webid claim support

[bourgeoa]

🔍 Code Review: Solid Multi-RP Client WebID Integration

🎯 Summary

Perfect integration enhancement! This PR adds WebID scope to the default client configuration, ensuring that Solid applications automatically request WebID claims during authentication without requiring manual scope configuration.

✅ What's Working Well

Default Scope Enhancement (src/multi-rp-client.js):

// ✅ WebID scope added to defaults
config.scope = config.scope || 'openid profile webid'
//                                              ^^^^^
//                                      New WebID scope support

🎯 Strategic Impact

Before this change:

// Applications had to explicitly request webid scope
const client = new MultiRpClient({
  scope: 'openid profile webid'  // Manual configuration required
})

After this change:

// WebID scope automatically included
const client = new MultiRpClient({
  // webid scope included by default! 🎉
})

📋 Solid OIDC Integration

This enhancement provides seamless Solid ecosystem integration:

Benefit	Impact
Default WebID support	Applications get WebID claims automatically
Backward compatibility	Existing applications continue working
Scope customization	Apps can still override if needed
Reduced configuration	Less boilerplate for Solid apps

🔄 Multi-Client Workflow

Perfect integration with the broader WebID implementation:

graph LR
    A[MultiRpClient] -->|requests 'webid' scope| B[oidc-op]
    B -->|issues WebID claims| C[ID Token]
    C -->|parsed by| D[oidc-rp]
    D -->|provides| E[session.webid]

Loading

🧪 Usage Scenarios

Scenario 1: Default Solid App

const multiClient = new MultiRpClient()
// Automatically requests: 'openid profile webid'

Scenario 2: Custom Scope Override

const multiClient = new MultiRpClient({
  scope: 'openid email'  // WebID not needed for this app
})

Scenario 3: Extended Scopes

const multiClient = new MultiRpClient({
  scope: 'openid profile webid custom-scope'  // Additional scopes
})

💡 Developer Experience

Benefits for Solid developers:

• ✅ Zero configuration WebID support
• ✅ Automatic compliance with Solid OIDC patterns
• ✅ Consistent behavior across Solid applications
• ✅ Easy customization when needed

🚀 Ecosystem Impact

This change enables:

• Faster Solid app development - WebID works out of the box
• Consistent user experience - All Solid apps get WebID by default
• Reduced support burden - Fewer configuration issues
• Solid standard adoption - Makes WebID the default, not optional

📦 Integration Testing

Test with the complete flow:

// 1. MultiRpClient requests 'openid profile webid' scope
const client = new MultiRpClient()

// 2. oidc-op issues WebID claims in ID token
// 3. oidc-rp parses WebID claims
// 4. Application accesses session.webid

💡 Recommendations

1. Ready to merge - Simple, high-impact change
2. Update documentation - Highlight automatic WebID support
3. Test edge cases - Ensure scope override works correctly
4. Consider migration guide - Help existing apps understand the change

LGTM 🎉 - This makes WebID support truly seamless for Solid applications!

---

Reviewed the add-webid branch change adding WebID to default client scopes.

---

Files analyzed:

• src/multi-rp-client.js - Default scope configuration with WebID
• package-lock.json - Dependency updates

Branch: add-webid
Purpose: Enable automatic WebID scope requests for Solid applicationsroot@DESKTOP-PIRJOCS:/mnt/d/github/solidos/work

[bourgeoa]

@dmitrizagidulin can you review

and now NSS passes all conformance tests https://solid-contrib.github.io/solid-oidc-tests/ (including webid) with the 3 updates to oidc-op, oidc-rp, solid-multi-rp-client