npm - javascript-solid-server - Versions diffs - 0.0.66 → 0.0.68 - Mend

javascript-solid-server 0.0.66 → 0.0.68

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/.claude/settings.local.json +3 -1
package/package.json +1 -1
package/src/ap/index.js +4 -2
package/src/ap/routes/outbox.js +99 -2
package/src/auth/middleware.js +231 -5
package/src/server.js +1 -1

package/.claude/settings.local.json CHANGED Viewed

@@ -217,7 +217,9 @@
       "Bash(gh repo list:*)",
       "Bash(gh search:*)",
       "Bash(__NEW_LINE__ echo \"\")",
-      "WebFetch(domain:webfinger.net)"
+      "WebFetch(domain:webfinger.net)",
+      "Bash(npm update:*)",
+      "Bash(timeout 8 node:*)"
     ]
   }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.66",
+  "version": "0.0.68",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/ap/index.js CHANGED Viewed

@@ -7,7 +7,7 @@ import { webfinger } from 'microfed'
 import { loadOrCreateKeypair, getKeyId } from './keys.js'
 import { initStore } from './store.js'
 import { createInboxHandler } from './routes/inbox.js'
-import { createOutboxHandler } from './routes/outbox.js'
+import { createOutboxHandler, createOutboxPostHandler } from './routes/outbox.js'
 import { createCollectionsHandler } from './routes/collections.js'
 import { createActorHandler } from './routes/actor.js'
@@ -135,7 +135,7 @@ export async function activityPubPlugin(fastify, options = {}) {
         version: '2.1',
         software: {
           name: 'jss',
-          version: '0.0.66',
+          version: '0.0.67',
           repository: 'https://github.com/JavaScriptSolidServer/JavaScriptSolidServer'
         },
         protocols: ['activitypub', 'solid'],
@@ -165,7 +165,9 @@ export async function activityPubPlugin(fastify, options = {}) {
   // Outbox endpoint
   const outboxHandler = createOutboxHandler(config, keypair)
+  const outboxPostHandler = createOutboxPostHandler(config, keypair)
   fastify.get('/profile/card/outbox', outboxHandler)
+  fastify.post('/profile/card/outbox', outboxPostHandler)
   // Followers/Following collections
   const collectionsHandler = createCollectionsHandler(config)

package/src/ap/routes/outbox.js CHANGED Viewed

@@ -1,9 +1,12 @@
 /**
  * Outbox endpoint handler
  * Returns user's activities as OrderedCollection
+ * Accepts POST to create new posts and deliver to followers
  */
-import { getPosts } from '../store.js'
+import { outbox } from 'microfed'
+import { getPosts, savePost, getFollowerInboxes } from '../store.js'
+import { randomUUID } from 'crypto'
 /**
  * Create outbox handler
@@ -49,4 +52,98 @@ export function createOutboxHandler(config, keypair) {
   }
 }
-export default { createOutboxHandler }
+/**
+ * Create outbox POST handler for creating new posts
+ * @param {object} config - AP configuration
+ * @param {object} keypair - RSA keypair
+ * @returns {Function} Fastify handler
+ */
+export function createOutboxPostHandler(config, keypair) {
+  return async (request, reply) => {
+    const protocol = request.headers['x-forwarded-proto'] || request.protocol
+    const host = request.headers['x-forwarded-host'] || request.hostname
+    const baseUrl = `${protocol}://${host}`
+    const profileUrl = `${baseUrl}/profile/card`
+    const actorId = `${profileUrl}#me`
+    // Parse body
+    let activity
+    try {
+      activity = typeof request.body === 'string'
+        ? JSON.parse(request.body)
+        : request.body
+    } catch {
+      return reply.code(400).send({ error: 'Invalid JSON' })
+    }
+    // Handle direct Note posting (convenience)
+    if (activity.type === 'Note' || (!activity.type && activity.content)) {
+      const noteId = `${baseUrl}/posts/${randomUUID()}`
+      const now = new Date().toISOString()
+      const note = {
+        '@context': 'https://www.w3.org/ns/activitystreams',
+        type: 'Note',
+        id: noteId,
+        content: activity.content,
+        published: now,
+        attributedTo: actorId,
+        to: ['https://www.w3.org/ns/activitystreams#Public'],
+        cc: [`${profileUrl}/followers`],
+        ...(activity.inReplyTo ? { inReplyTo: activity.inReplyTo } : {})
+      }
+      activity = {
+        '@context': 'https://www.w3.org/ns/activitystreams',
+        type: 'Create',
+        id: `${noteId}/activity`,
+        actor: actorId,
+        published: now,
+        object: note,
+        to: note.to,
+        cc: note.cc
+      }
+    }
+    // Save post
+    if (activity.type === 'Create' && activity.object?.type === 'Note') {
+      savePost(
+        activity.object.id,
+        activity.object.content,
+        activity.object.inReplyTo || null
+      )
+    }
+    // Deliver to followers
+    const inboxes = getFollowerInboxes()
+    request.log.info(`Delivering to ${inboxes.length} follower(s)`)
+    const keyId = `${profileUrl}#main-key`
+    const deliveryResults = await Promise.allSettled(
+      inboxes.map(inbox =>
+        outbox.send({
+          activity,
+          inbox,
+          privateKey: keypair.privateKey,
+          keyId
+        })
+      )
+    )
+    const succeeded = deliveryResults.filter(r => r.status === 'fulfilled').length
+    const failed = deliveryResults.filter(r => r.status === 'rejected').length
+    if (failed > 0) {
+      request.log.warn(`Delivery: ${succeeded} succeeded, ${failed} failed`)
+    } else {
+      request.log.info(`Delivered to ${succeeded} inbox(es)`)
+    }
+    return reply
+      .code(201)
+      .header('Location', activity.object?.id || activity.id)
+      .send(activity)
+  }
+}
+export default { createOutboxHandler, createOutboxPostHandler }

package/src/auth/middleware.js CHANGED Viewed

@@ -93,26 +93,36 @@ function getParentPath(path) {
 /**
  * Handle unauthorized request
+ * @param {object} request - Fastify request
  * @param {object} reply - Fastify reply
  * @param {boolean} isAuthenticated - Whether user is authenticated
  * @param {string} wacAllow - WAC-Allow header value
  * @param {string|null} authError - Authentication error message (for DPoP failures)
  * @param {string|null} issuer - IdP issuer URL for WWW-Authenticate header
  */
-export function handleUnauthorized(reply, isAuthenticated, wacAllow, authError = null, issuer = null) {
+export function handleUnauthorized(request, reply, isAuthenticated, wacAllow, authError = null, issuer = null) {
   reply.header('WAC-Allow', wacAllow);
+  const statusCode = isAuthenticated ? 403 : 401;
+  const realm = issuer || 'Solid';
   if (!isAuthenticated) {
-    // Not authenticated - return 401 with WWW-Authenticate header
-    // Solid-OIDC requires DPoP authentication
-    const realm = issuer || 'Solid';
     reply.header('WWW-Authenticate', `DPoP realm="${realm}", Bearer realm="${realm}"`);
+  }
+  // Check if browser wants HTML
+  const accept = request.headers.accept || '';
+  if (accept.includes('text/html')) {
+    return reply.code(statusCode).type('text/html').send(getErrorPage(statusCode, isAuthenticated, request));
+  }
+  // Return JSON for API clients
+  if (!isAuthenticated) {
     return reply.code(401).send({
       error: 'Unauthorized',
       message: authError || 'Authentication required'
     });
   } else {
-    // Authenticated but not authorized - return 403
     return reply.code(403).send({
       error: 'Forbidden',
       message: 'Access denied'
@@ -120,6 +130,222 @@ export function handleUnauthorized(reply, isAuthenticated, wacAllow, authError =
   }
 }
+/**
+ * Generate a beautiful error page for browsers
+ */
+function getErrorPage(statusCode, isAuthenticated, request) {
+  const is401 = statusCode === 401;
+  const title = is401 ? 'Authentication Required' : 'Access Denied';
+  const subtitle = is401
+    ? "This resource is protected. You'll need to sign in to continue."
+    : "You're signed in, but you don't have permission to view this resource.";
+  const baseUrl = `${request.protocol}://${request.hostname}`;
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>${title} - Solid Server</title>
+  <style>
+    * { box-sizing: border-box; margin: 0; padding: 0; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+      min-height: 100vh;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      background: linear-gradient(135deg, #f5f7fa 0%, #e4e8ec 100%);
+      padding: 2rem;
+      color: #374151;
+    }
+    .container {
+      max-width: 540px;
+      width: 100%;
+      text-align: center;
+    }
+    .card {
+      background: white;
+      border-radius: 16px;
+      padding: 3rem 2.5rem;
+      box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
+    }
+    .icon {
+      width: 80px;
+      height: 80px;
+      margin: 0 auto 1.5rem;
+      background: ${is401 ? '#fef3c7' : '#fee2e2'};
+      border-radius: 50%;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      font-size: 2.5rem;
+    }
+    h1 {
+      font-size: 1.75rem;
+      font-weight: 600;
+      color: #111827;
+      margin-bottom: 0.75rem;
+    }
+    .subtitle {
+      color: #6b7280;
+      font-size: 1.05rem;
+      line-height: 1.6;
+      margin-bottom: 2rem;
+    }
+    .actions {
+      display: flex;
+      flex-direction: column;
+      gap: 0.75rem;
+    }
+    .btn {
+      display: inline-flex;
+      align-items: center;
+      justify-content: center;
+      gap: 0.5rem;
+      padding: 0.875rem 1.5rem;
+      border-radius: 10px;
+      font-size: 1rem;
+      font-weight: 500;
+      text-decoration: none;
+      transition: all 0.2s ease;
+      cursor: pointer;
+      border: none;
+    }
+    .btn-primary {
+      background: linear-gradient(135deg, #7c3aed 0%, #6366f1 100%);
+      color: white;
+    }
+    .btn-primary:hover {
+      transform: translateY(-1px);
+      box-shadow: 0 4px 12px rgba(124, 58, 237, 0.4);
+    }
+    .btn-secondary {
+      background: #f3f4f6;
+      color: #374151;
+    }
+    .btn-secondary:hover {
+      background: #e5e7eb;
+    }
+    .divider {
+      display: flex;
+      align-items: center;
+      margin: 2rem 0;
+      color: #9ca3af;
+      font-size: 0.875rem;
+    }
+    .divider::before,
+    .divider::after {
+      content: '';
+      flex: 1;
+      height: 1px;
+      background: #e5e7eb;
+    }
+    .divider span {
+      padding: 0 1rem;
+    }
+    .info-box {
+      background: #f0fdf4;
+      border: 1px solid #bbf7d0;
+      border-radius: 10px;
+      padding: 1.25rem;
+      text-align: left;
+    }
+    .info-box h3 {
+      font-size: 0.9rem;
+      font-weight: 600;
+      color: #166534;
+      margin-bottom: 0.5rem;
+      display: flex;
+      align-items: center;
+      gap: 0.5rem;
+    }
+    .info-box p {
+      font-size: 0.875rem;
+      color: #15803d;
+      line-height: 1.5;
+    }
+    .footer {
+      margin-top: 2rem;
+      font-size: 0.8rem;
+      color: #9ca3af;
+    }
+    .footer a {
+      color: #7c3aed;
+      text-decoration: none;
+    }
+    .footer a:hover {
+      text-decoration: underline;
+    }
+    .status-code {
+      font-size: 0.75rem;
+      color: #9ca3af;
+      margin-top: 1rem;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="card">
+      <div class="icon">${is401 ? '🔐' : '🚫'}</div>
+      <h1>${title}</h1>
+      <p class="subtitle">${subtitle}</p>
+      <div class="actions">
+        ${is401 ? `<a href="${baseUrl}/.account/login/password" class="btn btn-primary">
+          Sign In
+        </a>` : ''}
+        <a href="${baseUrl}/" class="btn btn-secondary">
+          Go to Homepage
+        </a>
+      </div>
+      <div class="divider"><span>What is this?</span></div>
+      <div class="info-box">
+        <h3>🏖️ Welcome to Solid</h3>
+        <p>
+          This is a <strong>Solid Pod</strong> — a personal data store where you control your own data.
+          Resources can be private, shared with specific people, or public.
+          ${is401 ? 'Sign in with your WebID to access protected content.' : 'Ask the owner to grant you access.'}
+        </p>
+      </div>
+      <p class="status-code">HTTP ${statusCode} • ${request.url}</p>
+    </div>
+    <p class="footer">
+      Powered by <a href="https://sandy-mount.com">Sandymount</a> •
+      <a href="https://solidproject.org">Learn about Solid</a>
+    </p>
+  </div>
+</body>
+</html>`;
+}
 /**
  * Authorize access to ACL files
  * ACL files require acl:Control permission on the resource they protect

package/src/server.js CHANGED Viewed

@@ -316,7 +316,7 @@ export function createServer(options = {}) {
     reply.header('WAC-Allow', wacAllow);
     if (!authorized) {
-      return handleUnauthorized(reply, webId !== null, wacAllow, authError);
+      return handleUnauthorized(request, reply, webId !== null, wacAllow, authError);
     }
   });