Class AccessGrantClient


  • public class AccessGrantClient
    extends Object
    A client for interacting with and managing Access Grant Resources.

    This client will require a suitable Session object, typically an OpenID-based session:

    
       URI issuer = URI.create("https://issuer.example");
       Session openid = OpenIdSession.ofIdToken(idToken);
    
       AccessGrantClient client = new AccessGrantClient(issuer).session(session);
    
       URI resource = URI.create("https://storage.example/data/resource");
       URI purpose = URI.create("https://purpose.example/1");
       AccessCredentialQuery<AccessGrant> query = AccessCredentialQuery.newBuilder()
            .resource(resource)
            .mode("Read")
            .purpose(purpose)
            .build(AccessGrant.class);
    
       client.query(query)
           .thenApply(grants -> AccessGrantSession.ofAccessGrant(openid, grants.toArray(new AccessGrant[0])))
           .thenApply(session -> SolidClient.getClient().session(session))
           .thenAccept(cl -> {
                // Do something with the Access Grant-scoped client
           });
     
    • Constructor Detail

      • AccessGrantClient

        public AccessGrantClient​(URI issuer)
        Create an access grant client.
        Parameters:
        issuer - the issuer
      • AccessGrantClient

        public AccessGrantClient​(Client client,
                                 URI issuer)
        Create an access grant client.
        Parameters:
        client - the client
        issuer - the issuer
      • AccessGrantClient

        public AccessGrantClient​(Client client,
                                 URI issuer,
                                 ClientCache<URI,​com.inrupt.client.accessgrant.Metadata> metadataCache)
        Create an access grant client.
        Parameters:
        client - the client
        issuer - the issuer
        metadataCache - the metadata cache
    • Method Detail

      • session

        public AccessGrantClient session​(Session session)
        Scope an access grant client to a particular session.
        Parameters:
        session - the session
        Returns:
        the scoped access grant client
      • requestAccess

        public CompletionStage<AccessRequest> requestAccess​(URI recipient,
                                                            Set<URI> resources,
                                                            Set<String> modes,
                                                            Set<URI> purposes,
                                                            Instant expiration)
        Issue an access request.
        Parameters:
        recipient - the agent controlling access to the resources
        resources - the resources to which this credential applies
        modes - the access modes for this credential
        purposes - the purposes of this credential
        expiration - the expiration time of this credential
        Returns:
        the next stage of completion containing the resulting access request
      • grantAccess

        public CompletionStage<AccessGrant> grantAccess​(AccessRequest request)
        Issue an access grant based on an access request.
        Parameters:
        request - the access request
        Returns:
        the next stage of completion containing the issued access grant
      • denyAccess

        public CompletionStage<AccessDenial> denyAccess​(AccessRequest request)
        Issue an access denial receipt based on an access request.
        Parameters:
        request - the access request
        Returns:
        the next stage of completion containing the issued access denial
      • query

        public <T extends AccessCredentialCompletionStage<List<T>> query​(URI resource,
                                                                           URI creator,
                                                                           URI recipient,
                                                                           URI purpose,
                                                                           String mode,
                                                                           Class<T> clazz)
        Perform an Access Credentials query and returns 0 to N matching access credentials.
        Type Parameters:
        T - the AccessCredential type
        Parameters:
        resource - the resource identifier, may be null
        creator - the identifier for the agent who created the credential, may be null
        recipient - the identifier for the agent who is the recipient for the credential, may be null
        purpose - the access purpose, may be null
        mode - the access mode, may be null
        clazz - the AccessCredential type, either AccessGrant or AccessRequest
        Returns:
        the next stage of completion, including the matched Access Credentials
      • query

        public <T extends AccessCredentialCompletionStage<List<T>> query​(AccessCredentialQuery<T> query)
        Perform an Access Credentials query and returns 0 to N matching access credentials.
        Type Parameters:
        T - the AccessCredential type
        Parameters:
        query - the access credential query, never null
        Returns:
        the next stage of completion, including the matched Access Credentials
      • revoke

        public CompletionStage<Void> revoke​(AccessCredential credential)
        Revoke an access credential.
        Parameters:
        credential - the access credential
        Returns:
        the next stage of completion
      • fetch

        public <T extends AccessCredentialCompletionStage<T> fetch​(URI identifier,
                                                                     Class<T> clazz)
        Fetch an access credential by identifier. Return at most one access credential or throws an exception.
        Type Parameters:
        T - the credential type
        Parameters:
        identifier - the access credential identifier
        clazz - the credential type, such as AccessGrant or AccessRequest
        Returns:
        the next stage of completion, containing the access credential