Solid-OIDC Client Id Document support

id.jsonld

@@ -0,0 +1,15 @@
+{
+  "client_id": "http://localhost:8080/id.jsonld",
+  "redirect_uris": [
+    "http://localhost:8080/callback.html"
+  ],
+  "scope": "openid webid",
+  "grant_types": [
+    "authorization_code",
+    "refresh_token"
+  ],
+  "response_types": [
+    "code"
+  ],
+  "@context": "https://www.w3.org/ns/solid/oidc-context.jsonld"
+}

index.html

@@ -13,7 +13,7 @@
             }
         </script>
         <script type="module">
-            import { DPoPTokenProvider, ReactiveFetchManager } from "./dist/mod.js"
+            import { DPoPTokenProvider, clientIdClientCallback, ReactiveFetchManager } from "./dist/mod.js"
             import "./dist/registerElements.js"
 
             /* Page functionality: Buttons */
@@ -63,7 +63,7 @@
             const issuerUi = document.querySelector("idp-picker")
             const callbackUri = new URL("/callback.html", location.href).toString()
 
-            const dPoPTokenProvider = new DPoPTokenProvider(callbackUri, ui.getCode.bind(ui), issuerUi.getIssuer.bind(issuerUi))
+            const dPoPTokenProvider = new DPoPTokenProvider(callbackUri, ui.getCode.bind(ui), issuerUi.getIssuer.bind(issuerUi), clientIdClientCallback(new URL("./id.jsonld", location.href)))
 
             new ReactiveFetchManager([dPoPTokenProvider]).registerGlobally()
         </script>

src/DPoPTokenProvider.ts

@@ -3,16 +3,19 @@ import * as DPoP from "dpop"
 import type { GetCodeCallback } from "./GetCodeCallback.js"
 import type { TokenProvider } from "./TokenProvider.js"
 import type { GetIssuerCallback } from "./GetIssuerCallback.js"
+import type { GetClientCallback } from "./GetClientCallback.js"
 
 export class DPoPTokenProvider implements TokenProvider {
     readonly #getCode: GetCodeCallback
     readonly #callbackUri: string
     readonly #getIssuer: GetIssuerCallback
+    readonly #getClient: GetClientCallback
 
-    constructor(callbackUri: string, getCodeCallback: GetCodeCallback, getIssuerCallback: GetIssuerCallback) {
+    constructor(callbackUri: string, getCodeCallback: GetCodeCallback, getIssuerCallback: GetIssuerCallback, getClientCallback: GetClientCallback) {
         this.#getCode = getCodeCallback
         this.#callbackUri = callbackUri
         this.#getIssuer = getIssuerCallback
+        this.#getClient = getClientCallback
     }
 
     async matches(request: Request): Promise<boolean> {
@@ -25,8 +28,7 @@ export class DPoPTokenProvider implements TokenProvider {
         const discoveryResponse = await oauth.discoveryRequest(issuer, {signal: request.signal})
         const authorizationServer = await oauth.processDiscoveryResponse(issuer, discoveryResponse)
 
-        const registrationResponse = await oauth.dynamicClientRegistrationRequest(authorizationServer, {redirect_uris: [this.#callbackUri]}, {signal: request.signal})
-        const clientRegistration = await oauth.processDynamicClientRegistrationResponse(registrationResponse)
+        const clientRegistration = await this.#getClient(authorizationServer, this.#callbackUri, request.signal)
         const [registeredRedirectUri] = clientRegistration.redirect_uris as string[]
         const [registeredResponseType] = clientRegistration.response_types as string[]
 

src/GetClientCallback.ts

@@ -0,0 +1,3 @@
+import * as oauth from "oauth4webapi"
+
+export type GetClientCallback = (as: oauth.AuthorizationServer, redirectUri: string, signal: AbortSignal) => Promise<oauth.Client>

src/clientIdClientCallback.ts

@@ -0,0 +1,7 @@
+import type {GetClientCallback} from "./GetClientCallback.js"
+
+export function clientIdClientCallback(clientIdDocUri: URL): GetClientCallback {
+    return async function (_, __, signal) {
+        return await (await fetch(clientIdDocUri, {signal})).json()
+    }
+}

src/dynamicRegistrationClientCallback.ts

@@ -0,0 +1,6 @@
+import * as oauth from "oauth4webapi"
+
+export async function dynamicRegistrationClientCallback(as: oauth.AuthorizationServer, redirectUri: string, signal: AbortSignal): Promise<oauth.Client> {
+    const registrationResponse = await oauth.dynamicClientRegistrationRequest(as, {redirect_uris: [redirectUri]}, {signal})
+    return await oauth.processDynamicClientRegistrationResponse(registrationResponse)
+}

src/mod.ts

@@ -12,3 +12,6 @@ export * from "./TokenProvider.js"
 export * from "./GetIssuerCallback.js"
 export * from "./IdpPicker.js"
 export * from "./IssuerRequestCancelledError.js"
+export * from "./GetClientCallback.js"
+export * from "./dynamicRegistrationClientCallback.js"
+export * from "./clientIdClientCallback.js"

src/reactive-fetch-worker.ts

@@ -28,7 +28,7 @@ async function onFetch(e: FetchEvent): Promise<void> {
 }
 
 function upgrade(request: Request, client: Client): Promise<Response> {
-    const dPoPTokenProvider = new DPoPTokenProvider(undefined!, postEventAndWait.bind(undefined, client), undefined!) // TODO: Callback, getIssuer
+    const dPoPTokenProvider = new DPoPTokenProvider(undefined!, postEventAndWait.bind(undefined, client), undefined!, undefined!) // TODO: Callback, getIssuer, getClient
     const bearerProvider = new BearerTokenProvider(postEventAndWait.bind(undefined, client))
 
     return new ReactiveAuthenticationClient(self.fetch, [bearerProvider, dPoPTokenProvider]).fetch(request)