javascript-solid-server 0.0.19 → 0.0.21

package/.claude/settings.local.json

@@ -65,7 +65,9 @@
       "Bash(pm2 start:*)",
       "Bash(DATA_ROOT=/home/melvin/jss/data pm2 start:*)",
       "Bash(pm2 save:*)",
-      "Bash(gh issue create:*)"
+      "Bash(gh issue create:*)",
+      "Bash(gh issue view:*)",
+      "Bash(gh issue edit:*)"
     ]
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.19",
+  "version": "0.0.21",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/handlers/container.js

@@ -121,6 +121,63 @@ export async function handlePost(request, reply) {
   return reply.code(201).send();
 }
 
+/**
+ * Create pod directory structure (reusable for registration)
+ * @param {string} name - Pod name (username)
+ * @param {string} webId - User's WebID URI
+ * @param {string} baseUrl - Base URL (without trailing slash)
+ */
+export async function createPodStructure(name, webId, baseUrl) {
+  const podPath = `/${name}/`;
+  const podUri = `${baseUrl}/${name}/`;
+  const issuer = baseUrl + '/';
+
+  // Create pod directory structure
+  await storage.createContainer(podPath);
+  await storage.createContainer(`${podPath}inbox/`);
+  await storage.createContainer(`${podPath}public/`);
+  await storage.createContainer(`${podPath}private/`);
+  await storage.createContainer(`${podPath}settings/`);
+
+  // Generate and write WebID profile as index.html at pod root
+  const profileHtml = generateProfile({ webId, name, podUri, issuer });
+  await storage.write(`${podPath}index.html`, profileHtml);
+
+  // Generate and write preferences
+  const prefs = generatePreferences({ webId, podUri });
+  await storage.write(`${podPath}settings/prefs`, serialize(prefs));
+
+  // Generate and write type indexes
+  const publicTypeIndex = generateTypeIndex(`${podUri}settings/publicTypeIndex`);
+  await storage.write(`${podPath}settings/publicTypeIndex`, serialize(publicTypeIndex));
+
+  const privateTypeIndex = generateTypeIndex(`${podUri}settings/privateTypeIndex`);
+  await storage.write(`${podPath}settings/privateTypeIndex`, serialize(privateTypeIndex));
+
+  // Create default ACL files
+  // Pod root: owner full control, public read
+  const rootAcl = generateOwnerAcl(podUri, webId, true);
+  await storage.write(`${podPath}.acl`, serializeAcl(rootAcl));
+
+  // Private folder: owner only (no public)
+  const privateAcl = generatePrivateAcl(`${podUri}private/`, webId);
+  await storage.write(`${podPath}private/.acl`, serializeAcl(privateAcl));
+
+  // Settings folder: owner only
+  const settingsAcl = generatePrivateAcl(`${podUri}settings/`, webId);
+  await storage.write(`${podPath}settings/.acl`, serializeAcl(settingsAcl));
+
+  // Inbox: owner full, public append
+  const inboxAcl = generateInboxAcl(`${podUri}inbox/`, webId);
+  await storage.write(`${podPath}inbox/.acl`, serializeAcl(inboxAcl));
+
+  // Public folder: owner full, public read (with inheritance)
+  const publicAcl = generatePublicFolderAcl(`${podUri}public/`, webId);
+  await storage.write(`${podPath}public/.acl`, serializeAcl(publicAcl));
+
+  return { podPath, podUri };
+}
+
 /**
  * Create a pod (container) for a user
  * POST /.pods with { "name": "alice" }
@@ -149,8 +206,8 @@ export async function handleCreatePod(request, reply) {
     if (!email || typeof email !== 'string') {
       return reply.code(400).send({ error: 'Email required for account creation' });
     }
-    if (!password || password.length < 8) {
-      return reply.code(400).send({ error: 'Password required (minimum 8 characters)' });
+    if (!password) {
+      return reply.code(400).send({ error: 'Password required' });
     }
   }
 
@@ -189,49 +246,8 @@ export async function handleCreatePod(request, reply) {
   const issuer = baseUri + '/';
 
   try {
-    // Create pod directory structure
-    await storage.createContainer(podPath);
-    await storage.createContainer(`${podPath}inbox/`);
-    await storage.createContainer(`${podPath}public/`);
-    await storage.createContainer(`${podPath}private/`);
-    await storage.createContainer(`${podPath}settings/`);
-
-    // Generate and write WebID profile as index.html at pod root
-    const profileHtml = generateProfile({ webId, name, podUri, issuer });
-    await storage.write(`${podPath}index.html`, profileHtml);
-
-    // Generate and write preferences
-    const prefs = generatePreferences({ webId, podUri });
-    await storage.write(`${podPath}settings/prefs`, serialize(prefs));
-
-    // Generate and write type indexes
-    const publicTypeIndex = generateTypeIndex(`${podUri}settings/publicTypeIndex`);
-    await storage.write(`${podPath}settings/publicTypeIndex`, serialize(publicTypeIndex));
-
-    const privateTypeIndex = generateTypeIndex(`${podUri}settings/privateTypeIndex`);
-    await storage.write(`${podPath}settings/privateTypeIndex`, serialize(privateTypeIndex));
-
-    // Create default ACL files
-    // Pod root: owner full control, public read
-    const rootAcl = generateOwnerAcl(podUri, webId, true);
-    await storage.write(`${podPath}.acl`, serializeAcl(rootAcl));
-
-    // Private folder: owner only (no public)
-    const privateAcl = generatePrivateAcl(`${podUri}private/`, webId);
-    await storage.write(`${podPath}private/.acl`, serializeAcl(privateAcl));
-
-    // Settings folder: owner only
-    const settingsAcl = generatePrivateAcl(`${podUri}settings/`, webId);
-    await storage.write(`${podPath}settings/.acl`, serializeAcl(settingsAcl));
-
-    // Inbox: owner full, public append
-    const inboxAcl = generateInboxAcl(`${podUri}inbox/`, webId);
-    await storage.write(`${podPath}inbox/.acl`, serializeAcl(inboxAcl));
-
-    // Public folder: owner full, public read (with inheritance)
-    const publicAcl = generatePublicFolderAcl(`${podUri}public/`, webId);
-    await storage.write(`${podPath}public/.acl`, serializeAcl(publicAcl));
-
+    // Use shared pod creation function
+    await createPodStructure(name, webId, baseUri);
   } catch (err) {
     console.error('Pod creation error:', err);
     // Cleanup on failure
@@ -249,7 +265,7 @@ export async function handleCreatePod(request, reply) {
   if (idpEnabled) {
     try {
       const { createAccount } = await import('../idp/accounts.js');
-      await createAccount({ email, password, webId, podName: name });
+      await createAccount({ username: name, email, password, webId, podName: name });
 
       return reply.code(201).send({
         name,

package/src/handlers/resource.js

@@ -451,40 +451,44 @@ export async function handlePatch(request, reply) {
     });
   }
 
-  // Check if resource exists
+  // Check if resource exists - PATCH can create resources in Solid
   const stats = await storage.stat(storagePath);
-  if (!stats) {
-    const origin = request.headers.origin;
-    const connegEnabled = request.connegEnabled || false;
-    const headers = getNotFoundHeaders({ resourceUrl, origin, connegEnabled });
-    Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
-    return reply.code(404).send({ error: 'Not Found' });
-  }
-
-  // Check If-Match header (for safe updates)
-  const ifMatch = request.headers['if-match'];
-  if (ifMatch) {
-    const check = checkIfMatch(ifMatch, stats.etag);
-    if (!check.ok) {
-      return reply.code(check.status).send({ error: check.error });
+  const resourceExists = !!stats;
+
+  // Check If-Match header (for safe updates) - only if resource exists
+  if (resourceExists) {
+    const ifMatch = request.headers['if-match'];
+    if (ifMatch) {
+      const check = checkIfMatch(ifMatch, stats.etag);
+      if (!check.ok) {
+        return reply.code(check.status).send({ error: check.error });
+      }
     }
   }
 
-  // Read existing content
-  const existingContent = await storage.read(storagePath);
-  if (existingContent === null) {
-    return reply.code(500).send({ error: 'Read error' });
-  }
-
-  // Parse existing document as JSON-LD
+  // Read existing content or start with empty JSON-LD document
   let document;
-  try {
-    document = JSON.parse(existingContent.toString());
-  } catch (e) {
-    return reply.code(409).send({
-      error: 'Conflict',
-      message: 'Resource is not valid JSON-LD and cannot be patched'
-    });
+  if (resourceExists) {
+    const existingContent = await storage.read(storagePath);
+    if (existingContent === null) {
+      return reply.code(500).send({ error: 'Read error' });
+    }
+
+    // Parse existing document as JSON-LD
+    try {
+      document = JSON.parse(existingContent.toString());
+    } catch (e) {
+      return reply.code(409).send({
+        error: 'Conflict',
+        message: 'Resource is not valid JSON-LD and cannot be patched'
+      });
+    }
+  } else {
+    // Create empty JSON-LD document for new resource
+    document = {
+      '@context': {},
+      '@graph': []
+    };
   }
 
   // Parse the patch
@@ -553,5 +557,6 @@ export async function handlePatch(request, reply) {
     emitChange(resourceUrl);
   }
 
-  return reply.code(204).send();
+  // Return 201 Created if resource was created, 204 No Content if updated
+  return reply.code(resourceExists ? 204 : 201).send();
 }

package/src/idp/accounts.js

@@ -1,6 +1,7 @@
 /**
  * Account management for the Identity Provider
- * Handles user accounts with email/password authentication
+ * Handles user accounts with username/password authentication
+ * Email is optional - internally uses username@jss if not provided
  */
 
 import bcrypt from 'bcrypt';
@@ -8,6 +9,9 @@ import crypto from 'crypto';
 import fs from 'fs-extra';
 import path from 'path';
 
+// Internal domain for generated emails
+const INTERNAL_DOMAIN = 'jss';
+
 /**
  * Get accounts directory (computed dynamically to support changing DATA_ROOT)
  */
@@ -16,6 +20,10 @@ function getAccountsDir() {
   return path.join(dataRoot, '.idp', 'accounts');
 }
 
+function getUsernameIndexPath() {
+  return path.join(getAccountsDir(), '_username_index.json');
+}
+
 function getEmailIndexPath() {
   return path.join(getAccountsDir(), '_email_index.json');
 }
@@ -55,21 +63,34 @@ async function saveIndex(indexPath, index) {
 /**
  * Create a new user account
  * @param {object} options - Account options
- * @param {string} options.email - User email
+ * @param {string} options.username - Username (typically same as podName)
  * @param {string} options.password - Plain text password
  * @param {string} options.webId - User's WebID URI
  * @param {string} options.podName - Pod name
+ * @param {string} [options.email] - Optional email (defaults to username@jss)
  * @returns {Promise<object>} - Created account (without password)
  */
-export async function createAccount({ email, password, webId, podName }) {
+export async function createAccount({ username, password, webId, podName, email }) {
   await ensureDir();
 
-  const normalizedEmail = email.toLowerCase().trim();
+  const normalizedUsername = username.toLowerCase().trim();
+  // Use provided email or generate internal one
+  const normalizedEmail = email
+    ? email.toLowerCase().trim()
+    : `${normalizedUsername}@${INTERNAL_DOMAIN}`;
+
+  // Check username uniqueness
+  const existingByUsername = await findByUsername(normalizedUsername);
+  if (existingByUsername) {
+    throw new Error('Username already taken');
+  }
 
-  // Check email uniqueness
-  const existingByEmail = await findByEmail(normalizedEmail);
-  if (existingByEmail) {
-    throw new Error('Email already registered');
+  // Check email uniqueness (if real email provided)
+  if (email) {
+    const existingByEmail = await findByEmail(normalizedEmail);
+    if (existingByEmail) {
+      throw new Error('Email already registered');
+    }
   }
 
   // Check webId uniqueness
@@ -84,6 +105,7 @@ export async function createAccount({ email, password, webId, podName }) {
 
   const account = {
     id,
+    username: normalizedUsername,
     email: normalizedEmail,
     passwordHash,
     webId,
@@ -96,6 +118,11 @@ export async function createAccount({ email, password, webId, podName }) {
   const accountPath = path.join(getAccountsDir(), `${id}.json`);
   await fs.writeJson(accountPath, account, { spaces: 2 });
 
+  // Update username index
+  const usernameIndex = await loadIndex(getUsernameIndexPath());
+  usernameIndex[normalizedUsername] = id;
+  await saveIndex(getUsernameIndexPath(), usernameIndex);
+
   // Update email index
   const emailIndex = await loadIndex(getEmailIndexPath());
   emailIndex[normalizedEmail] = id;
@@ -112,13 +139,17 @@ export async function createAccount({ email, password, webId, podName }) {
 }
 
 /**
- * Authenticate a user with email and password
- * @param {string} email - User email
+ * Authenticate a user with username/email and password
+ * @param {string} identifier - Username or email
  * @param {string} password - Plain text password
  * @returns {Promise<object|null>} - Account if valid, null if invalid
  */
-export async function authenticate(email, password) {
-  const account = await findByEmail(email);
+export async function authenticate(identifier, password) {
+  // Try to find by username first, then by email
+  let account = await findByUsername(identifier);
+  if (!account) {
+    account = await findByEmail(identifier);
+  }
   if (!account) return null;
 
   const valid = await bcrypt.compare(password, account.passwordHash);
@@ -149,6 +180,19 @@ export async function findById(id) {
   }
 }
 
+/**
+ * Find an account by username
+ * @param {string} username - Username
+ * @returns {Promise<object|null>} - Account or null
+ */
+export async function findByUsername(username) {
+  const normalizedUsername = username.toLowerCase().trim();
+  const usernameIndex = await loadIndex(getUsernameIndexPath());
+  const id = usernameIndex[normalizedUsername];
+  if (!id) return null;
+  return findById(id);
+}
+
 /**
  * Find an account by email
  * @param {string} email - User email
@@ -201,6 +245,12 @@ export async function deleteAccount(id) {
   if (!account) return;
 
   // Remove from indexes
+  if (account.username) {
+    const usernameIndex = await loadIndex(getUsernameIndexPath());
+    delete usernameIndex[account.username];
+    await saveIndex(getUsernameIndexPath(), usernameIndex);
+  }
+
   const emailIndex = await loadIndex(getEmailIndexPath());
   delete emailIndex[account.email];
   await saveIndex(getEmailIndexPath(), emailIndex);

package/src/idp/index.js

@@ -11,6 +11,8 @@ import {
   handleLogin,
   handleConsent,
   handleAbort,
+  handleRegisterGet,
+  handleRegisterPost,
 } from './interactions.js';
 import {
   handleCredentials,
@@ -220,6 +222,15 @@ export async function idpPlugin(fastify, options) {
     return handleAbort(request, reply, provider);
   });
 
+  // Registration routes
+  fastify.get('/idp/register', async (request, reply) => {
+    return handleRegisterGet(request, reply);
+  });
+
+  fastify.post('/idp/register', async (request, reply) => {
+    return handleRegisterPost(request, reply, issuer);
+  });
+
   fastify.log.info(`IdP initialized with issuer: ${issuer}`);
 }
 

package/src/idp/interactions.js

@@ -1,10 +1,12 @@
 /**
- * Interaction handlers for login and consent flows
+ * Interaction handlers for login, consent, and registration flows
  * Handles the user-facing parts of the authentication flow
  */
 
-import { authenticate, findById } from './accounts.js';
-import { loginPage, consentPage, errorPage } from './views.js';
+import { authenticate, findById, createAccount } from './accounts.js';
+import { loginPage, consentPage, errorPage, registerPage } from './views.js';
+import * as storage from '../storage/filesystem.js';
+import { createPodStructure } from '../handlers/container.js';
 
 /**
  * Handle GET /idp/interaction/:uid
@@ -81,11 +83,11 @@ export async function handleLogin(request, reply, provider) {
   }
   // If it's already an object, use as-is
 
-  // Support both 'email' and 'username' fields for CTH compatibility
-  const email = parsedBody.email || parsedBody.username;
+  // Support username, email, or legacy 'email' field for backwards compatibility
+  const identifier = parsedBody.username || parsedBody.email;
   const password = parsedBody.password;
 
-  request.log.info({ email, hasPassword: !!password, bodyType: typeof request.body, keys: Object.keys(parsedBody) }, 'Login attempt');
+  request.log.info({ identifier, hasPassword: !!password, bodyType: typeof request.body, keys: Object.keys(parsedBody) }, 'Login attempt');
 
   try {
     const interaction = await provider.Interaction.find(uid);
@@ -94,16 +96,16 @@ export async function handleLogin(request, reply, provider) {
     }
 
     // Validate input
-    if (!email || !password) {
-      interaction.lastError = 'Email and password are required';
+    if (!identifier || !password) {
+      interaction.lastError = 'Username and password are required';
       await interaction.save(interaction.exp - Math.floor(Date.now() / 1000));
       return reply.redirect(`/idp/interaction/${uid}`);
     }
 
     // Authenticate
-    const account = await authenticate(email, password);
+    const account = await authenticate(identifier, password);
     if (!account) {
-      interaction.lastError = 'Invalid email or password';
+      interaction.lastError = 'Invalid username or password';
       await interaction.save(interaction.exp - Math.floor(Date.now() / 1000));
       return reply.redirect(`/idp/interaction/${uid}`);
     }
@@ -291,3 +293,100 @@ export async function handleAbort(request, reply, provider) {
     return reply.code(500).type('text/html').send(errorPage('Error', err.message));
   }
 }
+
+/**
+ * Handle GET /idp/register
+ * Shows registration page
+ */
+export async function handleRegisterGet(request, reply) {
+  const uid = request.query.uid || null;
+  return reply.type('text/html').send(registerPage(uid));
+}
+
+/**
+ * Handle POST /idp/register
+ * Creates account and pod
+ */
+export async function handleRegisterPost(request, reply, issuer) {
+  const uid = request.query.uid || null;
+
+  // Parse body
+  let parsedBody = request.body || {};
+  const contentType = request.headers['content-type'] || '';
+
+  if (Buffer.isBuffer(parsedBody)) {
+    const bodyStr = parsedBody.toString();
+    if (contentType.includes('application/json')) {
+      try {
+        parsedBody = JSON.parse(bodyStr);
+      } catch (e) {
+        parsedBody = {};
+      }
+    } else {
+      const params = new URLSearchParams(bodyStr);
+      parsedBody = Object.fromEntries(params.entries());
+    }
+  } else if (typeof parsedBody === 'string') {
+    const params = new URLSearchParams(parsedBody);
+    parsedBody = Object.fromEntries(params.entries());
+  }
+
+  const { username, password, confirmPassword } = parsedBody;
+
+  // Validate input
+  if (!username || !password) {
+    return reply.type('text/html').send(registerPage(uid, 'Username and password are required'));
+  }
+
+  // Validate username format
+  const usernameRegex = /^[a-z0-9]+$/;
+  if (!usernameRegex.test(username)) {
+    return reply.type('text/html').send(registerPage(uid, 'Username must contain only lowercase letters and numbers'));
+  }
+
+  if (username.length < 3) {
+    return reply.type('text/html').send(registerPage(uid, 'Username must be at least 3 characters'));
+  }
+
+
+  if (password !== confirmPassword) {
+    return reply.type('text/html').send(registerPage(uid, 'Passwords do not match'));
+  }
+
+  try {
+    // Build URLs
+    const baseUrl = issuer.endsWith('/') ? issuer.slice(0, -1) : issuer;
+    const podUri = `${baseUrl}/${username}/`;
+    const webId = `${podUri}#me`;
+
+    // Check if pod already exists
+    const podPath = `${username}/`;
+    const podExists = await storage.exists(podPath);
+    if (podExists) {
+      return reply.type('text/html').send(registerPage(uid, 'Username is already taken'));
+    }
+
+    // Create pod structure
+    await createPodStructure(username, webId, baseUrl);
+
+    // Create account
+    await createAccount({
+      username,
+      password,
+      webId,
+      podName: username,
+    });
+
+    request.log.info({ username, webId }, 'Account and pod created');
+
+    // Redirect to login
+    if (uid) {
+      return reply.redirect(`/idp/interaction/${uid}`);
+    } else {
+      return reply.type('text/html').send(registerPage(null, null, `Account created! You can now sign in as "${username}".`));
+    }
+  } catch (err) {
+    request.log.error(err, 'Registration error');
+    return reply.type('text/html').send(registerPage(uid, err.message));
+  }
+}

package/src/idp/views.js

@@ -52,6 +52,7 @@ const styles = `
     color: #333;
     margin-bottom: 6px;
   }
+  input[type="text"],
   input[type="email"],
   input[type="password"] {
     width: 100%;
@@ -160,6 +161,8 @@ const scopeDescriptions = {
  * Login page HTML
  */
 export function loginPage(uid, clientId, error = null) {
+  const appName = clientId || 'An application';
+
   return `
 <!DOCTYPE html>
 <html lang="en">
@@ -175,11 +178,16 @@ export function loginPage(uid, clientId, error = null) {
     <h1>Sign In</h1>
     <p class="subtitle">Sign in to your Solid Pod</p>
 
+    <div class="client-info">
+      <div class="client-name">${escapeHtml(appName)}</div>
+      <div class="client-uri">is requesting access to your pod</div>
+    </div>
+
     ${error ? `<div class="error">${escapeHtml(error)}</div>` : ''}
 
     <form method="POST" action="/idp/interaction/${uid}/login">
-      <label for="email">Email</label>
-      <input type="email" id="email" name="email" required autofocus placeholder="you@example.com">
+      <label for="username">Username</label>
+      <input type="text" id="username" name="username" required autofocus placeholder="Your username">
 
       <label for="password">Password</label>
       <input type="password" id="password" name="password" required placeholder="Your password">
@@ -190,6 +198,10 @@ export function loginPage(uid, clientId, error = null) {
     <form method="POST" action="/idp/interaction/${uid}/abort">
       <button type="submit" class="btn btn-secondary">Cancel</button>
     </form>
+
+    <p style="text-align: center; margin-top: 24px; color: #666; font-size: 14px;">
+      Don't have an account? <a href="/idp/register?uid=${uid}" style="color: #0066cc;">Register</a>
+    </p>
   </div>
 </body>
 </html>
@@ -281,6 +293,54 @@ export function errorPage(title, message) {
   `;
 }
 
+/**
+ * Registration page HTML
+ */
+export function registerPage(uid = null, error = null, success = null) {
+  return `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Register - Solid IdP</title>
+  <style>${styles}</style>
+</head>
+<body>
+  <div class="container">
+    <div class="logo">${solidLogo}</div>
+    <h1>Create Account</h1>
+    <p class="subtitle">Register for a new Solid Pod</p>
+
+    ${error ? `<div class="error">${escapeHtml(error)}</div>` : ''}
+    ${success ? `<div class="error" style="background: #efe; border-color: #cfc; color: #060;">${escapeHtml(success)}</div>` : ''}
+
+    <form method="POST" action="/idp/register${uid ? `?uid=${uid}` : ''}">
+      <label for="username">Username</label>
+      <input type="text" id="username" name="username" required autofocus
+             placeholder="Choose a username" pattern="[a-z0-9]+"
+             title="Lowercase letters and numbers only">
+
+      <label for="password">Password</label>
+      <input type="password" id="password" name="password" required
+             placeholder="Choose a password">
+
+      <label for="confirmPassword">Confirm Password</label>
+      <input type="password" id="confirmPassword" name="confirmPassword" required
+             placeholder="Confirm your password">
+
+      <button type="submit" class="btn btn-primary">Create Account</button>
+    </form>
+
+    <p style="text-align: center; margin-top: 24px; color: #666; font-size: 14px;">
+      Already have an account? <a href="${uid ? `/idp/interaction/${uid}` : '/idp/auth'}" style="color: #0066cc;">Sign In</a>
+    </p>
+  </div>
+</body>
+</html>
+  `;
+}
+
 /**
  * Escape HTML to prevent XSS
  */

package/test/idp.test.js

@@ -96,18 +96,6 @@ describe('Identity Provider', () => {
       assert.ok(body.error.includes('Password'));
     });
 
-    it('should require minimum password length', async () => {
-      const res = await fetch(`${BASE_URL}/.pods`, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ name: 'shortpass', email: 'test@example.com', password: 'short' }),
-      });
-
-      assert.strictEqual(res.status, 400);
-      const body = await res.json();
-      assert.ok(body.error.includes('8'));
-    });
-
     it('should create pod with account', async () => {
       const uniqueId = Date.now();
       const res = await fetch(`${BASE_URL}/.pods`, {

package/test/patch.test.js

@@ -207,21 +207,26 @@ describe('PATCH Operations', () => {
       assertStatus(res, 415);
     });
 
-    it('should return 404 for non-existent resource', async () => {
+    it('should create resource if it does not exist', async () => {
       const patch = `
         @prefix solid: <http://www.w3.org/ns/solid/terms#>.
         _:patch a solid:InsertDeletePatch;
           solid:inserts { <#me> <http://example.org/p> "test" }.
       `;
 
-      const res = await request('/patchtest/public/nonexistent.json', {
+      const res = await request('/patchtest/public/patch-created.json', {
         method: 'PATCH',
         headers: { 'Content-Type': 'text/n3' },
         body: patch,
         auth: 'patchtest'
       });
 
-      assertStatus(res, 404);
+      // PATCH creates resources in Solid
+      assertStatus(res, 201);
+
+      // Verify resource was created with the inserted data
+      const getRes = await request('/patchtest/public/patch-created.json');
+      assertStatus(getRes, 200);
     });
 
     it('should return 409 when patching non-JSON-LD resource', async () => {

package/test/sparql-update.test.js

@@ -157,15 +157,20 @@ describe('SPARQL Update', () => {
   });
 
   describe('Error handling', () => {
-    it('should return 404 for non-existent resource', async () => {
+    it('should create resource if it does not exist', async () => {
       const sparql = `INSERT DATA { <#x> <http://example.org/p> "v" }`;
-      const res = await request('/sparqltest/public/nonexistent.json', {
+      const res = await request('/sparqltest/public/sparql-created.json', {
         method: 'PATCH',
         headers: { 'Content-Type': 'application/sparql-update' },
         body: sparql,
         auth: 'sparqltest'
       });
-      assertStatus(res, 404);
+      // PATCH creates resources in Solid
+      assertStatus(res, 201);
+
+      // Verify resource was created
+      const getRes = await request('/sparqltest/public/sparql-created.json');
+      assertStatus(getRes, 200);
     });
 
     it('should return 415 for unsupported content type', async () => {

package/test-data-idp-accounts/.idp/accounts/318e7a79-23d5-4e0b-8fa1-b63cfaee87e1.json

@@ -0,0 +1,10 @@
+{
+  "id": "318e7a79-23d5-4e0b-8fa1-b63cfaee87e1",
+  "username": "credtest",
+  "email": "credtest@example.com",
+  "passwordHash": "$2b$10$ITkxFeVH56JBgjDqYASbfuounFozpoVQpBvtsYxCszx2I0PBEX0hq",
+  "webId": "http://localhost:3101/credtest/#me",
+  "podName": "credtest",
+  "createdAt": "2025-12-27T14:33:50.756Z",
+  "lastLogin": "2025-12-27T14:33:51.196Z"
+}

package/test-data-idp-accounts/.idp/accounts/_email_index.json

@@ -1,3 +1,3 @@
 {
-  "credtest@example.com": "95d4d470-1e8c-4b17-bcff-a62b8a54813b"
+  "credtest@example.com": "318e7a79-23d5-4e0b-8fa1-b63cfaee87e1"
 }

package/test-data-idp-accounts/.idp/accounts/_username_index.json

@@ -0,0 +1,3 @@
+{
+  "credtest": "318e7a79-23d5-4e0b-8fa1-b63cfaee87e1"
+}

package/test-data-idp-accounts/.idp/accounts/_webid_index.json

@@ -1,3 +1,3 @@
 {
-  "http://localhost:3101/credtest/#me": "95d4d470-1e8c-4b17-bcff-a62b8a54813b"
+  "http://localhost:3101/credtest/#me": "318e7a79-23d5-4e0b-8fa1-b63cfaee87e1"
 }

package/test-data-idp-accounts/.idp/keys/jwks.json

@@ -3,20 +3,20 @@
     "keys": [
       {
         "kty": "EC",
-        "x": "_0WHR5nff4EnQiPYLZEuPKNmV7qWxizbdY6NeepX4gc",
-        "y": "JowkolFdgQSs4GZ7nGN5ljMII8QAxHDYv2Qp4x5eHgo",
+        "x": "Nf8dDZkLGjtbhOI4-NdDeJpP7jFZ1yRIsLGbg4wWFIU",
+        "y": "RlENuTLrM8M6a1UQorqtB3NIS5VXq_gI9lqJMUKDjo8",
         "crv": "P-256",
-        "d": "zvFCMQvrEJwSTkfloHws3EFQRA0o5abR22so5LcCTao",
-        "kid": "ed8976e4-f907-4fb4-82ff-846a62807dd7",
+        "d": "WZKOZkoJBrwF7JfwLXPzpJY2XXNgab-YfqUSIT2Xpfs",
+        "kid": "91ebc94d-1ed9-4ded-b017-70f51f2aff2b",
         "use": "sig",
         "alg": "ES256",
-        "iat": 1766843846
+        "iat": 1766846030
       }
     ]
   },
   "cookieKeys": [
-    "oQ-IdseWVLpOiwPmpYeY1ShFHI3lLHRiW6NsYeNBpP0",
-    "xrKoXpxC4O7wOZ65jNr4Kw7DnFYdkyK4pw2HOJE4D10"
+    "V7_pksFGkYdBgSRG_lC9AWIki50H1qzj9-L_T-Q7OC0",
+    "hmJQwz_B5QLiHUkncYUHZC7xOtGLrLvQVyBmJ5r-nIo"
   ],
-  "createdAt": "2025-12-27T13:57:26.882Z"
+  "createdAt": "2025-12-27T14:33:50.653Z"
 }

package/test-data-idp-accounts/.idp/accounts/95d4d470-1e8c-4b17-bcff-a62b8a54813b.json

@@ -1,9 +0,0 @@
-{
-  "id": "95d4d470-1e8c-4b17-bcff-a62b8a54813b",
-  "email": "credtest@example.com",
-  "passwordHash": "$2b$10$dfsBq19GkIsL/qaer5LlxeSD8cMFJS4U8o7Wt06f/u29Cdhc8eJ3i",
-  "webId": "http://localhost:3101/credtest/#me",
-  "podName": "credtest",
-  "createdAt": "2025-12-27T13:57:26.941Z",
-  "lastLogin": "2025-12-27T13:57:27.182Z"
-}