Skip to content

Sh work#67

Open
Lawhacknifemi wants to merge 4 commits into
masterfrom
sh-work
Open

Sh work#67
Lawhacknifemi wants to merge 4 commits into
masterfrom
sh-work

Conversation

@Lawhacknifemi

Copy link
Copy Markdown
Collaborator

No description provided.

- Rewrite queryFeedCandidates to use plain SQL strings instead of
  Drizzle sql template tags. Drizzle's parser misinterprets PostgreSQL
  JSONB path literals like '{subject,uri}' as template interpolation
  targets, corrupting parameter numbering and generating invalid
  LIMIT $1,$2 syntax.

- Fix jsonb_object_length() (does not exist in PostgreSQL) with
  (SELECT COUNT(*) > 0 FROM jsonb_object_keys(...)).

- Add migration 0016 to recreate unified_feed_view with full column
  set and create the missing unified_feed_candidates_view.

- Uncomment activitypods-frontend service in docker-compose-dev.yml
  (required for Solid OIDC login UI at localhost:5000).

- Add SEMAPPS_FRONTEND_URL to activitypods-backend environment.
OIDC flow was overwriting the pod-native JWT (from /auth/login) with
the OIDC access_token. ActivityPods outbox writes require the native
JWT - the OIDC token returns INVALID_TOKEN (401).

Fix: only store the OIDC token if pod_token is missing. If a
pod-native token already exists in the DB, leave it untouched.
New users get the OIDC token as a fallback until they also sign in
via the legacy /signin flow.
ActivityPods uses a proprietary server-signed JWT for pod writes,
separate from the OIDC access token. Users who sign in via OIDC need
a way to sign out and back in via the legacy /signin flow to refresh
the pod-native token stored in users.pod_token.

Adds a red Sign out button at the bottom of the Settings page.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant