npm - javascript-solid-server - Versions diffs - 0.0.29 → 0.0.32 - Mend

javascript-solid-server 0.0.29 → 0.0.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +13 -5
package/clock-updater.mjs +58 -0
package/package.json +2 -2
package/src/handlers/resource.js +140 -32
package/src/idp/index.js +2 -0
package/src/rdf/turtle.js +21 -5
package/src/webid/profile.js +10 -18

package/README.md CHANGED Viewed

@@ -4,7 +4,7 @@ A minimal, fast, JSON-LD native Solid server.
 ## Features
-### Implemented (v0.0.23)
+### Implemented (v0.0.31)
 - **LDP CRUD Operations** - GET, PUT, POST, DELETE, HEAD
 - **N3 Patch** - Solid's native patch format for RDF updates
@@ -17,14 +17,14 @@ A minimal, fast, JSON-LD native Solid server.
 - **Multi-user Pods** - Path-based (`/alice/`) or subdomain-based (`alice.example.com`)
 - **Subdomain Mode** - XSS protection via origin isolation
 - **Mashlib Data Browser** - Optional SolidOS UI (CDN or local hosting)
-- **WebID Profiles** - JSON-LD structured data in HTML at pod root
+- **WebID Profiles** - HTML with JSON-LD data islands, rendered with mashlib-jss + solidos-lite
 - **Web Access Control (WAC)** - `.acl` file-based authorization
 - **Solid-OIDC Identity Provider** - Built-in IdP with DPoP, dynamic registration
 - **Solid-OIDC Resource Server** - Accept DPoP-bound access tokens from external IdPs
 - **NSS-style Registration** - Username/password auth compatible with Solid apps
 - **Nostr Authentication** - NIP-98 HTTP Auth with Schnorr signatures
 - **Simple Auth Tokens** - Built-in token authentication for development
-- **Content Negotiation** - Optional Turtle <-> JSON-LD conversion
+- **Content Negotiation** - Turtle <-> JSON-LD conversion, including HTML data islands
 - **CORS Support** - Full cross-origin resource sharing
 ### HTTP Methods
@@ -36,7 +36,7 @@ A minimal, fast, JSON-LD native Solid server.
 | PUT | Full - Create/update resources |
 | POST | Full - Create in containers |
 | DELETE | Full |
-| PATCH | N3 Patch format |
+| PATCH | N3 Patch + SPARQL Update |
 | OPTIONS | Full with CORS |
 ## Getting Started
@@ -285,7 +285,15 @@ npm install && npm run build
 3. Mashlib fetches the actual data via content negotiation
 4. Mashlib renders an interactive, editable view
-**Note:** Mashlib works best with `--conneg` enabled for Turtle support. Pod profiles (`/alice/`) continue to serve our JSON-LD-in-HTML format.
+**Note:** Mashlib works best with `--conneg` enabled for Turtle support.
+### Profile Pages
+Pod profiles (`/alice/`) use HTML with embedded JSON-LD data islands and are rendered using:
+- [mashlib-jss](https://github.com/JavaScriptSolidServer/mashlib-jss) - A fork of mashlib with `getPod()` fix for path-based pods
+- [solidos-lite](https://github.com/SolidOS/solidos-lite) - Parses JSON-LD data islands into the RDF store
+This allows profiles to work without server-side content negotiation while still providing full SolidOS editing capabilities.
 ### WebSocket Notifications

package/clock-updater.mjs ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * Clock Updater - Updates the Solid clock every second using Nostr auth
+ * Usage: node clock-updater.mjs
+ */
+import { getPublicKey, finalizeEvent } from 'nostr-tools';
+import { getToken } from 'nostr-tools/nip98';
+// Nostr keypair (in production, load from env/file)
+const SK_HEX = '3f188544fb81bd324ead7be9697fd9503d18345e233a7b0182915b0b582ddd70';
+const sk = Uint8Array.from(Buffer.from(SK_HEX, 'hex'));
+const pk = getPublicKey(sk);
+const CLOCK_URL = 'https://solid.social/melvin/public/clock.json';
+async function updateClock() {
+  const now = Math.floor(Date.now() / 1000);
+  const isoDate = new Date(now * 1000).toISOString();
+  const clockData = {
+    '@context': { 'schema': 'http://schema.org/' },
+    '@id': '#clock',
+    '@type': 'schema:Clock',
+    'schema:dateModified': isoDate,
+    'schema:value': now
+  };
+  try {
+    const token = await getToken(CLOCK_URL, 'PUT', (e) => finalizeEvent(e, sk));
+    const res = await fetch(CLOCK_URL, {
+      method: 'PUT',
+      headers: {
+        'Content-Type': 'application/ld+json',
+        'Authorization': 'Nostr ' + token
+      },
+      body: JSON.stringify(clockData)
+    });
+    const time = isoDate.split('T')[1].replace('Z', '');
+    if (res.ok) {
+      process.stdout.write(`\r${time} - Updated`);
+    } else {
+      console.log(`\n${time} - Error: ${res.status} ${res.statusText}`);
+    }
+  } catch (err) {
+    console.log(`\nError: ${err.message}`);
+  }
+}
+console.log('Clock Updater started');
+console.log('did:nostr:', 'did:nostr:' + pk);
+console.log('Target:', CLOCK_URL);
+console.log('Press Ctrl+C to stop\n');
+// Run immediately, then every second
+updateClock();
+setInterval(updateClock, 1000);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.29",
+  "version": "0.0.32",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",
@@ -27,7 +27,7 @@
     "@fastify/websocket": "^8.3.1",
     "bcrypt": "^6.0.0",
     "commander": "^14.0.2",
-    "fastify": "^4.25.2",
+    "fastify": "^4.29.1",
     "fs-extra": "^11.2.0",
     "jose": "^6.1.3",
     "n3": "^1.26.0",

package/src/handlers/resource.js CHANGED Viewed

@@ -192,38 +192,70 @@ export async function handleGet(request, reply) {
     return reply.code(500).send({ error: 'Read error' });
   }
-  // Content negotiation for RDF resources
-  if (connegEnabled && isRdfContentType(storedContentType)) {
-    try {
-      // Parse stored content as JSON-LD
-      const jsonLd = JSON.parse(content.toString());
-      // Select output format based on Accept header
-      const acceptHeader = request.headers.accept;
-      const targetType = selectContentType(acceptHeader, connegEnabled);
-      // Convert to requested format
-      const { content: outputContent, contentType: outputType } = await fromJsonLd(
-        jsonLd,
-        targetType,
-        resourceUrl,
-        connegEnabled
-      );
-      const headers = getAllHeaders({
-        isContainer: false,
-        etag: stats.etag,
-        contentType: outputType,
-        origin,
-        resourceUrl,
-        connegEnabled
-      });
-      headers['Vary'] = getVaryHeader(connegEnabled, request.mashlibEnabled);
+  // Content negotiation for RDF resources (including HTML with JSON-LD data islands)
+  if (connegEnabled) {
+    const contentStr = content.toString();
+    const acceptHeader = request.headers.accept || '';
+    const wantsTurtle = acceptHeader.includes('text/turtle') ||
+                        acceptHeader.includes('text/n3') ||
+                        acceptHeader.includes('application/n-triples');
+    // Check if this is HTML with JSON-LD data island
+    const isHtmlWithDataIsland = contentStr.trimStart().startsWith('<!DOCTYPE') ||
+                                  contentStr.trimStart().startsWith('<html');
+    if (isHtmlWithDataIsland && wantsTurtle) {
+      // Extract JSON-LD from HTML data island and convert to Turtle
+      try {
+        const jsonLdMatch = contentStr.match(/<script\s+type=["']application\/ld\+json["']\s*>([\s\S]*?)<\/script>/i);
+        if (jsonLdMatch) {
+          const jsonLd = JSON.parse(jsonLdMatch[1]);
+          const { content: turtleContent } = await fromJsonLd(jsonLd, 'text/turtle', resourceUrl, true);
+          const headers = getAllHeaders({
+            isContainer: false,
+            etag: stats.etag,
+            contentType: 'text/turtle',
+            origin,
+            resourceUrl,
+            connegEnabled
+          });
+          headers['Vary'] = getVaryHeader(connegEnabled, request.mashlibEnabled);
+          Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
+          return reply.send(turtleContent);
+        }
+      } catch (err) {
+        // Fall through to serve HTML if conversion fails
+        console.error('Failed to convert HTML data island to Turtle:', err.message);
+      }
+    } else if (isRdfContentType(storedContentType)) {
+      // Plain JSON-LD file
+      try {
+        const jsonLd = JSON.parse(contentStr);
+        const targetType = selectContentType(acceptHeader, connegEnabled);
+        const { content: outputContent, contentType: outputType } = await fromJsonLd(
+          jsonLd,
+          targetType,
+          resourceUrl,
+          connegEnabled
+        );
+        const headers = getAllHeaders({
+          isContainer: false,
+          etag: stats.etag,
+          contentType: outputType,
+          origin,
+          resourceUrl,
+          connegEnabled
+        });
+        headers['Vary'] = getVaryHeader(connegEnabled, request.mashlibEnabled);
-      Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
-      return reply.send(outputContent);
-    } catch (e) {
-      // If not valid JSON-LD, serve as-is
+        Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
+        return reply.send(outputContent);
+      } catch (e) {
+        // If not valid JSON-LD, serve as-is
+      }
     }
   }
@@ -533,10 +565,86 @@ export async function handlePatch(request, reply) {
         });
       }
     } else {
-      // Parse as plain JSON-LD
+      // Try to parse as JSON-LD first
       try {
         document = JSON.parse(contentStr);
       } catch (e) {
+        // Not JSON - might be Turtle, handle with RDF store for SPARQL Update
+        if (isSparqlUpdate) {
+          // Parse Turtle and apply SPARQL Update directly
+          const { Parser, Writer } = await import('n3');
+          const parser = new Parser({ baseIRI: resourceUrl });
+          let quads;
+          try {
+            quads = parser.parse(contentStr);
+          } catch (parseErr) {
+            return reply.code(409).send({
+              error: 'Conflict',
+              message: 'Resource is not valid Turtle: ' + parseErr.message
+            });
+          }
+          // Parse the SPARQL Update
+          const patchContent = Buffer.isBuffer(request.body) ? request.body.toString() : request.body;
+          let update;
+          try {
+            update = parseSparqlUpdate(patchContent, resourceUrl);
+          } catch (parseErr) {
+            return reply.code(400).send({
+              error: 'Bad Request',
+              message: 'Invalid SPARQL Update: ' + parseErr.message
+            });
+          }
+          // Apply deletes
+          for (const triple of update.deletes) {
+            quads = quads.filter(q => {
+              const matches = q.subject.value === triple.subject &&
+                             q.predicate.value === triple.predicate &&
+                             (q.object.value === (triple.object['@id'] || triple.object['@value'] || triple.object));
+              return !matches;
+            });
+          }
+          // Apply inserts
+          const { DataFactory } = await import('n3');
+          const { namedNode, literal } = DataFactory;
+          for (const triple of update.inserts) {
+            const subj = namedNode(triple.subject);
+            const pred = namedNode(triple.predicate);
+            let obj;
+            if (triple.object['@id']) {
+              obj = namedNode(triple.object['@id']);
+            } else if (typeof triple.object === 'string') {
+              obj = literal(triple.object);
+            } else {
+              obj = literal(triple.object['@value'] || triple.object);
+            }
+            quads.push(DataFactory.quad(subj, pred, obj));
+          }
+          // Serialize back to Turtle
+          const writer = new Writer({ prefixes: {} });
+          quads.forEach(q => writer.addQuad(q));
+          let turtleOutput;
+          writer.end((err, result) => { turtleOutput = result; });
+          const success = await storage.write(storagePath, Buffer.from(turtleOutput));
+          if (!success) {
+            return reply.code(500).send({ error: 'Write failed' });
+          }
+          const origin = request.headers.origin;
+          const headers = getAllHeaders({ isContainer: false, origin, resourceUrl });
+          Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
+          if (request.notificationsEnabled) {
+            emitChange(resourceUrl);
+          }
+          return reply.code(resourceExists ? 204 : 201).send();
+        }
         return reply.code(409).send({
           error: 'Conflict',
           message: 'Resource is not valid JSON-LD and cannot be patched'

package/src/idp/index.js CHANGED Viewed

@@ -184,6 +184,8 @@ export async function idpPlugin(fastify, options) {
       claims_supported: ['sub', 'webid', 'name', 'email', 'email_verified'],
       code_challenge_methods_supported: ['S256'],
       dpop_signing_alg_values_supported: ['ES256', 'RS256'],
+      // RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification
+      authorization_response_iss_parameter_supported: true,
       // Solid-OIDC specific
       solid_oidc_supported: 'https://solidproject.org/TR/solid-oidc',
     };

package/src/rdf/turtle.js CHANGED Viewed

@@ -151,14 +151,15 @@ function quadsToJsonLd(quads, baseUri, prefixes = {}) {
     nodes.push(jsonNode);
   }
-  // Build result
+  // Build result - return array if multiple nodes, single object otherwise
   const context = buildContext(prefixes);
   if (nodes.length === 1) {
     return { '@context': context, ...nodes[0] };
   }
-  return { '@context': context, '@graph': nodes };
+  // Multiple nodes: return as array (no @graph)
+  return nodes.map((node, i) => i === 0 ? { '@context': context, ...node } : node);
 }
 /**
@@ -166,10 +167,25 @@ function quadsToJsonLd(quads, baseUri, prefixes = {}) {
  */
 function jsonLdToQuads(jsonLd, baseUri) {
   const quads = [];
-  const context = jsonLd['@context'] || {};
-  // Handle @graph or single object
-  const nodes = jsonLd['@graph'] || [jsonLd];
+  // Handle array of JSON-LD objects (e.g., from multiple PATCH operations)
+  const documents = Array.isArray(jsonLd) ? jsonLd : [jsonLd];
+  // Merge all contexts and collect all nodes
+  let mergedContext = {};
+  let nodes = [];
+  for (const doc of documents) {
+    if (doc['@context']) {
+      mergedContext = { ...mergedContext, ...doc['@context'] };
+    }
+    // Each document with @id is a node (no @graph needed)
+    if (doc['@id']) {
+      nodes.push(doc);
+    }
+  }
+  const context = mergedContext;
   for (const node of nodes) {
     if (!node['@id']) continue;

package/src/webid/profile.js CHANGED Viewed

@@ -33,25 +33,17 @@ export function generateProfileJsonLd({ webId, name, podUri, issuer }) {
       'inbox': { '@id': 'ldp:inbox', '@type': '@id' },
       'storage': { '@id': 'pim:storage', '@type': '@id' },
       'oidcIssuer': { '@id': 'solid:oidcIssuer', '@type': '@id' },
-      'preferencesFile': { '@id': 'pim:preferencesFile', '@type': '@id' }
+      'preferencesFile': { '@id': 'pim:preferencesFile', '@type': '@id' },
+      'mainEntityOfPage': { '@id': 'schema:mainEntityOfPage', '@type': '@id' }
     },
-    '@graph': [
-      {
-        '@id': profileDoc,
-        '@type': 'foaf:PersonalProfileDocument',
-        'foaf:maker': { '@id': webId },
-        'foaf:primaryTopic': { '@id': webId }
-      },
-      {
-        '@id': webId,
-        '@type': ['foaf:Person', 'schema:Person'],
-        'foaf:name': name,
-        'inbox': `${pod}inbox/`,
-        'storage': pod,
-        'oidcIssuer': issuer,
-        'preferencesFile': `${pod}settings/prefs`
-      }
-    ]
+    '@id': webId,
+    '@type': ['foaf:Person', 'schema:Person'],
+    'foaf:name': name,
+    'mainEntityOfPage': profileDoc,
+    'inbox': `${pod}inbox/`,
+    'storage': pod,
+    'oidcIssuer': issuer,
+    'preferencesFile': `${pod}settings/prefs`
   };
 }