@inrupt/solid-client-access-grants / manage

Module: manage#

Import this module for the access API functions available to an entity managing access requests over resources.

Type Aliases#

ApproveAccessRequestOverrides#

Ƭ ApproveAccessRequestOverrides: Omit<Omit<AccessGrantParameters, "status">, "expirationDate"> & { expirationDate?: Date | null }

Defined in#

src/manage/approveAccessRequest.ts:44

Variables#

GRANT_VC_URL_PARAM_NAME#

• Const GRANT_VC_URL_PARAM_NAME: "accessGrantUrl"

Defined in#

src/manage/redirectToRequestor.ts:26

Functions#

approveAccessRequest#

▸ approveAccessRequest(requestVc, requestOverride?, options?): Promise<AccessGrant>

Approve an access request. The content of the approved access request is provided as a Verifiable Credential which properties may be overriden if necessary.

Since

0.0.1.

Parameters#

Name	Type	Description
`requestVc`	`string` \| `URL` \| `VerifiableCredential`	The Verifiable Credential representing the Access Request. If not conform to an Access Request, the function will throw.
`requestOverride?`	`Partial`<`ApproveAccessRequestOverrides`>	Elements overriding information from the provided Verifiable Credential.
`options?`	`AccessBaseOptions`	Optional properties to customise the access grant behaviour.

Returns#

Promise<AccessGrant>

A Verifiable Credential representing the granted access.

Defined in#

src/manage/approveAccessRequest.ts:163

▸ approveAccessRequest(requestVc, requestOverride, options?): Promise<AccessGrant>

Approve an access request. The content of the approved access request is provided as a set of claims, and no input Verifiable Credential is expected.

Since

0.0.1.

Parameters#

Name	Type	Description
`requestVc`	`undefined`	A Verifiable Credential that would represent the Access Request if provided.
`requestOverride`	`ApproveAccessRequestOverrides`	Claims constructing the Access Grant.
`options?`	`AccessBaseOptions`	Optional properties to customise the access grant behaviour.

Returns#

Promise<AccessGrant>

A Verifiable Credential representing the granted access.

Defined in#

src/manage/approveAccessRequest.ts:180

denyAccessRequest#

▸ denyAccessRequest(vc, options?): Promise<VerifiableCredential>

Deny an access request. The content of the denied access request is provided as a Verifiable Credential.

Since

0.0.1

Parameters#

Name	Type	Description
`vc`	`string` \| `URL` \| `VerifiableCredential`	The Verifiable Credential representing the Access Request. If not conform to an Access Request, the function will throw.
`options?`	`AccessBaseOptions`	Optional properties to customise the access denial behaviour.

Returns#

Promise<VerifiableCredential>

A Verifiable Credential representing the denied access.

Defined in#

src/manage/denyAccessRequest.ts:73

▸ denyAccessRequest(resourceOwner, vc, options?): Promise<VerifiableCredential>

Deprecated

Please remove the resourceOwner parameter.

Parameters#

Name	Type
`resourceOwner`	`string`
`vc`	`string` \| `URL` \| `VerifiableCredential`
`options?`	`AccessBaseOptions`

Returns#

Promise<VerifiableCredential>

Defined in#

src/manage/denyAccessRequest.ts:80

getAccessGrant#

▸ getAccessGrant(accessGrantVcUrl, options?): Promise<AccessGrant>

Retrieve the Access Grant associated to the given URL.

Since

0.4.0

Parameters#

Name	Type	Description
`accessGrantVcUrl`	`string` \| `URL`	The URL of an access grant, with or without consent.
`options?`	`AccessBaseOptions`	Optional properties to customise the request behaviour.

Returns#

Promise<AccessGrant>

The Verifiable Credential associated to the given IRI, if it is an access grant. Throws otherwise.

Defined in#

src/manage/getAccessGrant.ts:38

getAccessGrantAll#

▸ getAccessGrantAll(resource, params?, options?): Promise<VerifiableCredential[]>

Retrieve Access Grants issued over a resource. Can be filtered by requestor, access and purpose.

Since

0.4.0

Parameters#

Name	Type	Description
`resource`	`string` \| `URL`	The URL of a resource to which access grants might have been issued.
`params`	`Partial`<`Pick`<`InputAccessRequestParameters`, `"access"` \| `"purpose"`> & { `requestor`: `string` }>	-
`options`	`AccessBaseOptions` & { `includeExpired?`: `boolean` }	Optional parameter: - `options.fetch`: An alternative `fetch` function to make the HTTP request, compatible with the browser-native fetch API. This can be typically used for authentication. Note that if it is omitted, and `@inrupt/solid-client-authn-browser` is in your dependencies, the default session is picked up. - `options.includeExpiredGrants`: include expired grants in the result set.

Returns#

Promise<VerifiableCredential[]>

A void promise.

Defined in#

src/manage/getAccessGrantAll.ts:51

getAccessRequestFromRedirectUrl#

▸ getAccessRequestFromRedirectUrl(redirectUrl, options?): Promise<{ accessRequest: AccessRequest ; requestorRedirectUrl: UrlString }>

Get the Access Request out of the incoming redirect from the Access Management app.

Since

0.5.0

Parameters#

Name	Type	Description
`redirectUrl`	`string` \| `URL`	The URL the user has been redirected to from the access management app.
`options`	`Object`	Optional properties to customise the behaviour: - fetch: an authenticated fetch function. If not provided, the default session from @inrupt/solid-client-authn-browser will be used if available.
`options.fetch?`	(`input`: `RequestInfo` \| `URL`, `init?`: `RequestInit`) => `Promise`<`Response`>	-

Returns#

Promise<{ accessRequest: AccessRequest ; requestorRedirectUrl: UrlString }>

An Access Request, and the URL to which the corresponding grant should be sent when redirecting the resource owner back to the requestor.

Defined in#

src/manage/getAccessRequestFromRedirectUrl.ts:44

redirectToRequestor#

▸ redirectToRequestor(accessGrantVcId, redirectUrl, options?): Promise<void>

Redirect the user to the client which requested Access to a Resource. The Access Grant is sent as part of the redirect.

Since

0.5.0

Parameters#

Name	Type	Description
`accessGrantVcId`	`string` \| `URL`	The ID of the Access Grant VC, which should be a URL
`redirectUrl`	`string` \| `URL`	The URL where the client requesting access expects the user to be redirected
`options`	`RedirectOptions`	If you are in a NodeJS environment, you must specify a callback to handle the redirection.

Returns#

Promise<void>

A never resolving promise: the user is expected to be redirected away from the page by this call, so no code should be expected to run in that context after the redirect.

Defined in#

src/manage/redirectToRequestor.ts:44

revokeAccessGrant#

▸ revokeAccessGrant(vc, options?): Promise<void>

Makes a request to the access server to revoke a given Verifiable Credential (VC).

Since

0.4.0

Parameters#

Name	Type	Description
`vc`	`string` \| `URL` \| `VerifiableCredential`	Either a VC, or a URL to a VC, to be revoked.
`options`	`Omit`<`AccessBaseOptions`, `"accessEndpoint"`>	Optional properties to customise the request behaviour.

Returns#

Promise<void>

A void promise.

Defined in#

src/manage/revokeAccessGrant.ts:39