chore: debugging & cleaunup

Signed-off-by: Wouter Termont <[email protected]>

demo/flow.ts

@@ -1,7 +1,11 @@
 /* eslint-disable max-len */
 
 import { fetch } from 'cross-fetch';
-import { Parser, Store } from 'n3';
+import { Parser, Writer, Store } from 'n3';
+import { demoPolicy } from "./policyCreation";
+
+const parser = new Parser();
+const writer = new Writer();
 
 const terms = {
   solid: {
@@ -14,64 +18,31 @@ const terms = {
   filters: {
     bday: 'http://localhost:3000/catalog/public/filters/bday',
     age: 'http://localhost:3000/catalog/public/filters/age',
+  },
+  views: {
+    bday: 'http://localhost:3000/ruben/private/derived/bday',
+    age: 'http://localhost:3000/ruben/private/derived/age',
+  },
+  agents: {
+    ruben: 'http://localhost:3000/ruben/profile/card#me',
+    vendor: 'http://localhost:3000/demo/public/vendor',
+    present: 'http://localhost:3000/demo/public/bday-app',
+  },
+  scopes: {
+    read: 'urn:example:css:modes:read',
   }
 }
 
-const parser = new Parser();
-
-const privateRequest = async (resource_id: string, tokenEndpoint: string) => {
-  const claim_token = "http://localhost:3000/demo/public/bday-app"
-
-  const content = {
-    grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket',
-    claim_token: encodeURIComponent(claim_token),
-    claim_token_format: 'urn:solidlab:uma:claims:formats:webid',
-    // ticket,
-    permissions: [{
-      resource_id,
-      resource_scopes: [ 'urn:example:css:modes:read', 'urn:example:css:modes:write' ],
-    }]
-  };
-
-  const asRequestResponse = await fetch(tokenEndpoint, {
-      method: "POST",
-      headers: {
-        "content-type":"application/json"
-      },
-      body: JSON.stringify(content),
-  });
-
-  const asResponse = await asRequestResponse.json();
-  const tokenResponse = await fetch(resource_id, {
-    headers: { 'Authorization': `${asResponse.token_type} ${asResponse.access_token}` }
-  });
-}
-
-const log = (msg: string, obj?: any) => {
-  console.log('');
-  console.log(msg);
-  if (obj) {
-    console.log('\n');
-    console.log(obj);
-  }
-}
-
-function parseJwt (token:string) {
-  return JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
-}
-
 async function main() {
 
   log(`Alright, so, for the demo ...`);
 
-  const webId = 'http://localhost:3000/ruben/profile/card#me';
-
-  log(`Ruben V., a.k.a. <${webId}>, has some private data in <http://localhost:3000/ruben/private/data>.`);
+  log(`Ruben V., a.k.a. <${terms.agents.ruben}>, has some private data in <http://localhost:3000/ruben/private/data>.`);
 
   log(`Of course, he does not want everyone to be able to see all of his private data when they need just one aspect of it. Therefore, Ruben has installed two Views on his data, based on SPARQL filters from a public Catalog. (When and how this is done is out-of-scope for now.)`);
 
-  const webIdData = new Store(parser.parse(await (await fetch(webId)).text()));
-  const viewIndex = webIdData.getObjects(webId, terms.solid.viewIndex, null)[0].value;
+  const webIdData = new Store(parser.parse(await (await fetch(terms.agents.ruben)).text()));
+  const viewIndex = webIdData.getObjects(terms.agents.ruben, terms.solid.viewIndex, null)[0].value;
   const views = Object.fromEntries(webIdData.getObjects(viewIndex, terms.solid.entry, null).map(entry => {
     const filter = webIdData.getObjects(entry, terms.solid.filter, null)[0].value;
     const location = webIdData.getObjects(entry, terms.solid.location, null)[0].value;
@@ -83,11 +54,11 @@ async function main() {
   log(`(1) <${views[terms.filters.bday]}> filters out his birth date, according to the <${terms.filters.bday}> filter`);
   log(`(2) <${views[terms.filters.age]}> derives his age, according to the <${terms.filters.bday}> filter`);
 
-  const policyDir = 'http://localhost:3000/ruben/settings/policies/';
+  const policyContainer = 'http://localhost:3000/ruben/settings/policies/';
 
-  log(`Access to Ruben's data is based on policies he manages through his Authz Companion app, and which are stored in <${policyDir}>. (This is, of course, not publicly known.)`);
+  log(`Access to Ruben's data is based on policies he manages through his Authz Companion app, and which are stored in <${policyContainer}>. (This is, of course, not publicly known.)`);
 
-  const umaServer = webIdData.getObjects(webId, terms.solid.umaServer, null)[0].value;
+  const umaServer = webIdData.getObjects(terms.agents.ruben, terms.solid.umaServer, null)[0].value;
   const configUrl = new URL('.well-known/uma2-configuration', umaServer);
   const umaConfig = await (await fetch(configUrl)).json();
   const tokenEndpoint = umaConfig.token_endpoint;
@@ -101,17 +72,29 @@ async function main() {
 
   log(`Having been notified in some way of the access request, Ruben could go to his Authz Companion app, and add a policy allowing the requested access.`);
 
-  const privateResource = "http://localhost:3000/ruben/private/derived/age"
-  const claim_token = "http://localhost:3000/demo/public/bday-app"
+  const startDate = new Date();
+  const endDate = new Date(startDate.valueOf() + 14 * 24 * 60 * 60 * 1000);
+  const purpose = 'age-verification'
+  const policy = demoPolicy(terms.views.age, terms.agents.vendor, { startDate, endDate, purpose })
+
+  const policyCreationResponse = await fetch(policyContainer, {
+    method: 'POST',
+    headers: { 'content-type': 'text/turtle' },
+    body: writer.quadsToString(policy.representation.getQuads(null, null, null, null))
+  });
+
+  if (policyCreationResponse.status !== 201) { log('Adding a policy did not succeed...'); throw 0; }
+
+  log(`Now that the policy has been set, and the agent has possibly been notified in some way, the agent can try the access request again.`);
 
   const content = {
-    grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket',
-    claim_token: encodeURIComponent(claim_token),
+    // grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket',
+    claim_token: encodeURIComponent(terms.agents.vendor),
     claim_token_format: 'urn:solidlab:uma:claims:formats:webid',
     // ticket,
     permissions: [{
-      resource_id: privateResource,
-      resource_scopes: [ 'urn:example:css:modes:read' ],
+      resource_id: terms.views.age,
+      resource_scopes: [ terms.scopes.read ],
     }]
   };
 
@@ -121,9 +104,7 @@ async function main() {
 
   const asRequestResponse = await fetch(tokenEndpoint, {
       method: "POST",
-      headers: {
-        "content-type":"application/json"
-      },
+      headers: { "content-type":"application/json" },
       body: JSON.stringify(content),
   })
 
@@ -140,13 +121,13 @@ async function main() {
   console.log({ ...asResponse, access_token: asResponse.access_token.slice(0,10).concat('...') });
   console.log('\n');
 
-  // for (const permission of decodedToken.permissions) {
-  //   console.log(`Permissioned scopes for resource ${permission.resource_id}:`, permission.resource_scopes)
-  // }
+  for (const permission of decodedToken.permissions) {
+    console.log(`Permissioned scopes for resource ${permission.resource_id}:`, permission.resource_scopes)
+  }
 
-  console.log(`=== Trying to create private resource <${privateResource}> WITH access token.\n`);
+  console.log(`=== Trying to create private resource <${terms.views.age}> WITH access token.\n`);
 
-  const tokenResponse = await fetch(privateResource, {
+  const tokenResponse = await fetch(terms.views.age, {
     headers: { 'Authorization': `${asResponse.token_type} ${asResponse.access_token}` }
   });
 
@@ -157,3 +138,19 @@ async function main() {
 }
 
 main();
+
+
+/* Helper functions */
+
+function parseJwt (token:string) {
+  return JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
+}
+
+function log(msg: string, obj?: any) {
+  console.log('');
+  console.log(msg);
+  if (obj) {
+    console.log('\n');
+    console.log(obj);
+  }
+}