solid-server 5.8.8-3f2fe825 → 5.8.8-4cf09686

package/default-templates/server/index.html

@@ -48,7 +48,7 @@
   </div> <!-- end container-->
 
   <script src="/mashlib.js"></script>
-  <script src="/common/js/index-buttons.js"></script>
+  <script src="/common/js/index-buttons.mjs"></script>
 
 </body>
 </html> 

package/eslint.config.mjs

@@ -21,7 +21,7 @@ export default [
     },
     rules: {
       // StandardJS-like rules
-      'no-unused-vars': ['error', {
+      'no-unused-vars': ['warn', {
         args: 'none',
         caughtErrors: 'none',
         ignoreRestSiblings: true,

package/lib/create-server.mjs

@@ -65,8 +65,8 @@ function createServer (argv, app) {
     }
 
     const credentials = Object.assign({
-      key,
-      cert
+      key: key,
+      cert: cert
     }, argv)
 
     if (ldp.webid && ldp.auth === 'tls') {

package/lib/handlers/auth-proxy.mjs

@@ -6,7 +6,8 @@ import debug from '../debug.mjs'
 import allow from './allow.mjs'
 
 const PROXY_SETTINGS = {
-  changeOrigin: true // Default settings; target is provided per-proxy via function parameter
+  logLevel: 'silent',
+  changeOrigin: true
 }
 const REQUIRED_PERMISSIONS = {
   get: ['Read'],
@@ -30,10 +31,8 @@ function addAuthProxyHandler (app, sourcePath, target) {
   const sourcePathLength = sourcePath.length
   const settings = Object.assign({
     target,
-    on: {
-      proxyReq: addAuthHeaders,
-      proxyReqWs: addAuthHeaders
-    },
+    onProxyReq: addAuthHeaders,
+    onProxyReqWs: addAuthHeaders,
     pathRewrite: path => path.substr(sourcePathLength)
   }, PROXY_SETTINGS)
 

package/lib/handlers/cors-proxy.mjs

@@ -14,7 +14,8 @@ const CORS_SETTINGS = {
   origin: true
 }
 const PROXY_SETTINGS = {
-  target: 'http://placeholder', // Placeholder required by v3; actual target determined by router function
+  target: 'dynamic',
+  logLevel: 'silent',
   changeOrigin: true,
   followRedirects: true,
   proxyTimeout: 10000,

package/lib/handlers/get.mjs

@@ -48,9 +48,9 @@ export default async function handler (req, res, next) {
 
   const options = {
     hostname: req.hostname,
-    path,
-    includeBody,
-    possibleRDFType,
+    path: path,
+    includeBody: includeBody,
+    possibleRDFType: possibleRDFType,
     range: req.headers.range,
     contentType: req.headers.accept
   }

package/lib/ldp.mjs

@@ -9,7 +9,7 @@ import debug from './debug.mjs'
 import error from './http-error.mjs'
 import { stringToStream, serialize, overQuota, getContentType, parse } from './utils.mjs'
 import extend from 'extend'
-import { rimraf } from 'rimraf'
+import rimraf from 'rimraf'
 import { exec } from 'child_process'
 import * as ldpContainer from './ldp-container.mjs'
 import { promisify } from 'util'
@@ -543,7 +543,7 @@ class LDP {
 
     // Delete the directory recursively
     try {
-      await rimraf(directory)
+      await promisify(rimraf)(directory)
     } catch (err) {
       throw error(err, 'Failed to delete the container')
     }

package/lib/models/account-manager.mjs

@@ -258,7 +258,7 @@ class AccountManager {
         const emailData = {
           to: userAccount.email,
           webId: userAccount.webId,
-          deleteUrl
+          deleteUrl: deleteUrl
         }
         return this.emailService.sendWithTemplate('delete-account.mjs', emailData)
       })
@@ -275,7 +275,7 @@ class AccountManager {
           webId: userAccount.webId,
           resetUrl
         }
-        return this.emailService.sendWithTemplate('reset-password', emailData)
+        return this.emailService.sendWithTemplate('reset-password.mjs', emailData)
       })
   }
 
@@ -289,7 +289,7 @@ class AccountManager {
       webid: newUser.webId,
       name: newUser.displayName
     }
-    return emailService.sendWithTemplate('welcome', emailData)
+    return emailService.sendWithTemplate('welcome.mjs', emailData)
   }
 }
 

package/lib/utils.mjs

@@ -289,7 +289,7 @@ export async function overQuota (root, serverUri) {
  * so it needs to be rewritten.
  */
 function actualSize (root) {
-  return getSize(root)
+  return util.promisify(getSize)(root)
 }
 
 function _asyncReadfile (filename) {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "solid-server",
   "description": "Solid server on top of the file-system",
-  "version": "5.8.8-3f2fe825",
+  "version": "5.8.8-4cf09686",
   "author": {
     "name": "Tim Berners-Lee",
     "email": "timbl@w3.org"
@@ -62,11 +62,12 @@
     "@fastify/busboy": "^3.2.0",
     "@fastify/pre-commit": "^2.2.1",
     "@solid/acl-check": "^0.4.5",
-    "@solid/oidc-auth-manager": "^0.25.0",
-    "@solid/oidc-op": "^0.12.0",
-    "@solid/oidc-rp": "^0.12.0",
+    "@solid/oidc-auth-manager": "^0.25.2",
+    "@solid/oidc-op": "^0.12.1",
+    "@solid/oidc-rp": "^0.12.1",
+    "@solid/solid-multi-rp-client": "^0.7.2",
     "async-lock": "^1.4.1",
-    "body-parser": "^2.2.1",
+    "body-parser": "^1.20.4",
     "bootstrap": "^3.4.1",
     "cached-path-relative": "^1.1.0",
     "camelize": "^1.0.1",
@@ -75,6 +76,7 @@
     "commander": "^14.0.2",
     "cors": "^2.8.5",
     "debug": "^4.4.3",
+    "eslint": "^9.39.2",
     "express": "^4.22.1",
     "express-accept-events": "^0.3.0",
     "express-handlebars": "^5.3.5",
@@ -84,17 +86,17 @@
     "extend": "^3.0.2",
     "from2": "^2.3.0",
     "fs-extra": "^11.3.3",
-    "get-folder-size": "^5.0.0",
+    "get-folder-size": "^2.0.1",
     "glob": "^13.0.0",
     "global-tunnel-ng": "^2.7.1",
     "handlebars": "^4.7.8",
-    "http-proxy-middleware": "^3.0.5",
-    "inquirer": "^13.1.0",
+    "http-proxy-middleware": "^2.0.9",
+    "inquirer": "^8.2.7",
     "into-stream": "^9.0.0",
     "ip-range-check": "0.2.0",
     "is-ip": "^5.0.1",
     "li": "^1.3.0",
-    "mashlib": "^1.11.1",
+    "mashlib": "^2.0.0-de1f6b8e",
     "mime-types": "^3.0.2",
     "negotiator": "^1.0.0",
     "node-forge": "^1.3.3",
@@ -102,9 +104,9 @@
     "nodemailer": "^7.0.12",
     "oidc-op-express": "^0.0.3",
     "owasp-password-strength-test": "^1.3.0",
-    "rdflib": "^2.3.2",
+    "rdflib": "^2.3.3",
     "recursive-readdir": "^2.2.3",
-    "rimraf": "^6.1.2",
+    "rimraf": "^3.0.2",
     "solid-auth-client": "^2.5.6",
     "solid-namespace": "^0.5.4",
     "solid-ws": "^0.4.3",
@@ -120,14 +122,13 @@
   "devDependencies": {
     "@cxres/structured-headers": "^2.0.0-nesting.0",
     "@eslint/js": "^9.39.2",
-    "@solid/solid-auth-oidc": "^0.6.0",
+    "@solid/solid-auth-oidc": "^0.6.1",
     "c8": "^10.1.3",
     "chai": "^4.5.0",
     "chai-as-promised": "7.1.2",
     "cross-env": "^10.1.0",
     "dirty-chai": "2.0.1",
-    "eslint": "^9.39.2",
-    "globals": "^16.5.0",
+    "globals": "^17.0.0",
     "localstorage-memory": "1.0.3",
     "mocha": "^11.7.5",
     "nock": "^13.5.6",
@@ -155,7 +156,7 @@
     "build": "echo nothing to build",
     "solid": "node ./bin/solid",
     "lint": "eslint \"**/*.mjs\"",
-    "lint:fix": "eslint --fix \"**/*.mjs\"",
+    "lint-fix": "eslint --fix \"**/*.mjs\"",
     "validate": "node ./test/validate-turtle.mjs",
     "c8": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0 c8 --reporter=text-summary mocha --recursive test/unit/ test/integration/",
     "mocha": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0 mocha --recursive test/unit/ test/integration/",
@@ -192,6 +193,18 @@
       "node_modules/**"
     ]
   },
+  "standard": {
+    "globals": [
+      "after",
+      "afterEach",
+      "before",
+      "beforeEach",
+      "describe",
+      "it",
+      "fetch",
+      "AbortController"
+    ]
+  },
   "bin": {
     "solid": "bin/solid"
   },

package/test/index.mjs

@@ -1,5 +1,5 @@
 import fs from 'fs-extra'
-import { rimrafSync } from 'rimraf'
+import rimraf from 'rimraf'
 import path from 'path'
 import { fileURLToPath } from 'url'
 import OIDCProvider from '@solid/oidc-op'
@@ -15,7 +15,7 @@ const __dirname = path.dirname(__filename)
 const TEST_HOSTS = ['nic.localhost', 'tim.localhost', 'nicola.localhost']
 
 export function rm (file) {
-  return rimrafSync(path.normalize(path.join(__dirname, '../resources/' + file)))
+  return rimraf.sync(path.normalize(path.join(__dirname, '../resources/' + file)))
 }
 
 export function cleanDir (dirPath) {

package/test/integration/account-manager-test.mjs

@@ -51,7 +51,7 @@ describe('AccountManager', () => {
         // Note: test/resources/accounts/tim.localhost/ exists in this repo
         return accountManager.accountExists('tim')
           .then(exists => {
-            console.log('DEBUG tim exists:', exists, typeof exists)
+            // console.log('DEBUG tim exists:', exists, typeof exists)
             expect(exists).to.not.be.false
           })
       })
@@ -60,7 +60,7 @@ describe('AccountManager', () => {
         // Note: test/resources/accounts/alice.localhost/ does NOT exist
         return accountManager.accountExists('alice')
           .then(exists => {
-            console.log('DEBUG alice exists:', exists, typeof exists)
+            // console.log('DEBUG alice exists:', exists, typeof exists)
             expect(exists).to.not.be.false
           })
       })

package/test/integration/acl-oidc-test.mjs

@@ -32,7 +32,7 @@ function fetchRequest (method, options, callback) {
       callback(null, {
         statusCode: res.status,
         headers: Object.fromEntries(res.headers.entries()),
-        body,
+        body: body,
         statusMessage: res.statusText
       }, body)
     })

package/test/integration/authentication-oidc-test.mjs

@@ -690,7 +690,6 @@ describe('Authentication API (OIDC)', () => {
           // Native fetch: get first set-cookie header
           const setCookieHeaders = res.headers.getSetCookie ? res.headers.getSetCookie() : [res.headers.get('set-cookie')]
           cookie = setCookieHeaders[0]
-
           // Successful login gets redirected back to /authorize and then
           // back to app
           expect(postLoginUri.startsWith(aliceServerUri + '/sharing'))
@@ -716,6 +715,7 @@ describe('Authentication API (OIDC)', () => {
           expect(res.status).to.equal(302)
           const location = res.headers.get('location')
           postSharingUri = new URL(location, aliceServerUri).toString()
+
           // cookie = res.headers.get('set-cookie')
 
           // Successful login gets redirected back to /authorize and then
@@ -729,6 +729,7 @@ describe('Authentication API (OIDC)', () => {
           expect(res.status).to.equal(302)
           const location = res.headers.get('location')
           callbackUri = location.startsWith('http') ? location : new URL(location, aliceServerUri).toString()
+
           expect(callbackUri.startsWith('https://app.example.com#'))
         })
     })

package/test/integration/http-copy-test.mjs

@@ -52,8 +52,8 @@ describe('HTTP COPY API', function () {
 
   function createOptions (method, url, user) {
     const options = {
-      method,
-      url,
+      method: method,
+      url: url,
       headers: {}
     }
     if (user) {

package/test/integration/oidc-manager-test.mjs

@@ -1,5 +1,6 @@
 import { fileURLToPath } from 'url'
 import path from 'path'
+import { URL } from 'url'
 import chai from 'chai'
 import fs from 'fs-extra'
 import { fromServerConfig } from '../../lib/models/oidc-manager.mjs'
@@ -37,5 +38,98 @@ describe('OidcManager', () => {
       expect(oidc.users.backend.path.endsWith('db/oidc/users'))
       expect(oidc.users.saltRounds).to.equal(saltRounds)
     })
+
+    it('should set the provider issuer which is used for iss claim in tokens', () => {
+      const providerUri = 'https://pivot-test.solidproject.org:8443'
+      const host = SolidHost.from({ serverUri: providerUri })
+
+      const saltRounds = 5
+      const argv = {
+        host,
+        dbPath,
+        saltRounds
+      }
+
+      const oidc = fromServerConfig(argv)
+
+      // Verify the issuer is set correctly for RFC 9207 compliance
+      // The iss claim in tokens should match this issuer value
+      expect(oidc.provider.issuer).to.exist
+      expect(oidc.provider.issuer).to.not.be.null
+      expect(oidc.provider.issuer).to.equal(providerUri)
+      console.log('Provider issuer (used for iss claim):', oidc.provider.issuer)
+    })
+  })
+
+  describe('RFC 9207 - Authorization redirect with iss parameter', () => {
+    it('should include iss parameter when redirecting after authorization', async () => {
+      const providerUri = 'https://localhost:8443'
+      const host = SolidHost.from({ providerUri })
+
+      const argv = {
+        host,
+        dbPath,
+        saltRounds: 5
+      }
+
+      const oidc = fromServerConfig(argv)
+
+      // Dynamically import BaseRequest from oidc-op
+      const { default: BaseRequest } = await import('@solid/oidc-op/src/handlers/BaseRequest.js')
+
+      // Create a mock request/response to test the redirect behavior
+      const mockReq = {
+        method: 'GET',
+        query: {
+          response_type: 'code',
+          redirect_uri: 'https://app.example.com/callback',
+          client_id: 'https://app.example.com',
+          state: 'test-state'
+        }
+      }
+
+      const mockRes = {
+        redirectCalled: false,
+        redirectUrl: '',
+        redirect (url) {
+          this.redirectCalled = true
+          this.redirectUrl = url
+        }
+      }
+
+      const request = new BaseRequest(mockReq, mockRes, oidc.provider)
+      request.params = mockReq.query
+
+      // Simulate a successful authorization by calling redirect with auth data
+      try {
+        request.redirect({ code: 'test-auth-code' })
+      } catch (err) {
+        // The redirect throws a HandledError, which is expected behavior
+        // We just need to check that the redirect was called with the right URL
+      }
+
+      expect(mockRes.redirectCalled).to.be.true
+      expect(mockRes.redirectUrl).to.exist
+
+      // Parse the redirect URL to check for iss parameter
+      const redirectUrl = new URL(mockRes.redirectUrl)
+
+      // The iss parameter can be in either the query string or hash fragment
+      // depending on the response_mode (query or fragment)
+      let issParam = redirectUrl.searchParams.get('iss')
+      if (!issParam && redirectUrl.hash) {
+        // Check in the hash fragment
+        const hashParams = new URLSearchParams(redirectUrl.hash.substring(1))
+        issParam = hashParams.get('iss')
+      }
+
+      console.log('Redirect URL:', mockRes.redirectUrl)
+      console.log('RFC 9207 - iss parameter in redirect:', issParam)
+
+      // RFC 9207: The iss parameter MUST be present and match the provider issuer
+      expect(issParam, 'RFC 9207: iss parameter must be present in authorization response').to.exist
+      expect(issParam).to.not.be.null
+      expect(issParam).to.equal(providerUri)
+    })
   })
-})
+})

package/test/integration/params-test.mjs

@@ -11,7 +11,7 @@ import ldnode, { createServer } from '../../index.mjs'
 
 const __filename = fileURLToPath(import.meta.url)
 const __dirname = path.dirname(__filename)
-console.log(getTestRoot())
+// console.log(getTestRoot())
 
 describe('LDNODE params', function () {
   describe('suffixMeta', function () {
@@ -46,7 +46,7 @@ describe('LDNODE params', function () {
 
       it('should fallback on current working directory', function () {
         assert.equal(path.normalize(ldp.locals.ldp.resourceMapper._rootPath), path.normalize(process.cwd()))
-        console.log('Root path is', ldp.locals.ldp.resourceMapper._rootPath)
+        // console.log('Root path is', ldp.locals.ldp.resourceMapper._rootPath)
       })
 
       it('new : should find resource in correct path', function (done) {
@@ -57,7 +57,7 @@ describe('LDNODE params', function () {
         const fileContent = '<#current> <#temp> 123 .'
         fs.mkdirSync(dirPath, { recursive: true })
         fs.writeFileSync(filePath, fileContent)
-        console.log('Wrote file to', filePath)
+        // console.log('Wrote file to', filePath)
         server.get('/sampleContainer/example.ttl')
           .expect('Link', /http:\/\/www.w3.org\/ns\/ldp#Resource/)
           .expect(200)
@@ -71,7 +71,7 @@ describe('LDNODE params', function () {
       it.skip('initial : should find resource in correct path', function (done) {
         // Write to the default resources directory, matching the server's root
         const resourcePath = path.join('sampleContainer', 'example.ttl')
-        console.log('initial : Writing test resource to', resourcePath)
+        // console.log('initial : Writing test resource to', resourcePath)
         setTestRoot(path.join(__dirname, '../resources/'))
         write('<#current> <#temp> 123 .', resourcePath)
 
@@ -102,7 +102,7 @@ describe('LDNODE params', function () {
         const fileContent = '<#current> <#temp> 123 .'
         fs.mkdirSync(dirPath, { recursive: true })
         fs.writeFileSync(filePath, fileContent)
-        console.log('Wrote file to', filePath)
+        // console.log('Wrote file to', filePath)
 
         server.get('/sampleContainer/example.ttl')
           .expect('Link', /http:\/\/www.w3.org\/ns\/ldp#Resource/)

package/test/resources/accounts/db/oidc/op/clients/{_key_9bb7523c8ddc5c445f210cc36c2d2e26.json → _key_69eaaa0e44e3f95d54a021c5b41e6d72.json}

@@ -1 +1 @@
-{"redirect_uris":["https://localhost:3457/api/oidc/rp/https%3A%2F%2Flocalhost%3A3457"],"client_id":"9bb7523c8ddc5c445f210cc36c2d2e26","client_secret":"7236fa3d1b246a379e72eb8a349c823b","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:3457","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:3457/goodbye"]}
+{"redirect_uris":["https://localhost:3457/api/oidc/rp/https%3A%2F%2Flocalhost%3A3457"],"client_id":"69eaaa0e44e3f95d54a021c5b41e6d72","client_secret":"676dd69f6581893b7f99c474575e8e35","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:3457","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:3457/goodbye"]}

package/test/resources/accounts/db/oidc/rp/clients/_key_https%3A%2F%2Flocalhost%3A3457.json

@@ -1 +1 @@
-{"provider":{"url":"https://localhost:3457","configuration":{"issuer":"https://localhost:3457","jwks_uri":"https://localhost:3457/jwks","scopes_supported":["openid","offline_access"],"response_types_supported":["code","code token","code id_token","id_token","id_token token","code id_token token","none"],"token_types_supported":["legacyPop","dpop"],"response_modes_supported":["query","fragment"],"grant_types_supported":["authorization_code","implicit","refresh_token","client_credentials"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","none"],"token_endpoint_auth_methods_supported":["client_secret_basic"],"token_endpoint_auth_signing_alg_values_supported":["RS256"],"display_values_supported":[],"claim_types_supported":["normal"],"claims_supported":[],"claims_parameter_supported":false,"request_parameter_supported":true,"request_uri_parameter_supported":false,"require_request_uri_registration":false,"check_session_iframe":"https://localhost:3457/session","end_session_endpoint":"https://localhost:3457/logout","authorization_endpoint":"https://localhost:3457/authorize","token_endpoint":"https://localhost:3457/token","userinfo_endpoint":"https://localhost:3457/userinfo","registration_endpoint":"https://localhost:3457/register"},"jwks":{"keys":[{"kid":"lNZOB-DPE1k","kty":"RSA","alg":"RS256","n":"uvih8HfZj7Wu5Y8knLHxRY6v7oHL2jXWD-B6hXCreYhwaG9EEUt6Rp94p8-JBug3ywo8C_9dNg0RtQLEttcIC_vhqqlJI3pZxpGKXuD9h7XK-PppFVvgnfIGADG0Z-WzbcGDxlefStohR31Hjw5U3ioG3VtXGAYbqlOHM1l2UgDMJwBD5qwFmPP8gp5E2WQKCsuLvxDuOrkAbSDjw2zaI3RRmbLzdj4QkGej8GXhBptgM9RwcKmnoXu0sUdlootmcdiEg74yQ9M6EshNMhiv4k_W0rl7RqVOEL2PsAdmdbF_iWL8a90rGYOEILBrlU6bBR2mTvjV_Hvq-ifFy1YAmQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"Y38YKDtydoE","kty":"RSA","alg":"RS384","n":"tfgZKLjc8UMIblfAlVibJI_2uAxDNprn2VVLebS0sp6d1mtCXQkMYLlJ6e-7kavl8we391Ovnq5bRgpsFRq_LtRX9MpVlfioAUHwWPEG-R6vrQjgo4uynVhI3UEPHyNmZA5J4u34HNVTfAgmquomwwOmOv29ZNRxuYP1kVtscz1JeFPwg6LA7BxWrLc9ev4FQR6tjJKdo2kdLjAXR92odbCzJZ_jdYT3vIVCexMHxhoKnqCImkhfgKbGXcPHXWcelmuA2tzBaLut-Jjo0nJVQjRNDqy0Gyac0TptwFIxaiyHeTqugolUmEaJSfBSLszIRdlOTIGPJ7zdg5dJFK_Lxw","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"WyMVv6BJ5Dk","kty":"RSA","alg":"RS512","n":"5JDlpbm2TjSW1wpdUZc5NHOqVVrNH_GumoODK_mk-MqImaIRpdR9b1ZJrK6FrW7HIF2bXvebD7olmp9a1goqe-ILbL_ORmhzlhRtyhjWQ-UOZqK5yOXqXXGQXgmok6TN-s55A-h_g12A7Yk5Y5S8EVa9EA4Axwqvm-Q_AkH0yS1qJo6BXYXb1fx205ucx-Ccot2LEBfxv8M7NOFTa-_G-sNchiKQMRoLhbZtLbSK2R1jkqGciEiRSLeXNG4nDu7Wd91-vhBixA1McxnzW96mW8lQwNXXo4gNH7SjONtYLlPQhZVEbmsQmXrOQN8a5RDkybFOIsbucItizSE9V_D7WQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"UykSj_HLgFA","kty":"RSA","alg":"RS256","n":"u79eQlGJN2XFNR-uEmPVtrB_ENRqaS81o6m63tZ5-PwhGHCwJ7rfVnnnvf6Ij_p91Z9pNpWBIVyZcw6UmQIoIBH-3BfxdaqhBxX9bf_N78TKj8_HU5IYjGijale4gog3kj9W2tJJO7R9iA43msjwLRD7pbAHp1iKFJgVTSXJlyLRbC82Dj4ivsEgJjPGvZt16OsGP5myIQwXEGzSPcEI0R9daZE5iM6xFZosaJ8B77eU-Aj3ciwxUBPi5BSZi2P1ZsF4QgSj3N7ZLbVKNW4FFr84IamA2YI0D7PyyNAE2PUZT8n0jHWRJKunuZuy5mgBY8H41KdBI6gNJqY90nHeJw","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"BJDNTt8RpPE","kty":"RSA","alg":"RS384","n":"nXTd5AoT220nBkW6Zeax8caUI7_Tt0y4v9TEW8TOrzCVvhLBiKpQPjILUTfkGHzxPtysEzDQFSYdHWvg_fvGYItjJBunBMsKCNcb2_CDr2HXD6C0s62bAgct8bBSoaT1MLQ_3MaFKXSF3ZuB87X2B8CVUJ386HP2GY1kl54BuMdFELNZYhy9S_D0KHnQls52Vvb99X9WaYOyxvfr03PG-9EycnkWas5tn1pPFzT0DtJtBJ4IBtXQxTr98jpn_MCz1gRnMgzzkfSOcrMkkMXxePqxNINVKFXtRy7DaJiFOcCMbuK2RJUkSfY2uKcx0aKbp5Xhvix1W8N7c0Y90i6_6w","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"z8iijSOOIs4","kty":"RSA","alg":"RS512","n":"rPCHP9XeTGOLf1Ezxeq_bdGdvYQZa993YcSVudT0EN6drTWqjykhUVEkT4MGAvLvax38kLARbPUTgMUV9UckDDWn6lRq4q6IZ5pytNOieQKZHzjEmQGzlbnEn1F2m1i5SAfBL-qsnt5q2RXMAiIUXk9q1ChJEHJxOZxnRIoQMc7yTsjjSdtIZKePFiYFn0nsl3A234ByyIBRjzZeoYEtTQKjDR7fP9LO78oZAgpwoGqmfI4IltqQYkFoqrN8I8l1yiJGyuvZRgDXUZ2fxGOQx2WD4xvlFL2TOCfN1UaPE9R4JdbRLLAOf5u1Sqnh4XTjDBhBbVodsmmbtvk4wFo-GQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"zD76wa11A2Y","kty":"RSA","alg":"RS256","n":"nMaSioq1An1J3tbkmc-zRrR8lkbP-WUVRuYhDxQvV-OcBw1R6cdyCcoeFJ1zuUT7ne6BlU6GMPRHuRKaH0KuOaiktUYtXm06T_HvtKFgCQSAKjMUj_ZHfTAJP8ahUsIc0D995XKp7nIGRF7Iy7I24QQFPRh7PmGlREZ52GJgYQgbm020-sWani0MqHoUFBlWxZW9NEqY1c3brN_qWnzjRKly6Kkk3sW1XHPcRLvoHnHQ6TKXJ8pfl-bNjTfK6zq9fDCZ_TY3qQZy66yT_2XPO6X0GHTdJsZlCj7Jg0qrilTHUkJra1bppTSAtVSQnSmYt_IV8zOYiVdJ3kw2khPcKw","e":"AQAB","key_ops":["verify"],"ext":true}]}},"defaults":{},"registration":{"redirect_uris":["https://localhost:3457/api/oidc/rp/https%3A%2F%2Flocalhost%3A3457"],"client_id":"9bb7523c8ddc5c445f210cc36c2d2e26","client_secret":"7236fa3d1b246a379e72eb8a349c823b","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:3457","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:3457/goodbye"],"registration_access_token":"eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDozNDU3IiwiYXVkIjoiOWJiNzUyM2M4ZGRjNWM0NDVmMjEwY2MzNmMyZDJlMjYiLCJzdWIiOiI5YmI3NTIzYzhkZGM1YzQ0NWYyMTBjYzM2YzJkMmUyNiJ9.HJ-qzDvY4jv6rKWjauX6zUNI8Kz_Fy83WR7gx7hUiV7ak7OymMJ-GCt029dirkJr8as1xatDar0e0R0rMTvyggNGVaTYPInfRGvahnLQvzSQeyMfyFpe7B7PNKKohpNsRg-ohuG68Z3oYcIUbkpseT5wEA74V_yDwhyhCZgIS_xlClxRUOLGcEF2-25RzIzqupswqavPeV9Pkq54DcB1xawVhkaeS-thq6rl5cnkEsSYpNHG10pdYOUhYwjDu4DM9mKjRfbcZaRBLqJ20WpWq3fdq2En0djyAwUx_fZK2KyDXIjuBs8tg9buJYLcW07Bu0q5NJaSqJHk8C1as0ZAwg","registration_client_uri":"https://localhost:3457/register/9bb7523c8ddc5c445f210cc36c2d2e26","client_id_issued_at":1766878002,"client_secret_expires_at":0},"store":{}}
+{"provider":{"url":"https://localhost:3457","configuration":{"issuer":"https://localhost:3457","jwks_uri":"https://localhost:3457/jwks","scopes_supported":["openid","offline_access"],"response_types_supported":["code","code token","code id_token","id_token","id_token token","code id_token token","none"],"token_types_supported":["legacyPop","dpop"],"response_modes_supported":["query","fragment"],"grant_types_supported":["authorization_code","implicit","refresh_token","client_credentials"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","none"],"token_endpoint_auth_methods_supported":["client_secret_basic"],"token_endpoint_auth_signing_alg_values_supported":["RS256"],"display_values_supported":[],"claim_types_supported":["normal"],"claims_supported":[],"claims_parameter_supported":false,"request_parameter_supported":true,"request_uri_parameter_supported":false,"require_request_uri_registration":false,"check_session_iframe":"https://localhost:3457/session","end_session_endpoint":"https://localhost:3457/logout","authorization_endpoint":"https://localhost:3457/authorize","token_endpoint":"https://localhost:3457/token","userinfo_endpoint":"https://localhost:3457/userinfo","registration_endpoint":"https://localhost:3457/register"},"jwks":{"keys":[{"kid":"lNZOB-DPE1k","kty":"RSA","alg":"RS256","n":"uvih8HfZj7Wu5Y8knLHxRY6v7oHL2jXWD-B6hXCreYhwaG9EEUt6Rp94p8-JBug3ywo8C_9dNg0RtQLEttcIC_vhqqlJI3pZxpGKXuD9h7XK-PppFVvgnfIGADG0Z-WzbcGDxlefStohR31Hjw5U3ioG3VtXGAYbqlOHM1l2UgDMJwBD5qwFmPP8gp5E2WQKCsuLvxDuOrkAbSDjw2zaI3RRmbLzdj4QkGej8GXhBptgM9RwcKmnoXu0sUdlootmcdiEg74yQ9M6EshNMhiv4k_W0rl7RqVOEL2PsAdmdbF_iWL8a90rGYOEILBrlU6bBR2mTvjV_Hvq-ifFy1YAmQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"Y38YKDtydoE","kty":"RSA","alg":"RS384","n":"tfgZKLjc8UMIblfAlVibJI_2uAxDNprn2VVLebS0sp6d1mtCXQkMYLlJ6e-7kavl8we391Ovnq5bRgpsFRq_LtRX9MpVlfioAUHwWPEG-R6vrQjgo4uynVhI3UEPHyNmZA5J4u34HNVTfAgmquomwwOmOv29ZNRxuYP1kVtscz1JeFPwg6LA7BxWrLc9ev4FQR6tjJKdo2kdLjAXR92odbCzJZ_jdYT3vIVCexMHxhoKnqCImkhfgKbGXcPHXWcelmuA2tzBaLut-Jjo0nJVQjRNDqy0Gyac0TptwFIxaiyHeTqugolUmEaJSfBSLszIRdlOTIGPJ7zdg5dJFK_Lxw","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"WyMVv6BJ5Dk","kty":"RSA","alg":"RS512","n":"5JDlpbm2TjSW1wpdUZc5NHOqVVrNH_GumoODK_mk-MqImaIRpdR9b1ZJrK6FrW7HIF2bXvebD7olmp9a1goqe-ILbL_ORmhzlhRtyhjWQ-UOZqK5yOXqXXGQXgmok6TN-s55A-h_g12A7Yk5Y5S8EVa9EA4Axwqvm-Q_AkH0yS1qJo6BXYXb1fx205ucx-Ccot2LEBfxv8M7NOFTa-_G-sNchiKQMRoLhbZtLbSK2R1jkqGciEiRSLeXNG4nDu7Wd91-vhBixA1McxnzW96mW8lQwNXXo4gNH7SjONtYLlPQhZVEbmsQmXrOQN8a5RDkybFOIsbucItizSE9V_D7WQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"UykSj_HLgFA","kty":"RSA","alg":"RS256","n":"u79eQlGJN2XFNR-uEmPVtrB_ENRqaS81o6m63tZ5-PwhGHCwJ7rfVnnnvf6Ij_p91Z9pNpWBIVyZcw6UmQIoIBH-3BfxdaqhBxX9bf_N78TKj8_HU5IYjGijale4gog3kj9W2tJJO7R9iA43msjwLRD7pbAHp1iKFJgVTSXJlyLRbC82Dj4ivsEgJjPGvZt16OsGP5myIQwXEGzSPcEI0R9daZE5iM6xFZosaJ8B77eU-Aj3ciwxUBPi5BSZi2P1ZsF4QgSj3N7ZLbVKNW4FFr84IamA2YI0D7PyyNAE2PUZT8n0jHWRJKunuZuy5mgBY8H41KdBI6gNJqY90nHeJw","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"BJDNTt8RpPE","kty":"RSA","alg":"RS384","n":"nXTd5AoT220nBkW6Zeax8caUI7_Tt0y4v9TEW8TOrzCVvhLBiKpQPjILUTfkGHzxPtysEzDQFSYdHWvg_fvGYItjJBunBMsKCNcb2_CDr2HXD6C0s62bAgct8bBSoaT1MLQ_3MaFKXSF3ZuB87X2B8CVUJ386HP2GY1kl54BuMdFELNZYhy9S_D0KHnQls52Vvb99X9WaYOyxvfr03PG-9EycnkWas5tn1pPFzT0DtJtBJ4IBtXQxTr98jpn_MCz1gRnMgzzkfSOcrMkkMXxePqxNINVKFXtRy7DaJiFOcCMbuK2RJUkSfY2uKcx0aKbp5Xhvix1W8N7c0Y90i6_6w","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"z8iijSOOIs4","kty":"RSA","alg":"RS512","n":"rPCHP9XeTGOLf1Ezxeq_bdGdvYQZa993YcSVudT0EN6drTWqjykhUVEkT4MGAvLvax38kLARbPUTgMUV9UckDDWn6lRq4q6IZ5pytNOieQKZHzjEmQGzlbnEn1F2m1i5SAfBL-qsnt5q2RXMAiIUXk9q1ChJEHJxOZxnRIoQMc7yTsjjSdtIZKePFiYFn0nsl3A234ByyIBRjzZeoYEtTQKjDR7fP9LO78oZAgpwoGqmfI4IltqQYkFoqrN8I8l1yiJGyuvZRgDXUZ2fxGOQx2WD4xvlFL2TOCfN1UaPE9R4JdbRLLAOf5u1Sqnh4XTjDBhBbVodsmmbtvk4wFo-GQ","e":"AQAB","key_ops":["verify"],"ext":true},{"kid":"zD76wa11A2Y","kty":"RSA","alg":"RS256","n":"nMaSioq1An1J3tbkmc-zRrR8lkbP-WUVRuYhDxQvV-OcBw1R6cdyCcoeFJ1zuUT7ne6BlU6GMPRHuRKaH0KuOaiktUYtXm06T_HvtKFgCQSAKjMUj_ZHfTAJP8ahUsIc0D995XKp7nIGRF7Iy7I24QQFPRh7PmGlREZ52GJgYQgbm020-sWani0MqHoUFBlWxZW9NEqY1c3brN_qWnzjRKly6Kkk3sW1XHPcRLvoHnHQ6TKXJ8pfl-bNjTfK6zq9fDCZ_TY3qQZy66yT_2XPO6X0GHTdJsZlCj7Jg0qrilTHUkJra1bppTSAtVSQnSmYt_IV8zOYiVdJ3kw2khPcKw","e":"AQAB","key_ops":["verify"],"ext":true}]}},"defaults":{},"registration":{"redirect_uris":["https://localhost:3457/api/oidc/rp/https%3A%2F%2Flocalhost%3A3457"],"client_id":"69eaaa0e44e3f95d54a021c5b41e6d72","client_secret":"676dd69f6581893b7f99c474575e8e35","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:3457","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:3457/goodbye"],"registration_access_token":"eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDozNDU3IiwiYXVkIjoiNjllYWFhMGU0NGUzZjk1ZDU0YTAyMWM1YjQxZTZkNzIiLCJzdWIiOiI2OWVhYWEwZTQ0ZTNmOTVkNTRhMDIxYzViNDFlNmQ3MiJ9.RYkuJ1wcFa-9J-wDyxnPkGjzQYV-DhkB-13VOzceJrT9zAL93P_ubUG0UEB7VPkzOYUg9j_TrX7Rc2Y0uYYZoOH0Vq43xrn0mEVY9wyBafKIexKJWb67rRi-3n3oRlHjC65AP_PLpuusCxQBdqq2Hv6YyR4cDfJs_C2ch3AEUfbKXWIndAmDjeLABum1RoD8LAOfda_bvLdVJEd5KnkTX3_ivKHH1IAcwZROuZdh5exwExrA2VOGDGTM_S34Vm-1tgFLusr_y7-7CYpsA9LBg7LL9KB4_kh6b50d640eV0KpeQUOCC4eQs7VCtvkh2Y0Tjz5HRQqEoFks0MJmbLcEw","registration_client_uri":"https://localhost:3457/register/69eaaa0e44e3f95d54a021c5b41e6d72","client_id_issued_at":1767721054,"client_secret_expires_at":0},"store":{}}

package/test/resources/accounts-scenario/alice/db/oidc/op/clients/{_key_80b4257058990d4e0b6255490b635b19.json → _key_c07d7590e034645477f72d1d3000b04e.json}

@@ -1 +1 @@
-{"redirect_uris":["https://localhost:7000/api/oidc/rp/https%3A%2F%2Flocalhost%3A7000"],"client_id":"80b4257058990d4e0b6255490b635b19","client_secret":"ca1226075071d3fd9bdba5cbda23b426","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:7000","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:7000/goodbye"]}
+{"redirect_uris":["https://localhost:7000/api/oidc/rp/https%3A%2F%2Flocalhost%3A7000"],"client_id":"c07d7590e034645477f72d1d3000b04e","client_secret":"1ba8ff54cc77601349cf9312d77c3336","response_types":["code","id_token token","code id_token token"],"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"application_type":"web","client_name":"Solid OIDC RP for https://localhost:7000","id_token_signed_response_alg":"RS256","token_endpoint_auth_method":"client_secret_basic","default_max_age":86400,"post_logout_redirect_uris":["https://localhost:7000/goodbye"]}