKEN AVAILABLE]');
+        return null;
     }
 
     public function getRedirectUri(array $query = [], int $port = 8000): string
@@ -122,9 +132,9 @@ class SolidIdentity extends Model
         return $solidIdentity;
     }
 
-    public function request(string $method, string $uri, array $data = [], array $options = [])
+    public function request(string $method, string $uri, string|array $data = [], array $options = [])
     {
-        $solidClient = new SolidClient();
+        $solidClient = new SolidClient(['identity' => $this]);
 
         return $solidClient->requestWithIdentity($this, $method, $uri, $data, $options);
     }

package/server/src/Services/AclService.php

@@ -0,0 +1,146 @@
+<?php
+
+namespace Fleetbase\Solid\Services;
+
+use Fleetbase\Solid\Models\SolidIdentity;
+use Illuminate\Support\Facades\Log;
+
+class AclService
+{
+    protected PodService $podService;
+
+    public function __construct(PodService $podService)
+    {
+        $this->podService = $podService;
+    }
+
+    /**
+     * Check if the pod root has write/append permissions
+     */
+    public function hasWritePermissions(SolidIdentity $identity, string $podUrl): bool
+    {
+        try {
+            $response = $identity->request('get', $podUrl);
+            
+            if (!$response->successful()) {
+                Log::warning('[ACL CHECK FAILED]', [
+                    'pod_url' => $podUrl,
+                    'status' => $response->status(),
+                ]);
+                return false;
+            }
+
+            $wacAllow = $response->header('WAC-Allow');
+            Log::info('[ACL CHECK]', [
+                'pod_url' => $podUrl,
+                'wac_allow' => $wacAllow,
+            ]);
+
+            // Check if WAC-Allow header includes write or append
+            if ($wacAllow) {
+                return str_contains($wacAllow, 'write') || str_contains($wacAllow, 'append');
+            }
+
+            return false;
+        } catch (\Exception $e) {
+            Log::error('[ACL CHECK ERROR]', [
+                'pod_url' => $podUrl,
+                'error' => $e->getMessage(),
+            ]);
+            return false;
+        }
+    }
+
+    /**
+     * Update the pod root ACL to grant write permissions
+     */
+    public function grantWritePermissions(SolidIdentity $identity, string $podUrl, string $webId): bool
+    {
+        try {
+            $aclUrl = rtrim($podUrl, '/') . '/.acl';
+            
+            // Generate ACL Turtle document
+            $aclTurtle = $this->generateAclDocument($podUrl, $webId);
+            
+            Log::info('[ACL UPDATE]', [
+                'acl_url' => $aclUrl,
+                'webid' => $webId,
+            ]);
+
+            // PUT the ACL document
+            $response = $identity->request('put', $aclUrl, $aclTurtle, [
+                'headers' => [
+                    'Content-Type' => 'text/turtle',
+                ],
+            ]);
+
+            if ($response->successful()) {
+                Log::info('[ACL UPDATED]', [
+                    'acl_url' => $aclUrl,
+                    'status' => $response->status(),
+                ]);
+                return true;
+            }
+
+            Log::error('[ACL UPDATE FAILED]', [
+                'acl_url' => $aclUrl,
+                'status' => $response->status(),
+                'body' => $response->body(),
+            ]);
+            return false;
+
+        } catch (\Exception $e) {
+            Log::error('[ACL UPDATE ERROR]', [
+                'pod_url' => $podUrl,
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+            return false;
+        }
+    }
+
+    /**
+     * Generate ACL Turtle document
+     */
+    protected function generateAclDocument(string $podUrl, string $webId): string
+    {
+        $podUrl = rtrim($podUrl, '/') . '/';
+        
+        return <<<TURTLE
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+
+# Full rights for the pod owner
+<#owner>
+    a acl:Authorization;
+    acl:agent <{$webId}>;
+    acl:accessTo <{$podUrl}>;
+    acl:default <{$podUrl}>;
+    acl:mode acl:Read, acl:Write, acl:Control.
+
+# Append and read rights for Fleetbase integration
+<#fleetbase>
+    a acl:Authorization;
+    acl:agent <{$webId}>;
+    acl:accessTo <{$podUrl}>;
+    acl:default <{$podUrl}>;
+    acl:mode acl:Append, acl:Read.
+
+TURTLE;
+    }
+
+    /**
+     * Ensure pod has write permissions, update ACL if needed
+     */
+    public function ensureWritePermissions(SolidIdentity $identity, string $podUrl, string $webId): bool
+    {
+        // Check if already has write permissions
+        if ($this->hasWritePermissions($identity, $podUrl)) {
+            Log::info('[ACL OK]', ['pod_url' => $podUrl]);
+            return true;
+        }
+
+        // Need to update ACL
+        Log::info('[ACL NEEDS UPDATE]', ['pod_url' => $podUrl]);
+        return $this->grantWritePermissions($identity, $podUrl, $webId);
+    }
+}