René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"WebID-OIDC implementation excludes use of WebID authenticated using WebID-TLS","articleBody":"WebID is based on the notion that a WebID is a HTTP URI that identifies an Agent.\r\nWebID-TLS is an authentication protocol that authenticates a WebID based an TLS-handshake enhancement that looks up profile claims in a WebID-Profile doc discovered via the WebID placed in the SAN of an X.509 Cert used in a successful TLS-handshake. \r\n\r\nAll of the above holds true when I use a SoLiD POD deployed using a solid-sever instance that supports the WebID-TLS protocol.\r\n\r\nThe above doesn't happen if I use a SoLiD POD deployed using a solid-server instance that supports the WebID-OIDC protocol.  The following block code pretty much ensures the problem in question.\r\n\r\n ```\r\nallowsSessionFor (userId, origin) {\r\n    // Allow no user or an empty origin\r\n    if (!userId || !origin) return true\r\n    // Allow the server's main domain\r\n    if (origin === this.serverUri) return true\r\n    // Allow the user's subdomain\r\n    const userIdHost = userId.replace(/([^:/])\\/.*/, '$1')\r\n    if (origin === userIdHost) return true\r\n    // Disallow everything else\r\n    return false\r\n  }\r\n```\r\nLinks\r\n[1] https://solid.openlinksw.com:8443 -- WebID-TLS (with optional Delegation support) IdP\r\n[2] https://kidehen3.solid.openlinksw.com:8443 -- WebID-TLS (plus optional Delegation support) POD\r\n[3] https://solid.openlinksw.com:8444 -- WebID-OIDC  IdP\r\n[4] https://kidehen7.solid.openlinksw.com:8444 -- WebID-OIDC POD","author":{"url":"https://github.com/kidehen","@type":"Person","name":"kidehen"},"datePublished":"2018-04-07T21:12:45.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":3},"url":"https://github.com/649/node-solid-server/issues/649"}