@trace4eu/authorisation-wrapper
v0.0.11
Published
The `AuthorisationWrapper` class can be used for requesting an access token to the following authorisation servers: - EBSI Authorisation API: https://hub.ebsi.eu/apis/pilot/authorisation/v4. This is used by the `TimestampWrapper` and `TrackAndTraceWra
Downloads
16
Readme
Documentation: authorisation wrapper
The AuthorisationWrapper
class can be used for requesting an access token to the following authorisation servers:
EBSI Authorisation API: https://hub.ebsi.eu/apis/pilot/authorisation/v4.
This is used by theTimestampWrapper
andTrackAndTraceWrapper
for requesting an access token to EBSI, required value to consume EBSI Timestamp and Track and Trace apis.Trace4eu authorization server: https://api-dev-auth.trace4eu.eu/oauth2/token. This server is part of the authorization-and-authentication server of Trace4eu (https://github.com/trace4eu/authorization-and-authentication). The client needs to execute a Oauth client credentials flow by sending a jwt assertion It's used by the
vc-component
too when issuing EBSI verifiable credentials and when the authorization server issue and verify JWTs for managing the credential issuance process within the OIDC4VCI flow.
It depends on the SignatureWrapper
for making the signatures. In order to instantiate the EbsiAuthorisationApi
or the Trace4euAuthorisationApi
, the wallet is required.
Constructor
constructor(wallet: Wallet)
Creates a new instance of the Wallet
class.
Parameters:
isEnterprise: boolean
: flag to indicate if keys will be imported locally otherwise it will link to an Enterprise Wallet.did: string
: it represents the did of the entity.entityKeys: KeyPairData[]
: array of keys in hex format. You need to specify the algorithm of each key.
Example:
const did = 'did:ebsi:zobuuYAHkAbRFCcqdcJfTgR'; const entityKeys = [ { alg: Algorithm.ES256K, privateKeyHex: '<ecc private key>', kid: '<optional key identifier>' }, { alg: Algorithm.ES256, privateKeyHex: '<ecc private key>',, kid: '<optional key identifier>' }, ]; const wallet = WalletFactory.createInstance(false, did, entityKeys);
EbsiAuthorisationApi(wallet: Wallet)
Creates a new instance of the EbsiAuthorisationApi
class.
Parameters:
wallet: Wallet
: wallet will be used for
Example:
const ebsiAuthorisationApi = new EbsiAuthorisationApi(wallet);
Trace4euAuthorisationApi(wallet: Wallet)
Creates a new instance of the Trace4euAuthorisationApi
class.
Parameters:
wallet: Wallet
: wallet will be used for
Example:
const trace4euAuthorisationApi = new Trace4euAuthorisationApi(wallet);
Methods
getAccessToken
Request an access token to the corresponding authorization server.
Parameters:
alg: string
: algorithm to be used.scope: string
: scope to be requestedcredentials: string | string[]
: ebsi authz server is an OIDC4VP server and vp_token needs to be presented with the required VCs according to the presentation definition
Returns:
Promise<string>
: access token
Example:
const ebsiAccessToken = await ebsiAuthorisationApi.getAccessToken( 'ES256', 'tnt_create', [], ); const trace4euAccessToken = await trace4euAuthorisationApi.getAccessToken( 'ES256', 'ocs:read', );