Automatically add solid:OIDCIssuer triple to profiles which don't have it.

[timbl]

See gitter discussion https://gitter.im/solid/solidos?at=62b358cb568c2c30d3de28f3

This is about automatically adding the triple

<#me> solid:oidcIssuer <https://inrupt.net> .

for example for any pod on inrupt.net

Otherwise people will not be able to log into CSS -- or into NSS if we turn on the need for it later.

[RubenVerborgh]

I made a quick script for this: https://github.com/RubenVerborgh/add-oidc-issuer/blob/main/add-oidc-issuer.sh

Should work with ./add-oidc-issuer.sh inrupt.net /path/to/inrupt.net/data.

Assumptions (which were true on NSS some time ago):

• pod folder names are pod1, pod2, etc.
• card file name is pod1/profile/card$.ttl

[timea-solid]

This was done for solidcommunity.net (prod and test), for inrupt.net (prod and dev) and for solidweb.org.

[timea-solid]

For reference, if there is an error like Error attempting to handle what looks like an incoming OAuth2 redirect - could just be a user hitting the 'back' key to a previous redirect (since that previous code will no longer be valid!): Error: Token endpoint returned error [invalid_dpop_proof]: invalid DPoP key binding ("iat" claim timestamp check failed (too far in the past)) DemoClientApp.js:187:25 -> check the client laptop clock. see: CommunitySolidServer/CommunitySolidServer#1014 (comment)