Conversion toRDF fails

[QuanticPotatoes]

Hello,

I have a problem with toRDF function. In JSON-LD, i convert my json to nquads correctly :
http://tinyurl.com/kf482a4

But in node, it's don't work.

let json = { 
  "@context": { 
    "doi": "http://purl.org/ontology/bibo/doi",
    "schema": "http://schema.org/"
   },
  "@id" : "hello",
  "@graph": [
    {
      "@id": "http://json-ld.org/playground/coucou",
      "doi": "doitest"
    }
  ]
};

  jsonld.toRDF(doc, { format: "application/nquads" }, (err, nquads) => {
    console.log(nquads);
  });
};

nquads return just "" 😭

I have the feeling that problem comes from @id

let json = { 
  "@context": { 
    "doi": "http://purl.org/ontology/bibo/doi",
    "schema": "http://schema.org/"
   },
  //"@id" : "hello",
  "@graph": [
    {
      "@id": "http://json-ld.org/playground/coucou",
      "doi": "doitest"
    }
  ]
};

Ouput:
<http://json-ld.org/playground/coucou> <http://purl.org/ontology/bibo/doi> "doitest" .
I have tested with "jsonld": "^0.4.12"
I don't understand, if you can help me 😀
Thanks

[dlongley]

@QuanticPotatoes, as your input doesn't have an absolute URL for its @id, you need to set a base to be able to output valid RDF, e.g.:

const jsonld = require('jsonld');

let doc = { 
  "@context": { 
    "doi": "http://purl.org/ontology/bibo/doi",
    "schema": "http://schema.org/"
   },
  "@id" : "hello",
  "@graph": [
    {
      "@id": "http://json-ld.org/playground/coucou",
      "doi": "doitest"
    }
  ]
};

jsonld.toRDF(doc, { format: "application/nquads", base: "https://example.org/" }, (err, nquads) => {
  console.log(nquads);
});

[QuanticPotatoes]

Thank you ! I didn't understand why the conversion wasn't working. 😄
Have a nice day !

[dlongley]

Sure and you too!

[hidde-jan]

This should be reopened. Silently ignoring nodes with relative ids is hella bad. Especially when combined with jsonld-signatures.js. When signing, first a normalization step is performed. If I have a node with a relative id somewhere in my document, that whole node is currently ignored. If I create and sign a claim/graph with such a node, I am in fact signing a document without that node. If an attacker then adds a node with such a relative id, the current implementation of json-signatures.verify will throw out this malformed node, and then check the signature over the rest of the graph. Since this is again the 'empty' graph as before, the signature will be valid and the verifier will wrongfully assume that the total graph sent by the attacker is valid.

I've just tested this, and I think that my statements above are correct.

[dlongley]

@hidde-jan -- We're aware of that issue but it wasn't being properly tracked. Instead of tacking it on here, I've opened issue #199 to keep track of it.

[hidde-jan]

Ok, great :)

I had some trouble figuring out why my nQuads were not as expected. In the meantime, what would be a good approach for people trying to work around the issue? It seems you can't pass a base option in jsonld-singatures.verify that is passed to the jsonld.toRDF call.

[dlongley]

@hidde-jan,

You should be able to run jsonld.expand() (along with a base option) first and then pass the output to jsonld-signatures.verify.