René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Login with did:nostr","articleBody":"## Summary\n\nEnable authentication via `did:nostr:\u003cpubkey\u003e` resolution, bridging Nostr identity to Solid WebID.\n\n## How It Works\n\nnostr.social runs [nostr-beacon](https://github.com/nostr-labs/nostr-beacon) which already supports `alsoKnownAs` in DID documents:\n\n```\nhttps://nostr.social/.well-known/did/nostr/\u003cpubkey\u003e.json\n```\n\n### Step 1: User links Nostr → WebID\n\nAdd `alsoKnownAs` to Nostr profile (kind 0 event):\n```json\n{\n  \"name\": \"alice\",\n  \"alsoKnownAs\": [\"https://solid.social/alice/profile/card#me\"]\n}\n```\n\n### Step 2: User links WebID → Nostr\n\nAdd `owl:sameAs` to WebID profile:\n```json\n{\n  \"@id\": \"#me\",\n  \"owl:sameAs\": \"did:nostr:\u003cpubkey\u003e\"\n}\n```\n\n### Step 3: JSS verifies bidirectional link\n\n```\n1. Request arrives with NIP-98 header\n2. Extract pubkey from Nostr event signature\n3. Fetch: nostr.social/.well-known/did/nostr/\u003cpubkey\u003e.json\n4. Get alsoKnownAs → WebID URL\n5. Fetch WebID profile\n6. Check owl:sameAs === did:nostr:\u003cpubkey\u003e\n7. Bidirectional match? → Authenticated as WebID\n```\n\n## Implementation\n\n```javascript\n// src/auth/did-nostr.js (~50 lines)\nexport async function resolveNostrToWebId(pubkey) {\n  // Fetch DID document\n  const res = await fetch(`https://nostr.social/.well-known/did/nostr/${pubkey}.json`);\n  const didDoc = await res.json();\n  \n  // Get WebID from alsoKnownAs\n  const webid = didDoc.alsoKnownAs?.[0];\n  if (!webid) return null;\n  \n  // Verify backlink in WebID profile\n  const profile = await fetch(webid, {\n    headers: {'Accept': 'application/ld+json'}\n  }).then(r =\u003e r.json());\n  \n  const sameAs = profile['owl:sameAs'] || profile['sameAs'];\n  if (sameAs === `did:nostr:${pubkey}`) {\n    return webid;\n  }\n  return null;\n}\n```\n\n## Benefits\n\n- No passwords, cryptographic signatures only\n- Bridges Nostr ↔ Solid identity\n- Works with existing NIP-07 browser extensions\n- Uses existing NIP-98 auth in JSS\n- Decentralized identity resolution via nostr.social\n\n## Related\n\n- [nostr-beacon](https://github.com/nostr-labs/nostr-beacon) - DID resolver running on nostr.social\n- NIP-07: Browser extension signing\n- NIP-98: HTTP Auth (already in JSS)\n- Existing Nostr auth: `src/auth/nostr.js`","author":{"url":"https://github.com/melvincarvalho","@type":"Person","name":"melvincarvalho"},"datePublished":"2026-01-03T23:07:39.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/37/JavaScriptSolidServer/issues/37"}