/
index.d.ts
124 lines (107 loc) · 3.79 KB
/
index.d.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
import {
JsonRpcEngine,
JsonRpcEngineEndCallback,
JsonRpcEngineNextCallback,
JsonRpcMiddleware,
JsonRpcRequest,
JsonRpcResponse,
} from 'json-rpc-engine';
import { IOcapLdCapability } from './ocap-ld';
export type AuthenticatedJsonRpcMiddleware = (
domain: IOriginMetadata,
req: JsonRpcRequest<any>,
res: JsonRpcResponse<any>,
next: JsonRpcEngineNextCallback,
end: JsonRpcEngineEndCallback,
) => void;
/**
* Used for prompting the user about a proposed new permission.
* Includes information about the domain granted, as well as the permissions assigned.
*/
export interface IPermissionsRequest {
metadata: IPermissionsRequestMetadata ;
permissions: IRequestedPermissions;
}
export interface IPermissionsRequestMetadata {
id: string;
origin: IOriginString;
}
export interface IOriginMetadata {
origin: IOriginString;
}
/**
* The format submitted by a domain to request an expanded set of permissions.
* Assumes knowledge of the requesting domain's context.
*
* Uses a map to emphasize that there will ultimately be one set of permissions per domain per method.
*
* Is a key-value store of method names, to IMethodRequest objects, which have a caveats array.
*/
export interface IRequestedPermissions {
[methodName: string]: IMethodRequest;
}
/**
* Object used to request a given permission within reasonable terms.
* This can be an empty object, but can also include a caveat array.
*/
type IMethodRequest = Partial<IOcapLdCapability>;
export type UserApprovalPrompt = (permissionsRequest: IPermissionsRequest) => Promise<IRequestedPermissions>;
export interface RpcCapDomainEntry {
permissions: IOcapLdCapability[];
}
type IOriginString = string;
export interface CapabilitiesConfig {
requestUserApproval: UserApprovalPrompt;
engine?: JsonRpcEngine;
initState?: CapabilitiesConfig;
methodPrefix?: string;
restrictedMethods?: RestrictedMethodMap;
safeMethods?: string[];
}
interface RpcCapDomainRegistry {
[domain: string]: RpcCapDomainEntry;
}
export interface CapabilitiesState {
domains: RpcCapDomainRegistry;
}
export interface RestrictedMethodEntry {
description: string;
method: PermittedJsonRpcMiddleware;
}
export interface PermittedJsonRpcMiddleware extends JsonRpcMiddleware {
(req: JsonRpcRequest<any>, res: JsonRpcResponse<any>, next: JsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, engine?: JsonRpcEngine): void;
}
export interface RestrictedMethodMap {
[key: string]: RestrictedMethodEntry;
}
export interface RpcCapInterface {
getPermissionsForDomain: (domain: string) => IOcapLdCapability[];
getPermission: (domain: string, method: string) => IOcapLdCapability | undefined;
getPermissionsRequests: () => IPermissionsRequest[];
grantNewPermissions (
domain: string,
approved: IRequestedPermissions,
res: JsonRpcResponse<any>,
end: JsonRpcEngineEndCallback,
granter?: string
): void;
getDomains: () => RpcCapDomainRegistry;
setDomains: (domains: RpcCapDomainRegistry) => void;
getDomainSettings: (domain: string) => RpcCapDomainEntry | undefined;
getOrCreateDomainSettings: (domain: string) => RpcCapDomainEntry;
setDomain: (domain: string, settings: RpcCapDomainEntry) => void;
addPermissionsFor: (
domainName: string,
newPermissions: {
[methodName: string]: IOcapLdCapability;
}
) => void;
removePermissionsFor: (domain: string, permissionsToRemove: IOcapLdCapability[]) => void;
createBoundMiddleware: (domain: string) => PermittedJsonRpcMiddleware;
createPermissionedEngine: (domain: string) => JsonRpcEngine;
// Injected permissions-handling methods:
providerMiddlewareFunction: AuthenticatedJsonRpcMiddleware;
getPermissionsMiddleware: AuthenticatedJsonRpcMiddleware;
requestPermissionsMiddleware: AuthenticatedJsonRpcMiddleware;
executeMethod: AuthenticatedJsonRpcMiddleware;
}