"...knowledge-base/knowledgebase-front.git" did not exist on "7b72ddc5b5e6a8179388eafe1fd2f706fbf7dd13"
Compliance with Solid Application Interoperability spec
We want to study what needs to be done to make Startinblox compliant with the Solid Application Interoperability spec.
In order to do that, here are the next steps:
- Provide fake data based on the specification
- Create a diagram to show the workflows in a simple way
- Build a simple server which can support the provided model
- See what can be done on the client side to handle all these permissions
Activity
Data
Here are the data contained in Alice POD, based on the specification:
{ "@id": "https://alice.pod.example/profile/id#me", "@type": "interop:Agent", // APPLICATIONS "interop:hasApplicationRegistrySet": { "@id": "https://alice.pod.example/profile/application#set", "@type": "interop:ApplicationRegistrySet", "interop:hasRegistry": [ { "@id": "https://alice.pod.example/applications/#registry", "@type": "interop:ApplicationRegistry", "interop:hasRegistration": [ { "@id": "705563552198b6fb3efc40717872aa2ec35d669c1095cc5d665f499ec5d7e23a/#registration", "@type": "interop:ApplicationRegistration", "interop:registeredBy": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://trusted.example/id#agent" }, "interop:registeredAt": "2020-04-04T20:15:47.000Z", "interop:updatedAt": "2020-04-04T21:11:33.000Z", "interop:registeredApplication": { "@id": "https://app.example/profile/id#agent" }, "interop:hasAccessReceipt": { "@id": "./04ca5ba7-0166-4312-ae96-09b9f3a25ba0#receipt" } }, { "@id": "ede6aa50cb9e5fc564fdb4f0dc661685825ee3178355214086be27f9830e2a42/#registration" }, { "@id": "150dca42b3d5661ba10a28e0aff36f212e27b0f7463fe1ef3bf1b5a45b640673/#registration" }, { "@id": "b3564e72a3877c9cfa9e4bc4d9e47e9b7c536ae9927407c8dd00ec3b0069f536/#registration" } ] }, { "@id": "https://alice.otherpod.example/applications/#registry" } ] }, // DATA "interop:hasDataRegistrySet": { "@id": "https://alice.pod.example/profile/data#set", "@type": "interop:DataRegistrySet", "interop:hasRegistry": [ { "@id": "https://alice.pod.example/data/#registry", "@type": "interop:DataRegistry", "interop:hasRegistration": [ { "@id": "49a4057a-6ade-4a9d-9869-085a00925259/#registration", "@type": "interop:DataRegistration", "interop:registeredBy": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://app.example/id#agent" }, "interop:registeredAt": "2020-04-04T20:15:47.000Z", "interop:registeredShapeTree": { "@id": "https://tree.example/commonnote#notebook-tree" }, "interop:hasRegisteredDataInstance": [ { "@id": "3f56c32e-96c6-4b0c-b941-eadc2bf98b18/#notebook" }, { "@id": "16e1eae9-20a5-489d-8380-8c07ca3805c4/#notebook" }, { "@id": "886785d2-6c23-46ee-9e19-5ac36b7bcd71/#notebook" }, { "@id": "dae5015c-d5f9-4ede-b9eb-7ca7a19854a9/#notebook" } ] }, { "@id": "cf2d40d3-858e-42f7-8b11-d021b5989ed2/#registration" }, { "@id": "628a7371-3a9b-49f9-a7aa-2e9c93e0150b/#registration" } ] }, { "@id": "https://alice.otherpod.example/data/#registry" } ] }, // ACCESS GRANT "interop:hasAccessGrantRegistrySet": { "@id": "https://alice.pod.example/profile/grant#set", "@type": "interop:AccessGrantRegistrySet", "interop:hasRegistry": [ { "@id": "https://alice.pod.example/grants/#registry", "@type": "interop:AccessGrantRegistry", "interop:hasRegistration": [ { "@id": "ab3d0023-3860-4358-ae33-8d3af1097b9d#grant", "@type": "interop:AccessGrant", "interop:registeredBy": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://trusted.example/id#agent" }, "interop:registeredAt": "2020-09-05T06:15:01Z", "interop:updatedAt": "2020-09-05T06:15:01Z", "interop:hasAccessGrantSubject": { "@id": "#grant-subject", "@type": "interop:AccessGrantSubject", "interop:accessByAgent": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:accessByApplication": { "@id": "https://nevernote.example/id#agent" } }, "interop:hasCompiledAccessGroup": { "@id": "#cag-notebook-group", "@type": "interop:CompiledAccessGroup", "interop:fromAccessNeedGroup": "ex:accessNotebookGroup", "interop:hasAccessNeedGroupDecorator": "ex:accessNotebookGroupDecorator", "interop:accessNecessity": "interop:AccessRequired", "interop:authenticatesAs": "interop:Pilot", "interop:hasCompiledAccess": { "id": "#ca-notebook" } }, "interop:hasDataGrant": [ { "@id": "#notebook-grant", "@type": "interop:DataGrant", "interop:hasRegistration": "data:notebook-tree", "interop:registeredShapeTree": "note:notebook-tree", "interop:satisfiesCompiledAccess": { "@id": "#ca-notebook", "@type": "interop:CompiledAccess", "interop:registeredShapeTree": "note:notebook-tree", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:accessNecessity": "interop:AccessRequired", "interop:hasAccessNeedDecorator": "ex:notebookAccessDecorator", "interop:hasShapeTreeDecorator": "note:notebookDecorator", "interop:referencesCompiledAccess": { "@id": "#ca-notes" }, "interop:hasDataGrant": { "@id": "#notebook-grant" } }, "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:scopeOfDataGrant": "interop:AllInstances" }, { "@id": "#note-grant", "@type": "interop:DataGrant", "interop:hasRegistration": "data:note-tree", "interop:registeredShapeTree": "note:note-tree", "interop:satisfiesCompiledAccess": { "@id": "#ca-note", "@type": "interop:CompiledAccess", "interop:registeredShapeTree": "note:note-tree", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:accessNecessity": "interop:AccessRequired", "interop:hasAccessNeedDecorator": "ex:noteAccessDecorator", "interop:hasShapeTreeDecorator": "note:noteDecorator", "interop:hasDataGrant": { "@id": "#note-grant" } }, "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:scopeOfDataGrant": "interop:AllInstances" } ] }, { "@id": "ad7b935f-ced9-4ce6-835f-5c6abc046228#grant" }, { "@id": "5ed73c65-ce77-4c8a-8f7e-9715b90307e6#grant" }, { "@id": "2d575cba-3f6c-4c58-bccd-0e6266ba56cf#invitation", "@type": "interop:AccessInvitation", "interop:registeredBy": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://trusted.example/id#agent" }, "interop:registeredAt": "2020-09-13T19:32:52Z", "interop:updatedAt": "2020-09-13T19:32:52Z", "interop:expiresAt": "2020-09-20T19:32:52Z", "interop:hasCompiledAccessGroup": { "@id": "#cag-notebook-group" }, "interop:hasDataGrant": [ "#notebook-grant, #note-grant" ], "interop:hasAccessInvitationChannel": [ { "@id": "#phone-channel", "@type": "interop:PhoneInvitationChannel", "interop:channelTarget": "(555) 555-1212", "interop:channelCode": "654345", "interop:isValidated": false, "interop:remainingAttempts": 3 }, { "@id": "#email-channel", "@type": "interop:EmailInvitationChannel", "interop:channelTarget": "bob@example.com", "interop:channelCode": "434567", "interop:isValidated": true, "interop:remainingAttempts": 3 } ] } ] }, { "@id": "https://alice.pod.example/grants/#registry" } ] }, // ACCESS RECEIPT "interop:hasAccessReceiptRegistrySet": { "@id": "https://alice.pod.example/profile/receipt#set", "@type": "interop:AccessReceiptRegistrySet", "interop:hasRegistry": [ { "@id": "fa6d6553-0308-4abd-bce6-888df653695a#receipt", "@type": "interop:AccessReceipt", "interop:registeredBy": { "@id": "https://bob.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://trusted.example/id#agent" }, "interop:registeredAt": "2020-09-05T06:15:01Z", "interop:updatedAt": "2020-09-05T06:15:01Z", "interop:providedAt": "2020-09-05T06:15:01Z", "interop:fromAgent": { "@id": "https://alice.pod.example/profile/id#me" }, "interop:toAgent": { "@id": "https://bob.pod.example/profile/id#me" }, "interop:hasDataReceipt": [ { "@id": "#notebook-receipt", "@type": "interop:DataReceipt", "interop:hasRegistration": { "@id": "https://alice.pod.example/data/notebook/#registration" }, "interop:registeredShapeTree": "note:notebook-tree", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:scopeOfDataGrant": "interop:SelectedInstances", "interop:hasRegisteredDataInstance": [ { "@id": "https://alice.pod.example/data/notebook/notebook-1/#notebook" }, { "@id": "https://alice.pod.example/data/notebook/notebook-2/#notebook" } ] }, { "@id": "#note-receipt", "@type": "interop:DataReceipt", "interop:hasRegistration": { "@id": "https://alice.pod.example/data/note/#registration" }, "interop:registeredShapeTree": "note:note-tree", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:scopeOfDataGrant": "interop:inheritInstances", "interop:inheritsFrom": { "@id": "#notebook-receipt" }, "interop:hasRegisteredDataInstance": [ { "@id": "https://alice.pod.example/data/note/note-1/#note" }, { "@id": "https://alice.pod.example/data/note/note-2/#note" }, { "@id": "https://alice.pod.example/data/note/note-3/#note" }, { "@id": "https://alice.pod.example/data/note/note-4/#note" }, { "@id": "https://alice.pod.example/data/note/note-5/#note" } ] } ] }, { "@id": "d49eae8c-e138-4153-86ed-63832deadc6b#receipt" }, { "@id": "506a0cee-1dc9-4720-a768-294aa0284502#receipt" } ] }, // REMOTE DATA "interop:hasRemoteDataRegistrySet": { "@id": "https://alice.pod.example/profile/remote#set", "@type": "interop:RemoteDataRegistrySet", "interop:hasRegistry": [ { "@id": "https://bob.pod.example/remote/#registry", "@type": "interop:RemoteDataRegistry", "interop:hasRegistration": [ { "@id": "f0ebbd29-3a5a-4770-af29-cdb7693066b4/#registration", "@type": "interop:RemoteDataRegistration", "interop:registeredBy": { "@id": "https://bob.pod.example/profile/id#me" }, "interop:registeredWith": { "@id": "https://trusted.example/id#agent" }, "interop:registeredAt": "2020-09-05T06:15:01Z", "interop:updatedAt": "2020-09-05T06:15:01Z", "interop:providedAt": "2020-09-05T06:16:01Z", "interop:hasDataReceipt": { "@id": "https://bob.pod.example/receipts/fa6d6553-0308-4abd-bce6-888df653695a#notebook-receipt" }, "interop:hasRegistration": { "@id": "https://alice.pod.example/data/notebook-tree/#registration" }, "interop:registeredShapeTree": "note:notebook-tree", "interop:scopeOfDataGrant": "interop:SelectedInstances", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:hasRemoteDataInstance": [ { "@id": "https://bob.pod.example/remote/f0ebbd29-3a5a-4770-af29-cdb7693066b4/cd04e76b-d64d-4cea-aacf-fb248a295002#instance", "@type": "interop:RemoteDataInstance", "interop:registeredAt": "2020-09-05T06:15:01Z", "interop:updatedAt": "2020-09-05T06:15:01Z", "interop:providedAt": "2020-09-05T06:16:01Z", "interop:hasDataReceipt": { "@id": "https://bob.pod.example/receipts/fa6d6553-0308-4abd-bce6-888df653695a#notebook-receipt", }, "interop:registeredShapeTree": "note:notebook-tree", "interop:accessMode": [ "acl:Read, acl:Write" ], "interop:hasRegisteredDataInstance": { "@id": "https://alice.pod.example/data/notebook/notebook-1/#notebook", } }, { "@id": "https://bob.pod.example/remote/f0ebbd29-3a5a-4770-af29-cdb7693066b4/9506b58f-3c36-4c0c-a698-712baf478deb#instance" } ] }, { "@id": "265dff0c-b199-42d8-95b3-d1eaae91c412/#registration" }, { "@id": "f68e95eb-a61f-408c-8d83-c4f21dae6115/#registration" } ] }, { "@id": "https://bob.otherpod.example/remote/#registry" } ] } }Edited by Matthieu Fesselier-
Above data updated. Some more informations about registries:
- Application registry : Records the Applications that a given Agent uses or has given access to.
- Data registry : Stores and organizes data types for interoperable use by different Applications and shared with other Agents
- Access grant registry : Records access granted to other Agents and/or Applications
- Access receipt registry : Tracks access that has been granted by other Agents
- Remote data registry : Local references to data that has been shared by other Agents
Edited by Matthieu Fesselier
-
Schemas of the authorization workflows
This schema shows how an application requests access to data of an agent
CONTROLLER could be a user (ie: Alice)
APP could be an instance of Hubl (ie: Hubl HD Paris)
AUTH is an application trusted by Alice for authorization and access control
Edited by Matthieu Fesselier -
This schema shows how an agent requests access of data of another agent
CONTROLLER could be a user (ie: Alice)
APP could be an instance of Hubl (ie: Hubl HD Paris)
AUTH is an application trusted by Alice for authorization and access controlREQUESTER could be another user (ie: Bob)
REQAPP could be another instance of Hubl (ie: Hubl HD BZH)
RAUTH is an application trusted by Bob for authorization and access control
Edited by Matthieu Fesselier -
This schema shows how an agent shares access to his data to another agent
CONTROLLER could be a user (ie: Alice)
APP could be an instance of Hubl (ie: Hubl HD Paris)
CAUTH is an application trusted by Alice for authorization and access controlRECEIVER could be another user (ie: Bob)
RAUTH is an application trusted by Bob for authorization and access control
-
This schema shows how an agent shares data with an agent that doesn’t have an identity or a pod.
CONTROLLER could be a user (ie: Alice)
APP could be an instance of Hubl (ie: Hubl HD Paris)
AUTH is an application trusted by Alice for authorization and access controlCISERVICE is an application trusted by Alice for validation of invitations
INVITEE could be a person without an account on Hubl
PROVIDER is a POD Provider
-
Specification in Hubl ecosystem
Applied to Hubl ecosystem, the specification could apply like this:
- every Hubl Instances is an Application. They have access needs based on the features they provide
- every Communities is an Agent. They store data (circles, job offers, ...) and grant access to other agents to edit these data
- every User is an Agent. They also have personnal data (profile, circle-member, ...). They can use applications by giving them access to these data. They can be part of a community by requesting access to their data to edit them.
mentioned in issue management/core-team#16
Please register or sign in to reply