@aserto/aserto-spa-js
v0.4.0
Published
Aserto single-page application JavaScript SDK
Downloads
107
Readme
Aserto single-page application JavaScript SDK
Loosely modeled after the Auth0 SPA SDK.
Installation
Using npm:
npm install @aserto/aserto-spa-js
Using yarn:
yarn add @aserto/aserto-spa-js
Getting Started
Creating the client
Create an AsertoClient
instance before rendering or initializing your application. You should only have one instance of the client.
You need a valid access token before you can instantiate the client. For
the next few examples, the accessToken
variable is assumed to contain a
valid access token.
To obtain one via Auth0 (for example), use code like this:
// get a valid access token, e.g. from Auth0 getTokenSilently()
import createAuth0Client from '@auth0/auth0-spa-js';
const auth0 = await createAuth0Cient(
domain: '<AUTH0_DOMAIN>',
client_id: '<AUTH0_CLIENT_ID>',
redirect_uri: '<MY_CALLBACK_URL>'
);
const accessToken = await auth0.getTokenSilently();
Create an AsertoClient
in the following way:
import createAsertoClient from '@aserto/aserto-spa-js';
const aserto = await createAsertoClient({
accessToken: accessToken, // valid access token
serviceUrl: 'https://service-url', // defaults to window.location.origin
policyRoot: 'policyRoot', // policy root specified in the policy manifest
endpoint: '/__displaystatemap' // access map endpoint, defaults to /__displaystatemap
});
// or you can just instantiate the client on its own
import { AsertoClient } from '@aserto/aserto-spa-js';
const aserto = new AsertoClient({
accessToken: accessToken,
serviceUrl: 'https://service-url', // defaults to window.location.origin
policyRoot: 'policyRoot', // policy root specified in the policy manifest
endpoint: '/__displaystatemap' // access map endpoint, defaults to /__displaystatemap
});
// explicitly load
await aserto.reload();
Usage
createAsertoClient(options, body)
Create an AsertoClient
with the options
provided, and pass the optional body
to the reload(body)
call that initializes the client.
displayStateMap()
Retrieves a JavaScript object that holds the display state map
console.log(aserto.displayStateMap());
getDisplayState('method', 'path', 'policyRoot')
Retrieves the display state associated with a specific resource.
By convention, the method
argument is an HTTP method (GET, POST, PUT, DELETE), and the path
argument is in the form /path/to/resource
. It may contain a __id
component to indicate an parameter - for example, /mycars/__id
.
When both method
and path
are provided, the key into the displayStateMap
is
constructed as <policyRoot>/<METHOD>/<path>
. If the optional policyRoot
argument is
provided, it overrides the policyRoot
argument passed to init()
.
Finally, if only the method
argument is passed in, it is assumed to be a key into the displayStateMap
(typically in the form of <policyRoot>/<METHOD>/<path/to/resource>
).
The returned map will be in the following format:
{
visible: true,
enabled: false,
}
Check whether a verb / path combination is visible and enabled:
const method = 'GET';
const path = '/api/path';
const displayState = aserto.getDisplayState(method, path));
const isVisible = displayState.visible;
const isEnabled = displayState.enabled;
Log the display state values for each verb for the path:
const path = '/api/path';
for (const verb of ['GET', 'POST', 'PUT', 'DELETE']) {
const resource = aserto.getDisplayState(verb, path));
for (const value of ['visible', 'enabled']) {
console.log(`${verb} ${path} ${value} is ${resource[verb][value]}`);
}
}
reload(body, headers)
If the body
parameter is supplied, it is passed as the body of the POST call to
the __displaystatemap
API.
If the headers
parameter is supplied, these are provided as headers to the POST call to
the __displaystatemap
API.