javascript-solid-server 0.0.32 → 0.0.34

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.32",
+  "version": "0.0.34",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/auth/middleware.js

@@ -28,6 +28,11 @@ export async function authorize(request, reply) {
   // Get WebID from token (supports both simple and Solid-OIDC tokens)
   const { webId, error: authError } = await getWebIdFromRequestAsync(request);
 
+  // Log auth failures for debugging
+  if (authError) {
+    request.log.warn({ authError, method, urlPath, hasAuth: !!request.headers.authorization }, 'Auth error');
+  }
+
   // Get effective storage path (includes pod name in subdomain mode)
   const storagePath = getEffectiveUrlPath(request);
 

package/src/auth/solid-oidc.js

@@ -89,16 +89,19 @@ export async function verifySolidOidc(request) {
   } catch (err) {
     // Handle specific JWT errors
     if (err.code === 'ERR_JWT_EXPIRED') {
+      console.error('Solid-OIDC: Access token expired');
       return { webId: null, error: 'Access token expired' };
     }
     if (err.code === 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED') {
+      console.error('Solid-OIDC: Invalid token signature');
       return { webId: null, error: 'Invalid token signature' };
     }
     if (err.code === 'ERR_JWKS_NO_MATCHING_KEY') {
+      console.error('Solid-OIDC: No matching key found in JWKS');
       return { webId: null, error: 'No matching key found in JWKS' };
     }
 
-    console.error('Solid-OIDC verification error:', err.message);
+    console.error('Solid-OIDC verification error:', err.code, err.message);
     return { webId: null, error: 'Token verification failed' };
   }
 }
@@ -177,8 +180,8 @@ async function verifyDpopProof(dpopProof, request, accessToken) {
     return { thumbprint, error: null };
 
   } catch (err) {
-    console.error('DPoP verification error:', err.message);
-    return { thumbprint: null, error: 'Invalid DPoP proof' };
+    console.error('DPoP verification error:', err.code, err.message);
+    return { thumbprint: null, error: 'Invalid DPoP proof: ' + err.message };
   }
 }
 

package/src/handlers/container.js

@@ -125,35 +125,35 @@ export async function handlePost(request, reply) {
  * Create pod directory structure (reusable for registration)
  * @param {string} name - Pod name (username)
  * @param {string} webId - User's WebID URI
- * @param {string} baseUrl - Base URL (without trailing slash)
+ * @param {string} podUri - Pod root URI (e.g., https://alice.example.com/ or https://example.com/alice/)
+ * @param {string} issuer - OIDC issuer URI
  */
-export async function createPodStructure(name, webId, baseUrl) {
+export async function createPodStructure(name, webId, podUri, issuer) {
   const podPath = `/${name}/`;
-  const podUri = `${baseUrl}/${name}/`;
-  const issuer = baseUrl + '/';
 
   // Create pod directory structure
+  // Uses 'Settings' (capital S) for mashlib compatibility
   await storage.createContainer(podPath);
   await storage.createContainer(`${podPath}inbox/`);
   await storage.createContainer(`${podPath}public/`);
   await storage.createContainer(`${podPath}private/`);
-  await storage.createContainer(`${podPath}settings/`);
+  await storage.createContainer(`${podPath}Settings/`);
   await storage.createContainer(`${podPath}profile/`);
 
   // Generate and write WebID profile at /profile/card (standard Solid location)
   const profileHtml = generateProfile({ webId, name, podUri, issuer });
   await storage.write(`${podPath}profile/card`, profileHtml);
 
-  // Generate and write preferences
+  // Generate and write preferences (mashlib-compatible paths)
   const prefs = generatePreferences({ webId, podUri });
-  await storage.write(`${podPath}settings/prefs`, serialize(prefs));
+  await storage.write(`${podPath}Settings/Preferences.ttl`, serialize(prefs));
 
-  // Generate and write type indexes
-  const publicTypeIndex = generateTypeIndex(`${podUri}settings/publicTypeIndex`);
-  await storage.write(`${podPath}settings/publicTypeIndex`, serialize(publicTypeIndex));
+  // Generate and write type indexes with .ttl extension for mashlib
+  const publicTypeIndex = generateTypeIndex(`${podUri}Settings/publicTypeIndex.ttl`);
+  await storage.write(`${podPath}Settings/publicTypeIndex.ttl`, serialize(publicTypeIndex));
 
-  const privateTypeIndex = generateTypeIndex(`${podUri}settings/privateTypeIndex`);
-  await storage.write(`${podPath}settings/privateTypeIndex`, serialize(privateTypeIndex));
+  const privateTypeIndex = generateTypeIndex(`${podUri}Settings/privateTypeIndex.ttl`);
+  await storage.write(`${podPath}Settings/privateTypeIndex.ttl`, serialize(privateTypeIndex));
 
   // Create default ACL files
   // Pod root: owner full control, public read
@@ -165,8 +165,8 @@ export async function createPodStructure(name, webId, baseUrl) {
   await storage.write(`${podPath}private/.acl`, serializeAcl(privateAcl));
 
   // Settings folder: owner only
-  const settingsAcl = generatePrivateAcl(`${podUri}settings/`, webId);
-  await storage.write(`${podPath}settings/.acl`, serializeAcl(settingsAcl));
+  const settingsAcl = generatePrivateAcl(`${podUri}Settings/`, webId);
+  await storage.write(`${podPath}Settings/.acl`, serializeAcl(settingsAcl));
 
   // Inbox: owner full, public append
   const inboxAcl = generateInboxAcl(`${podUri}inbox/`, webId);
@@ -253,7 +253,7 @@ export async function handleCreatePod(request, reply) {
 
   try {
     // Use shared pod creation function
-    await createPodStructure(name, webId, baseUri);
+    await createPodStructure(name, webId, podUri, issuer);
   } catch (err) {
     console.error('Pod creation error:', err);
     // Cleanup on failure

package/src/handlers/resource.js

@@ -146,6 +146,42 @@ export async function handleGet(request, reply) {
       return reply.type('text/html').send(html);
     }
 
+    // Check if Turtle/N3 format is requested via content negotiation
+    const acceptHeader = request.headers.accept || '';
+    const wantsTurtle = connegEnabled && (
+      acceptHeader.includes('text/turtle') ||
+      acceptHeader.includes('text/n3') ||
+      acceptHeader.includes('application/n-triples')
+    );
+
+    if (wantsTurtle) {
+      // Convert container JSON-LD to Turtle
+      try {
+        const { content: turtleContent } = await fromJsonLd(
+          jsonLd,
+          'text/turtle',
+          resourceUrl,
+          true
+        );
+
+        const headers = getAllHeaders({
+          isContainer: true,
+          etag: stats.etag,
+          contentType: 'text/turtle',
+          origin,
+          resourceUrl,
+          connegEnabled
+        });
+        headers['Vary'] = 'Accept';
+
+        Object.entries(headers).forEach(([k, v]) => reply.header(k, v));
+        return reply.send(turtleContent);
+      } catch (err) {
+        // Fall through to JSON-LD if conversion fails
+        console.error('Failed to convert container to Turtle:', err.message);
+      }
+    }
+
     const headers = getAllHeaders({
       isContainer: true,
       etag: stats.etag,
@@ -196,7 +232,9 @@ export async function handleGet(request, reply) {
   if (connegEnabled) {
     const contentStr = content.toString();
     const acceptHeader = request.headers.accept || '';
-    const wantsTurtle = acceptHeader.includes('text/turtle') ||
+    // Serve Turtle if: URL ends with .ttl OR Accept header requests it
+    const wantsTurtle = urlPath.endsWith('.ttl') ||
+                        acceptHeader.includes('text/turtle') ||
                         acceptHeader.includes('text/n3') ||
                         acceptHeader.includes('application/n-triples');
 
@@ -233,7 +271,8 @@ export async function handleGet(request, reply) {
       // Plain JSON-LD file
       try {
         const jsonLd = JSON.parse(contentStr);
-        const targetType = selectContentType(acceptHeader, connegEnabled);
+        // Use Turtle if URL ends with .ttl, otherwise use Accept header preference
+        const targetType = wantsTurtle ? 'text/turtle' : selectContentType(acceptHeader, connegEnabled);
         const { content: outputContent, contentType: outputType } = await fromJsonLd(
           jsonLd,
           targetType,

package/src/idp/interactions.js

@@ -355,9 +355,20 @@ export async function handleRegisterPost(request, reply, issuer) {
 
   try {
     // Build URLs - WebID follows standard Solid convention: /profile/card#me
+    const subdomainsEnabled = request.subdomainsEnabled;
+    const baseDomain = request.baseDomain;
     const baseUrl = issuer.endsWith('/') ? issuer.slice(0, -1) : issuer;
-    const podUri = `${baseUrl}/${username}/`;
-    const webId = `${podUri}profile/card#me`;
+
+    let podUri, webId;
+    if (subdomainsEnabled && baseDomain) {
+      // Subdomain mode: alice.example.com/profile/card#me
+      podUri = `${request.protocol}://${username}.${baseDomain}/`;
+      webId = `${podUri}profile/card#me`;
+    } else {
+      // Path mode: example.com/alice/profile/card#me
+      podUri = `${baseUrl}/${username}/`;
+      webId = `${podUri}profile/card#me`;
+    }
 
     // Check if pod already exists
     const podPath = `${username}/`;
@@ -367,7 +378,7 @@ export async function handleRegisterPost(request, reply, issuer) {
     }
 
     // Create pod structure
-    await createPodStructure(username, webId, baseUrl);
+    await createPodStructure(username, webId, podUri, issuer);
 
     // Create account
     await createAccount({

package/src/ldp/headers.js

@@ -90,7 +90,7 @@ export function getCorsHeaders(origin) {
   return {
     'Access-Control-Allow-Origin': origin || '*',
     'Access-Control-Allow-Methods': 'GET, HEAD, POST, PUT, DELETE, PATCH, OPTIONS',
-    'Access-Control-Allow-Headers': 'Accept, Authorization, Content-Type, If-Match, If-None-Match, Link, Slug, Origin',
+    'Access-Control-Allow-Headers': 'Accept, Authorization, Content-Type, DPoP, If-Match, If-None-Match, Link, Slug, Origin',
     'Access-Control-Expose-Headers': 'Accept-Patch, Accept-Post, Allow, Content-Type, ETag, Link, Location, Updates-Via, WAC-Allow',
     'Access-Control-Allow-Credentials': 'true',
     'Access-Control-Max-Age': '86400'

package/src/webid/profile.js

@@ -34,6 +34,8 @@ export function generateProfileJsonLd({ webId, name, podUri, issuer }) {
       'storage': { '@id': 'pim:storage', '@type': '@id' },
       'oidcIssuer': { '@id': 'solid:oidcIssuer', '@type': '@id' },
       'preferencesFile': { '@id': 'pim:preferencesFile', '@type': '@id' },
+      'publicTypeIndex': { '@id': 'solid:publicTypeIndex', '@type': '@id' },
+      'privateTypeIndex': { '@id': 'solid:privateTypeIndex', '@type': '@id' },
       'mainEntityOfPage': { '@id': 'schema:mainEntityOfPage', '@type': '@id' }
     },
     '@id': webId,
@@ -43,7 +45,9 @@ export function generateProfileJsonLd({ webId, name, podUri, issuer }) {
     'inbox': `${pod}inbox/`,
     'storage': pod,
     'oidcIssuer': issuer,
-    'preferencesFile': `${pod}settings/prefs`
+    'preferencesFile': `${pod}Settings/Preferences.ttl`,
+    'publicTypeIndex': `${pod}Settings/publicTypeIndex.ttl`,
+    'privateTypeIndex': `${pod}Settings/privateTypeIndex.ttl`
   };
 }
 
@@ -129,6 +133,7 @@ function escapeHtml(str) {
 
 /**
  * Generate preferences file as JSON-LD
+ * Uses mashlib-compatible paths (Settings/Preferences.ttl)
  * @param {object} options
  * @param {string} options.webId - Full WebID URI
  * @param {string} options.podUri - Pod root URI
@@ -144,9 +149,9 @@ export function generatePreferences({ webId, podUri }) {
       'publicTypeIndex': { '@id': 'solid:publicTypeIndex', '@type': '@id' },
       'privateTypeIndex': { '@id': 'solid:privateTypeIndex', '@type': '@id' }
     },
-    '@id': `${pod}settings/prefs`,
-    'publicTypeIndex': `${pod}settings/publicTypeIndex`,
-    'privateTypeIndex': `${pod}settings/privateTypeIndex`
+    '@id': `${pod}Settings/Preferences.ttl`,
+    'publicTypeIndex': `${pod}Settings/publicTypeIndex.ttl`,
+    'privateTypeIndex': `${pod}Settings/privateTypeIndex.ttl`
   };
 }