Av/session persistence

[anushkavidanage]

Pull Request Details

Description

Adds automatic session persistence to SolidAuthManager so that users do not need to log in again on every app launch.

After a successful login, the package now saves the OIDC issuer URI, requested scopes, and DPoP RSA key pair to platform-native secure storage (via OidcDefaultStore). A new tryRestoreSession() method silently restores a previous session on app startup.

logout() and forgetUser() both clear the stored session. The example app LoginScreen is updated to demonstrate the pattern. It shows a loading spinner on startup and navigates straight to the authenticated screen if a session is found.

Related Issues

#40
anusii/solidpod#641
anusii/solidui#270

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How To Test?

• Build and run the example app (cd example && flutter run) on any platform (desktop/mobile/web).
• First launch - tap LOGIN and complete the browser OIDC flow. Confirm you land on the private resource screen.
• Close and reopen the app (or reload the app) - confirm the app skips the login screen entirely and navigates directly to the private screen (session restored silently).
• Logout - tap the logout button. Close and reopen the app. Confirm the login screen is shown (stored session was cleared).
• Expired token path - if a refresh token is available, let the access token expire (or shorten its TTL on the server) and reopen the app. Confirm the session is still restored via a transparent token refresh.

Checklist

• Screenshots included in linked issue #
• Changes adhere to the style and coding guidelines
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• Any dependent changes have been merged and published in downstream modules
• The update contains no confidential information
• The update has no duplicated content
• No lint check errors are related to these changes (make prep or flutter analyze lib)
• Integration test dart test output or screenshot included in issue #
• I tested the PR on these devices:
  • Android
  • iOS
  • Linux
  • MacOS
  • Windows
  • Web
• I have identified reviewers
• The PR has been approved by reviewers

Finalising

• Merge dev into the this branch
• Resolve any conflicts
• Add a one line summary into the CHANGELOG.md
• Push to the git repository and review
• Merge the PR into dev