Configure Metro authenticator

See https://forum.solidproject.org/t/feedback-requested-for-a-new-authorization-library/8864

package.json

@@ -28,6 +28,8 @@
         "@aerogel/plugin-solid": "0.0.1-next.bb5a8daa70366843598ee0a44a511ab507923713",
         "@aerogel/plugin-soukai": "0.0.0-next.f9394854509d71d644498ac087706a2f8f8eea1c",
         "@intlify/unplugin-vue-i18n": "^0.12.2",
+        "@muze-nl/metro": "^0.6.5",
+        "@muze-nl/metro-oidc": "^0.3.4",
         "@noeldemartin/utils": "0.5.1-next.8877300615e6d56d7b5dfe508524589287835f23",
         "@tailwindcss/forms": "^0.5.3",
         "@tailwindcss/typography": "^0.5.9",

src/auth/MetroAuthenticator.ts

@@ -0,0 +1,81 @@
+import AerogelSolid from 'virtual:aerogel-solid';
+
+import metro from '@muze-nl/metro';
+import metroOidc from '@muze-nl/metro-oidc';
+import { Authenticator, Solid } from '@aerogel/plugin-solid';
+import { after, required } from '@noeldemartin/utils';
+import type { AuthSession } from '@aerogel/plugin-solid';
+import type { ClosureArgs } from '@noeldemartin/utils';
+import type { Reactive } from 'vue';
+import type { SolidUserProfile } from '@noeldemartin/solid-utils';
+
+import persistent from '@/lib/persistent';
+
+interface Data {
+    webId?: string;
+    issuer?: string;
+}
+
+export default class MetroAuthenticator extends Authenticator {
+
+    private store: Reactive<Data>;
+
+    constructor() {
+        super();
+
+        this.store = persistent('metro-authenticator', {});
+    }
+
+    public async login(loginUrl: string, user?: SolidUserProfile | null): Promise<AuthSession> {
+        const issuer = user?.oidcIssuerUrl ?? loginUrl;
+        const client = this.initClient(issuer);
+
+        this.store.webId = user?.webId;
+        this.store.issuer = issuer;
+
+        // TODO there is probably a better way to trigger the redirect...
+        await client.get(user?.webId);
+
+        // Browser should redirect, so just make it wait for a while.
+        await after({ seconds: 60 });
+
+        throw new Error('Browser should have redirected, but it didn\'t');
+    }
+
+    public async logout(): Promise<void> {
+        delete this.store.webId;
+        delete this.store.issuer;
+
+        // TODO how do you log out from metro? Clean up storage, etc.
+
+        await this.endSession();
+    }
+
+    protected async restoreSession(): Promise<void> {
+        if (!this.store.issuer) {
+            return;
+        }
+
+        const client = this.initClient(this.store.issuer);
+
+        await this.initAuthenticatedFetch((...args: ClosureArgs) => client.fetch(...args));
+        await this.startSession({
+            user: await Solid.requireUserProfile(required(this.store.webId)),
+            loginUrl: required(this.store.issuer),
+        });
+    }
+
+    private initClient(issuer: string): any {
+        if (!AerogelSolid.clientID) {
+            throw new Error('Metro: Can\'t login in because ClientID document is missing');
+        }
+
+        return metro.client().with(
+            metroOidc.oidcmw({
+                client_info: AerogelSolid.clientID,
+                issuer,
+            }),
+        );
+    }
+
+}

src/auth/index.ts

@@ -2,12 +2,14 @@ import type { Options } from '@aerogel/plugin-solid';
 
 import ActivityPodsAuthenticator from '@/auth/ActivityPodsAuthenticator';
 import RamenAuthenticator from '@/auth/RamenAuthenticator';
+import MetroAuthenticator from '@/auth/MetroAuthenticator';
 
 export const authConfig: Options = {
-    defaultAuthenticator: 'ramen',
+    defaultAuthenticator: 'metro',
     authenticators: {
         'activity-pods': new ActivityPodsAuthenticator(),
         'ramen': new RamenAuthenticator(),
+        'metro': new MetroAuthenticator(),
     },
     onUserProfileLoaded(profile, store) {
         profile.usesActivityPods = !!store.statement(
@@ -22,6 +24,7 @@ declare module '@aerogel/plugin-solid' {
     interface Authenticators {
         'activity-pods': ActivityPodsAuthenticator;
         ramen: RamenAuthenticator;
+        metro: MetroAuthenticator;
     }
 }