@inrupt/solid-client-access-grants / manage

Module: manage#

Import this module for the access API functions available to an entity managing access requests over resources.

Type Aliases#

ApproveAccessRequestOverrides#

Ƭ ApproveAccessRequestOverrides: Omit<Omit<AccessGrantParameters, "status">, "expirationDate"> & { expirationDate?: Date | null }

Defined in#

src/manage/approveAccessRequest.ts:44

Variables#

GRANT_VC_URL_PARAM_NAME#

Const GRANT_VC_URL_PARAM_NAME: "accessGrantUrl"

Defined in#

src/manage/redirectToRequestor.ts:26

Functions#

approveAccessRequest#

approveAccessRequest(requestVc, requestOverride?, options?): Promise<AccessGrant>

Approve an access request. The content of the approved access request is provided as a Verifiable Credential which properties may be overriden if necessary.

Since

0.0.1.

Parameters#

Name

Type

Description

requestVc

string | URL | VerifiableCredential

The Verifiable Credential representing the Access Request. If not conform to an Access Request, the function will throw.

requestOverride?

Partial<ApproveAccessRequestOverrides>

Elements overriding information from the provided Verifiable Credential.

options?

AccessBaseOptions

Optional properties to customise the access grant behaviour.

Returns#

Promise<AccessGrant>

A Verifiable Credential representing the granted access.

Defined in#

src/manage/approveAccessRequest.ts:163

approveAccessRequest(requestVc, requestOverride, options?): Promise<AccessGrant>

Approve an access request. The content of the approved access request is provided as a set of claims, and no input Verifiable Credential is expected.

Since

0.0.1.

Parameters#

Name

Type

Description

requestVc

undefined

A Verifiable Credential that would represent the Access Request if provided.

requestOverride

ApproveAccessRequestOverrides

Claims constructing the Access Grant.

options?

AccessBaseOptions

Optional properties to customise the access grant behaviour.

Returns#

Promise<AccessGrant>

A Verifiable Credential representing the granted access.

Defined in#

src/manage/approveAccessRequest.ts:180


denyAccessRequest#

denyAccessRequest(vc, options?): Promise<VerifiableCredential>

Deny an access request. The content of the denied access request is provided as a Verifiable Credential.

Since

0.0.1

Parameters#

Name

Type

Description

vc

string | URL | VerifiableCredential

The Verifiable Credential representing the Access Request. If not conform to an Access Request, the function will throw.

options?

AccessBaseOptions

Optional properties to customise the access denial behaviour.

Returns#

Promise<VerifiableCredential>

A Verifiable Credential representing the denied access.

Defined in#

src/manage/denyAccessRequest.ts:73

denyAccessRequest(resourceOwner, vc, options?): Promise<VerifiableCredential>

Deprecated

Please remove the resourceOwner parameter.

Parameters#

Name

Type

resourceOwner

string

vc

string | URL | VerifiableCredential

options?

AccessBaseOptions

Returns#

Promise<VerifiableCredential>

Defined in#

src/manage/denyAccessRequest.ts:80


getAccessGrant#

getAccessGrant(accessGrantVcUrl, options?): Promise<AccessGrant>

Retrieve the Access Grant associated to the given URL.

Since

0.4.0

Parameters#

Name

Type

Description

accessGrantVcUrl

string | URL

The URL of an access grant, with or without consent.

options?

AccessBaseOptions

Optional properties to customise the request behaviour.

Returns#

Promise<AccessGrant>

The Verifiable Credential associated to the given IRI, if it is an access grant. Throws otherwise.

Defined in#

src/manage/getAccessGrant.ts:38


getAccessGrantAll#

getAccessGrantAll(resource, params?, options?): Promise<VerifiableCredential[]>

Retrieve Access Grants issued over a resource. Can be filtered by requestor, access and purpose.

Since

0.4.0

Parameters#

Name

Type

Description

resource

string | URL

The URL of a resource to which access grants might have been issued.

params

Partial<Pick<InputAccessRequestParameters, "access" | "purpose"> & { requestor: string }>

-

options

AccessBaseOptions & { includeExpired?: boolean }

Optional parameter: - options.fetch: An alternative fetch function to make the HTTP request, compatible with the browser-native fetch API. This can be typically used for authentication. Note that if it is omitted, and @inrupt/solid-client-authn-browser is in your dependencies, the default session is picked up. - options.includeExpiredGrants: include expired grants in the result set.

Returns#

Promise<VerifiableCredential[]>

A void promise.

Defined in#

src/manage/getAccessGrantAll.ts:51


getAccessRequestFromRedirectUrl#

getAccessRequestFromRedirectUrl(redirectUrl, options?): Promise<{ accessRequest: AccessRequest ; requestorRedirectUrl: UrlString }>

Get the Access Request out of the incoming redirect from the Access Management app.

Since

0.5.0

Parameters#

Name

Type

Description

redirectUrl

string | URL

The URL the user has been redirected to from the access management app.

options

Object

Optional properties to customise the behaviour: - fetch: an authenticated fetch function. If not provided, the default session from @inrupt/solid-client-authn-browser will be used if available.

options.fetch?

(input: RequestInfo | URL, init?: RequestInit) => Promise<Response>

-

Returns#

Promise<{ accessRequest: AccessRequest ; requestorRedirectUrl: UrlString }>

An Access Request, and the URL to which the corresponding grant should be sent when redirecting the resource owner back to the requestor.

Defined in#

src/manage/getAccessRequestFromRedirectUrl.ts:44


redirectToRequestor#

redirectToRequestor(accessGrantVcId, redirectUrl, options?): Promise<void>

Redirect the user to the client which requested Access to a Resource. The Access Grant is sent as part of the redirect.

Since

0.5.0

Parameters#

Name

Type

Description

accessGrantVcId

string | URL

The ID of the Access Grant VC, which should be a URL

redirectUrl

string | URL

The URL where the client requesting access expects the user to be redirected

options

RedirectOptions

If you are in a NodeJS environment, you must specify a callback to handle the redirection.

Returns#

Promise<void>

A never resolving promise: the user is expected to be redirected away from the page by this call, so no code should be expected to run in that context after the redirect.

Defined in#

src/manage/redirectToRequestor.ts:44


revokeAccessGrant#

revokeAccessGrant(vc, options?): Promise<void>

Makes a request to the access server to revoke a given Verifiable Credential (VC).

Since

0.4.0

Parameters#

Name

Type

Description

vc

string | URL | VerifiableCredential

Either a VC, or a URL to a VC, to be revoked.

options

Omit<AccessBaseOptions, "accessEndpoint">

Optional properties to customise the request behaviour.

Returns#

Promise<void>

A void promise.

Defined in#

src/manage/revokeAccessGrant.ts:39