fix: re-enable WebID-TLS tests that were incorrectly disabled

The WebID-TLS tests were skipped in October 2019 (commit 778095a) when
the tests were updated to properly test multiuser mode. The claim was
that "TLS is broken", but the code was never actually broken - only the
test infrastructure was incomplete.

This commit:
- Removes describe.skip/it.skip from acl-tls-test.mjs (5 instances)
- Adds hosts setup to GitHub Actions CI for multiuser DNS resolution

The hosts configuration (tim.localhost, nicola.localhost, nic.localhost)
was present in the original Travis CI config but was lost during the
migration to GitHub Actions in December 2020.

The WebID-TLS authentication code itself has been intact and functional
throughout - only the tests were disabled.

Fixes #1841

Author: melvincarvalho

.github/workflows/ci.yml

@@ -23,6 +23,13 @@ jobs:
     steps:
     - uses: actions/checkout@v4
 
+    # Setup hosts for WebID-TLS tests (multiuser mode requires *.localhost DNS)
+    - name: Setup hosts for TLS tests
+      run: |
+        sudo echo "127.0.0.1 nic.localhost" | sudo tee -a /etc/hosts
+        sudo echo "127.0.0.1 tim.localhost" | sudo tee -a /etc/hosts
+        sudo echo "127.0.0.1 nicola.localhost" | sudo tee -a /etc/hosts
+
     # extract repository name
     - if: github.event_name == 'pull_request'
       run: echo "REPO_NAME=${{ github.event.pull_request.head.repo.full_name }}" >> $GITHUB_ENV

test/integration/acl-tls-test.mjs

@@ -57,14 +57,7 @@ const userCredentials = {
   }
 }
 
-// TODO Remove skip. TLS is currently broken, but is not a priority to fix since
-// the current Solid spec does not require supporting webid-tls on the resource
-// server. The current spec only requires the resource server to support webid-oidc,
-// and it requires the IDP to support webid-tls as a log in method, so that users of
-// a webid-tls client certificate can still use their certificate (and not a
-// username/password pair or other login method) to "bridge" from webid-tls to
-// webid-oidc.
-describe.skip('ACL with WebID+TLS', function () {
+describe('ACL with WebID+TLS', function () {
   let ldpHttpsServer
   const serverConfig = {
     root: rootPath,
@@ -131,7 +124,7 @@ describe.skip('ACL with WebID+TLS', function () {
       })
     })
 
-    it.skip('should return a 401 and WWW-Authenticate header without credentials', (done) => {
+    it('should return a 401 and WWW-Authenticate header without credentials', (done) => {
       rm('.acl')
       const options = {
         url: address + '/acl-tls/no-acl/',
@@ -568,7 +561,7 @@ describe.skip('ACL with WebID+TLS', function () {
     })
   })
 
-  describe.skip('Glob', function () {
+  describe('Glob', function () {
     it('user2 should be able to send glob request', function (done) {
       const options = createOptions(globFile, 'user2')
       request.get(options, function (error, response, body) {
@@ -613,7 +606,7 @@ describe.skip('ACL with WebID+TLS', function () {
         done()
       })
     })
-    it.skip('user1 should be able to PATCH a resource', function (done) {
+    it('user1 should be able to PATCH a resource', function (done) {
       const options = createOptions('/acl-tls/append-inherited/test.ttl', 'user1')
       options.headers = {
         'content-type': 'application/sparql-update'
@@ -943,7 +936,7 @@ describe.skip('ACL with WebID+TLS', function () {
     // })
   })
 
-  describe.skip('Cleanup', function () {
+  describe('Cleanup', function () {
     it('should remove all files and dirs created', function (done) {
       try {
         // must remove the ACLs in sync