apply permissions api changes to agent implementations

decentralized-identity · Aug 10, 2024 · 88cb2e3 · 88cb2e3
1 parent 0961451
commit 88cb2e3
Show file tree

Hide file tree

Showing 7 changed files with 61 additions and 18 deletions.
diff --git a/packages/agent/src/permissions-api.ts b/packages/agent/src/permissions-api.ts
@@ -1,4 +1,4 @@
-import { PermissionGrantData, PermissionsProtocol } from '@tbd54566975/dwn-sdk-js';
+import { PermissionGrantData, PermissionRevocationData, PermissionsProtocol } from '@tbd54566975/dwn-sdk-js';
 import { DwnPermissionsUtil } from './dwn-permissions-util.js';
 import { Web5Agent } from './types/agent.js';
 import { DwnDataEncodedRecordsWriteMessage, DwnInterface, DwnMessageParams, DwnPermissionGrant, DwnPermissionRequest, DwnPermissionScope } from './types/dwn.js';
@@ -51,7 +51,6 @@ export type CreateRevocationParams = {
   author: string;
   grant: DwnPermissionGrant;
   description?: string;
-  dateRevoked?: string;
 }
 
 export interface PermissionsApi {
@@ -243,16 +242,33 @@ export class AgentPermissionsApi implements PermissionsApi {
 
   async createRevocation(params: CreateRevocationParams): Promise<PermissionRevocationEntry> {
     const { author, store = false, ...createRevocationParams } = params;
-    const { recordsWrite, permissionRevocationBytes } = await PermissionsProtocol.createRevocation(createRevocationParams);
+
+    const revokeData: PermissionRevocationData = {
+      description: createRevocationParams.description,
+    };
+
+    const permissionRevocationBytes = Convert.object(revokeData).toUint8Array();
+
+    let tags = undefined;
+    if (PermissionsProtocol.hasProtocolScope(createRevocationParams.grant.scope)) {
+      tags = { protocol: createRevocationParams.grant.scope.protocol };
+    }
+
+    const messageParams: DwnMessageParams[DwnInterface.RecordsWrite] = {
+      parentContextId : createRevocationParams.grant.id,
+      protocol        : PermissionsProtocol.uri,
+      protocolPath    : PermissionsProtocol.revocationPath,
+      dataFormat      : 'application/json',
+      tags
+    };
+
     const { reply, message } = await this.agent.processDwnRequest({
       store,
       author,
-      target        : author,
-      messageType   : DwnInterface.RecordsWrite,
-      messageParams : {
-        ...recordsWrite.message.descriptor,
-      },
-      dataStream: new Blob([ permissionRevocationBytes ])
+      target      : author,
+      messageType : DwnInterface.RecordsWrite,
+      messageParams,
+      dataStream  : new Blob([ permissionRevocationBytes ])
     });
 
     if (reply.status.code !== 202) {

diff --git a/packages/identity-agent/src/identity-agent.ts b/packages/identity-agent/src/identity-agent.ts
@@ -1,4 +1,4 @@
-import type {
+import {
   Web5Rpc,
   DidRequest,
   VcResponse,
@@ -11,6 +11,7 @@ import type {
   ProcessVcRequest,
   ProcessDwnRequest,
   Web5PlatformAgent,
+  AgentPermissionsApi,
 } from '@web5/agent';
 
 import { LevelStore } from '@web5/common';
@@ -77,6 +78,8 @@ export type AgentParams<TKeyManager extends AgentKeyManager = LocalKeyManager> =
   identityApi: AgentIdentityApi<TKeyManager>;
   /** Responsible for securely managing the cryptographic keys of the agent. */
   keyManager: TKeyManager;
+  /** Facilitates fetching, requesting, creating, revoking and validating revocation status of permissions */
+  permissionsApi: AgentPermissionsApi;
   /** Remote procedure call (RPC) client used to communicate with other Web5 services. */
   rpcClient: Web5Rpc;
   /** Facilitates data synchronization of DWN records between nodes. */
@@ -89,6 +92,7 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
   public dwn: AgentDwnApi;
   public identity: AgentIdentityApi<TKeyManager>;
   public keyManager: TKeyManager;
+  public permissions: AgentPermissionsApi;
   public rpc: Web5Rpc;
   public sync: AgentSyncApi;
   public vault: HdIdentityVault;
@@ -102,6 +106,7 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
     this.dwn = params.dwnApi;
     this.identity = params.identityApi;
     this.keyManager = params.keyManager;
+    this.permissions = params.permissionsApi;
     this.rpc = params.rpcClient;
     this.sync = params.syncApi;
     this.vault = params.agentVault;
@@ -111,6 +116,7 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
     this.dwn.agent = this;
     this.identity.agent = this;
     this.keyManager.agent = this;
+    this.permissions.agent = this;
     this.sync.agent = this;
   }
 
@@ -133,7 +139,7 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
    */
   public static async create({
     dataPath = 'DATA/AGENT',
-    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, rpcClient, syncApi
+    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, permissionsApi, rpcClient, syncApi
   }: Partial<AgentParams> = {}
   ): Promise<Web5IdentityAgent> {
 
@@ -158,6 +164,8 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
 
     keyManager ??= new LocalKeyManager({ keyStore: new DwnKeyStore() });
 
+    permissionsApi ??= new AgentPermissionsApi();
+
     rpcClient ??= new Web5RpcClient();
 
     syncApi ??= new AgentSyncApi({ syncEngine: new SyncEngineLevel({ dataPath }) });
@@ -170,6 +178,7 @@ export class Web5IdentityAgent<TKeyManager extends AgentKeyManager = LocalKeyMan
       didApi,
       dwnApi,
       keyManager,
+      permissionsApi,
       identityApi,
       rpcClient,
       syncApi

diff --git a/packages/identity-agent/tests/identity-agent.spec.ts b/packages/identity-agent/tests/identity-agent.spec.ts
@@ -23,7 +23,7 @@ describe('Web5IdentityAgent', () => {
   describe('agentDid', () => {
     it('throws an error if accessed before the Agent is initialized', async () => {
       // @ts-expect-error - Initializing with empty object to test error.
-      const identityAgent = new Web5IdentityAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, syncApi: {} });
+      const identityAgent = new Web5IdentityAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, syncApi: {}, permissionsApi: {} });
       try {
         identityAgent.agentDid;
         throw new Error('Expected an error');

diff --git a/packages/proxy-agent/src/proxy-agent.ts b/packages/proxy-agent/src/proxy-agent.ts
@@ -1,4 +1,4 @@
-import type {
+import {
   Web5Rpc,
   DidRequest,
   VcResponse,
@@ -11,6 +11,7 @@ import type {
   ProcessVcRequest,
   ProcessDwnRequest,
   Web5PlatformAgent,
+  AgentPermissionsApi,
 } from '@web5/agent';
 
 import { LevelStore } from '@web5/common';
@@ -77,6 +78,8 @@ export type AgentParams<TKeyManager extends AgentKeyManager = LocalKeyManager> =
   identityApi: AgentIdentityApi<TKeyManager>;
   /** Responsible for securely managing the cryptographic keys of the agent. */
   keyManager: TKeyManager;
+  /** Facilitates fetching, requesting, creating, revoking and validating revocation status of permissions */
+  permissionsApi: AgentPermissionsApi;
   /** Remote procedure call (RPC) client used to communicate with other Web5 services. */
   rpcClient: Web5Rpc;
   /** Facilitates data synchronization of DWN records between nodes. */
@@ -89,6 +92,7 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
   public dwn: AgentDwnApi;
   public identity: AgentIdentityApi<TKeyManager>;
   public keyManager: TKeyManager;
+  public permissions: AgentPermissionsApi;
   public rpc: Web5Rpc;
   public sync: AgentSyncApi;
   public vault: HdIdentityVault;
@@ -102,6 +106,7 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
     this.dwn = params.dwnApi;
     this.identity = params.identityApi;
     this.keyManager = params.keyManager;
+    this.permissions = params.permissionsApi;
     this.rpc = params.rpcClient;
     this.sync = params.syncApi;
     this.vault = params.agentVault;
@@ -111,6 +116,7 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
     this.dwn.agent = this;
     this.identity.agent = this;
     this.keyManager.agent = this;
+    this.permissions.agent = this;
     this.sync.agent = this;
   }
 
@@ -133,7 +139,7 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
    */
   public static async create({
     dataPath = 'DATA/AGENT',
-    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, rpcClient, syncApi
+    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, permissionsApi, rpcClient, syncApi
   }: Partial<AgentParams> = {}
   ): Promise<Web5ProxyAgent> {
 
@@ -156,6 +162,8 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
 
     identityApi ??= new AgentIdentityApi({ store: new DwnIdentityStore() });
 
+    permissionsApi ??= new AgentPermissionsApi();
+
     keyManager ??= new LocalKeyManager({ keyStore: new DwnKeyStore() });
 
     rpcClient ??= new Web5RpcClient();
@@ -170,6 +178,7 @@ export class Web5ProxyAgent<TKeyManager extends AgentKeyManager = LocalKeyManage
       didApi,
       dwnApi,
       keyManager,
+      permissionsApi,
       identityApi,
       rpcClient,
       syncApi

diff --git a/packages/proxy-agent/tests/proxy-agent.spec.ts b/packages/proxy-agent/tests/proxy-agent.spec.ts
@@ -23,7 +23,7 @@ describe('Web5ProxyAgent', () => {
   describe('agentDid', () => {
     it('throws an error if accessed before the Agent is initialized', async () => {
       // @ts-expect-error - Initializing with empty object to test error.
-      const userAgent = new Web5ProxyAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, syncApi: {} });
+      const userAgent = new Web5ProxyAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, permissionsApi: {}, syncApi: {} });
       try {
         userAgent.agentDid;
         throw new Error('Expected an error');

diff --git a/packages/user-agent/src/user-agent.ts b/packages/user-agent/src/user-agent.ts
@@ -1,4 +1,4 @@
-import type {
+import {
   Web5Rpc,
   DidRequest,
   VcResponse,
@@ -11,6 +11,7 @@ import type {
   ProcessVcRequest,
   ProcessDwnRequest,
   Web5PlatformAgent,
+  AgentPermissionsApi,
 } from '@web5/agent';
 
 import { LevelStore } from '@web5/common';
@@ -77,6 +78,8 @@ export type AgentParams<TKeyManager extends AgentKeyManager = LocalKeyManager> =
   identityApi: AgentIdentityApi<TKeyManager>;
   /** Responsible for securely managing the cryptographic keys of the agent. */
   keyManager: TKeyManager;
+  /** Facilitates fetching, requesting, creating, revoking and validating revocation status of permissions */
+  permissionsApi: AgentPermissionsApi;
   /** Remote procedure call (RPC) client used to communicate with other Web5 services. */
   rpcClient: Web5Rpc;
   /** Facilitates data synchronization of DWN records between nodes. */
@@ -89,6 +92,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
   public dwn: AgentDwnApi;
   public identity: AgentIdentityApi<TKeyManager>;
   public keyManager: TKeyManager;
+  public permissions: AgentPermissionsApi;
   public rpc: Web5Rpc;
   public sync: AgentSyncApi;
   public vault: HdIdentityVault;
@@ -102,6 +106,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
     this.dwn = params.dwnApi;
     this.identity = params.identityApi;
     this.keyManager = params.keyManager;
+    this.permissions = params.permissionsApi;
     this.rpc = params.rpcClient;
     this.sync = params.syncApi;
     this.vault = params.agentVault;
@@ -111,6 +116,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
     this.dwn.agent = this;
     this.identity.agent = this;
     this.keyManager.agent = this;
+    this.permissions.agent = this;
     this.sync.agent = this;
   }
 
@@ -133,7 +139,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
    */
   public static async create({
     dataPath = 'DATA/AGENT',
-    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, rpcClient, syncApi
+    agentDid, agentVault, cryptoApi, didApi, dwnApi, identityApi, keyManager, permissionsApi, rpcClient, syncApi
   }: Partial<AgentParams> = {}
   ): Promise<Web5UserAgent> {
 
@@ -158,6 +164,8 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
 
     keyManager ??= new LocalKeyManager({ keyStore: new DwnKeyStore() });
 
+    permissionsApi ??= new AgentPermissionsApi();
+
     rpcClient ??= new Web5RpcClient();
 
     syncApi ??= new AgentSyncApi({ syncEngine: new SyncEngineLevel({ dataPath }) });
@@ -170,6 +178,7 @@ export class Web5UserAgent<TKeyManager extends AgentKeyManager = LocalKeyManager
       didApi,
       dwnApi,
       keyManager,
+      permissionsApi,
       identityApi,
       rpcClient,
       syncApi

diff --git a/packages/user-agent/tests/user-agent.spec.ts b/packages/user-agent/tests/user-agent.spec.ts
@@ -23,7 +23,7 @@ describe('Web5UserAgent', () => {
   describe('agentDid', () => {
     it('throws an error if accessed before the Agent is initialized', async () => {
       // @ts-expect-error - Initializing with empty object to test error.
-      const userAgent = new Web5UserAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, syncApi: {} });
+      const userAgent = new Web5UserAgent({ didApi: {}, dwnApi: {}, identityApi: {}, keyManager: {}, permissionsApi: {}, syncApi: {} });
       try {
         userAgent.agentDid;
         throw new Error('Expected an error');