2024-48 dev log

[michielbdejong]

This is a dev log issue for https://github.com/tubsproject/solid-slack-bridge and solid-contrib/data-modules#7

[michielbdejong]

I thought of the name 'data set reflector' for the GUI where end-users select which Slack org to reflect in which Pod folder.

I think I also like the word 'reflect' instead of 'sync'.

So the GUI would be more or less as follows:

login

• no need to log in per se, since adding a data set implies authentication. In the future I could add usernames and login methods per reflector account
• until you authenticate with a data source, there is no session and no account
• it's impossible to add a dataset without also adding an identity

data home

I first thought this GUI should start with data sets such as a specific pod folder or a specific Slack workspace, but it should probably start with data homes, such as 'solidcommunity.net' or 'Slack'.
A data home can have:

• interaction protocols, such as the Solid protocol or the Slack protocol
• identities such as web id or slack account
• data sets such as folders on pods or Slack workspaces

data sets

• probably 'data space', although vague, means an entire industry, as in 'the health data space' and not 'your health data space', so multiple 'data sets'.
• you add a data set by adding a first reflection of it
• the reflector does not store a copy, it only bridges other copies. So you need to add a second reflection before sync can start.
• there may be multiple data set reflections and one or more identities associated with a data home
• data sets may be nested! They may even overlap in partial and complex ways.

[michielbdejong]

so the flow is:

• add data homes
• from there, import identities and data set reflections
• reflect data sets to other homes by creating reflections
• the magic starts

The GUI should list homes, identities, and data sets
Each data set lists its reflections
Each reflection links to a home and a place id in there (could involve a specific identity, a string id, a path, a place type, etc)

[michielbdejong]

I should probably split the solid-slack-bridge repo into:

• https://github.com/tubsproject/solid-slack-bridge which I renamed to https://github.com/tubsproject/reflector
• https://github.com/tubsproject/solid-client
• I should extract https://github.com/tubsproject/slack-client in the same way

[michielbdejong]

Should https://github.com/tubsproject/solid-client contain UI? And if so, how should that be integrated in the UI of https://github.com/tubsproject/reflector ?

[michielbdejong]

Maybe I can use 'tub' 🛀 to mean 'place' within a home?

[michielbdejong]

That fits with the idea of water ('liquid data') flowing through pipes between tubs.
It doesn't fit to call 'homes' 'tubs', because data from different sets shouldn't mix liquidly, but each place/tub acts as a reflection of a data set. Liquid data is reflected in tubs.

[michielbdejong]

The reflector now loads the Solid client express pages.
The Slack Bolt app needs a port (using port 7000 for now), I think that's for its webhooks.
Users "install" a Slack app ("TUBS"), for instance https://api.slack.com/apps/A080HGBNZAA (in fact, the Slack app name should refer to the reflector instance, not to TUBS as a whole).
After that, the reflector will, through Bolt, get access to all that user's data on that workspace, I think.

So the reflector will end up with access to a number of user accounts on a number of Slack workspaces.

I'm not sure how we can the link that to user sessions of the reflector itself?

[michielbdejong]

Reconstructing how this worked in the hackathon version Solid Slack Bridge last year:

• https://github.com/tubsproject/reflector/tree/solid-slack-bridge
• https://youtu.be/Pd5joZkr5S4?t=52
• http://localhost:8000/login?slackUUID=U05TRV6UVPV&loginURL=https://solidcommunity.net

[michielbdejong]

I had to add back SERVER_BASE_URL in ./.env as an alias for EXPRESS_FULL_URL but then it worked.
Once the Slack app is installed to my workspace, I can type /solid-login from Slack,
it opens a browser that goes straight to my Solid IDP of choice, and when I sign in I'm redirected back into Slack.

Now I have to work out how the link between Slack and my browser session is established. I don't think the Slack UUID acts as a secret, so what's to stop another user on the same reflector from catching my Slack messages?

[michielbdejong]

Ah right, you have to put your WebID into your Slack profile, as an authorization for the reflector to ship all your private data there. This looks like a big opening for phishing; if:

• Alice can convince Bob to put a certain good-looking webid into his profile page,
• that webid links to a pod that Alice controls, and
• Bob has the reflector app is installed in that Slack workspace

Then Alice will be able to read Bob's Slack messages.

Note that this webid can be any goodlooking URL, such as https://support.some.good.cause.org - it doesn't have to link back to Alice in any obvious way.

[michielbdejong]

Next: on main screen, show the different things we want to show (including slack identity from ^)

[michielbdejong]

I added /slack/login and /slack/logout and used a nonce to link them to Slack identity.
Next: tubsproject/reflector#17

[michielbdejong]

This week I didn't get as far as I had hoped with the completion of #2, but I made a lot of progress with it, as well as with #1 and tubsproject/reflector#17.

Hours worked this week 28.75 + 4 + .5 + .75 + .5 + 1 = 35.5

• Solid Data Modules 28.75
• NPULS 4
• OCM .5
• SURF .75
• ToS;DR .5
• bizdev 1