WebID sketch

continuing on the theme of posting random stuff to this ML

Presbrey, Deiu and Stample (2 nicknames and a company) have been making some UI prototypes work with a standard "RWW" backend server, one that supports some sort of SPARQL-UPDATE, POST writes etc

 https://github.com/linkeddata/spreadsheet
 https://github.com/stample/react-foaf

there's so much going on, CORS proxies + WebID authenticators + SSL webservers + WAC/ACL permission-systems + modern JS UIs + serializers + database-frontends - the RWW-Play/Stample solution is pretty massive, and takes about 90s to service a first-request while everything is JIT'd/cached on mid-00s 50USD-ebay thinkpads/toughbooks then runs into swapping-issues with 512/1024MB of RAM - it's exciting someone has founded a startup around an implementation of all of this which will probably run fairly smoothly on modern well-provisioned VPS when amortizing the stack-overhead across more users in some sort of Data.fm scenario. Ruby might actually offer a leaner solution with some additions

foaf-ssl, from hellekin was all i could find related - if there are others, maybe they are hiding. a few thoughts

 - hasn't been touched in 4 years - IMHO not a problem if it works. sunsite/ibiblio tarballs from 2001 sometimes suit the occasion

-  uses RDF::Raptor, the original shell-out-to-rapper rather than generic Reader/Writer class - see modernizing suggested as a good idea on this http://lists.w3.org/Archives/Public/public-rdf-ruby/2013May/0002.html but unsure if anything resulted (probably would be on hellekin's github if so? - looks like he's been concentrating on Elgg, whatever that is - one more thing to read the sourcecode of

 - GPL - all i know is i liked UNLICENSE even more than BSD/MIT and decided to use that, at this point i think this means i would have to change my code's license to the GPL to use this code ? admittedly the GPL is quite long and i haven't read all of it and certainly don't claim to understand all of it and that itself is a bit of a warning-sign. i know there's some requirements that seem kind of arbitrary, like you can work around 'linking' or 'in-process' with SHM/RPC/HTTP? but what if that's not the most sensible solution to the problem other than license-compliance, at least understanding all the subtleties and ramifications of what is stated and all the various requirements and loopholes and contexts would almost require retaining a lawyer/expert and that is currently outside of my means so i'm going to have to pass on this until determining if i really want to subject potential users, even if only 2 or 3 to the minefield going on here

 - ruby-specific API for querying. stuff like <https://github.com/hellekin/foafssl-ruby/blob/master/lib/foafssl/reader/foaf.rb>

querying a graph can be expressed in a specified/standard/broadly-implemented language like SPARQL, which eases porting among implementations knowing at least the graph-walking code is identical (SPARQL support might have not existed in Ruby when Hellekin wrote this) - so mildly excited to discover this:

  https://github.com/linkeddata/ldphp/blob/master/www/inc/webid.lib.php

which roughly translates to this UNLICENSED snippet, once https://github.com/linkeddata/mod_authn_webid has been installed on apache

 get '/whoami' do
    e['HTTP_SSL_CLIENT_CERT'].do{|v|

      p = v.split /[\s\n]/ # linebreaks sometimes munged into spaces upstream

      unless p.size < 5

        pem = [p[0..1].join(' '), # header
               p[2..-3],          # body
               p[-2..-1].join(' ')].join "\n" # format

        OpenSSL::X509::Certificate.new(pem).do{|x509| # parse
          x509.extensions.
          find{|x|x.oid == 'subjectAltName'}.do{|altName| # user URI
            uri = altName.value.sub /^URI:/, ''
            pubkey = x509.public_key
            m = pubkey.n # modulus
            e = pubkey.e # exponent
            graph = RDF::Repository.load uri
            query = "PREFIX : <http://www.w3.org/ns/auth/cert#> SELECT ?m ?e WHERE { <#{uri}> :key [ :modulus ?m; :exponent ?e; ] . }"
            SPARQL.execute query, graph do |result|
              mCert = m.to_i
              mWeb = result[:m].value.to_i 16
              if mCert == mWeb
#               response = [200,{'Content-Type'=>'text/n3; charset=utf-8'},[graph.dump(:n3)]]
                response = [302,{'Location'=>uri},[]]
              end
            end}}
      end}
    response
end

 more questions:

 - can Rack do SSL completely without Apache or Nginx in front of it? chances are i'd never have enough users to care about wanting yet another webserver in front, C-modules-recompiling-etc.
   saw this which looks more like implementing CAs, but maybe the validity-checker lib can do what mod_authn_webid is doing, negating the need for Apache upstream:
  
 https://github.com/r509

 #do is below, did ruby get https://en.wikibooks.org/wiki/Haskell/do_Notation ? 
obviously you could just do:
a = something
if a
  a.methods
end

class FalseClass|NilClass
  def do; false end
end
class Object
  def do; yield self end
end

 anyways, the above worked for me, to get a bit further into fiddling with presbrey's code. but im wondering about

SPARQL-UPDATE POSTs.. and a whole slew of other things..

Received on Wednesday, 19 March 2014 00:52:44 UTC