From 6f316dcc2a56ce4f6bf7a312fc946131d84aab2e Mon Sep 17 00:00:00 2001 From: Aaron Coburn Date: Mon, 8 May 2023 18:23:23 -0400 Subject: [PATCH] JCL-342: Use correct data subject property for access requests --- .../inrupt/client/accessgrant/AccessGrant.java | 7 ++++++- .../client/accessgrant/AccessGrantClient.java | 18 ++++++++++++++---- access-grant/src/test/resources/vc-5.json | 2 +- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrant.java b/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrant.java index 13c3c6fa811..feb69d0071f 100644 --- a/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrant.java +++ b/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrant.java @@ -103,7 +103,12 @@ protected AccessGrant(final String grant) throws IOException { final Optional person = asUri(consent.get("isProvidedToPerson")); final Optional controller = asUri(consent.get("isProvidedToController")); final Optional other = asUri(consent.get("isProvidedTo")); - this.grantee = person.orElseGet(() -> controller.orElseGet(() -> other.orElse(null))); + final Optional dataSubject = asUri(consent.get("isConsentForDataSubject")); + if (subject.containsKey("hasConsent")) { + this.grantee = dataSubject.orElse(null); + } else { + this.grantee = person.orElseGet(() -> controller.orElseGet(() -> other.orElse(null))); + } this.modes = asSet(consent.get("mode")).orElseGet(Collections::emptySet); this.resources = asSet(consent.get("forPersonalData")).orElseGet(Collections::emptySet) .stream().map(URI::create).collect(Collectors.toSet()); diff --git a/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrantClient.java b/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrantClient.java index 800282c664e..b745bc6c335 100644 --- a/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrantClient.java +++ b/access-grant/src/main/java/com/inrupt/client/accessgrant/AccessGrantClient.java @@ -175,6 +175,9 @@ public AccessGrantClient session(final Session session) { */ public CompletionStage issue(final URI type, final URI agent, final Set resources, final Set modes, final Set purposes, final Instant expiration) { + Objects.requireNonNull(type, "Access Grant type may not be null!"); + Objects.requireNonNull(resources, "Resources may not be null!"); + Objects.requireNonNull(modes, "Access modes may not be null!"); return v1Metadata().thenCompose(metadata -> { final Map data; if (ACCESS_GRANT.equals(type)) { @@ -522,6 +525,7 @@ static URI asUri(final Object value) { static Map buildAccessGrantv1(final URI agent, final Set resources, final Set modes, final Instant expiration, final Set purposes) { + Objects.requireNonNull(agent, "Access grant agent may not be null!"); final Map consent = new HashMap<>(); consent.put(MODE, modes); consent.put(HAS_STATUS, "https://w3id.org/GConsent#ConsentStatusExplicitlyGiven"); @@ -536,7 +540,9 @@ static Map buildAccessGrantv1(final URI agent, final Set re final Map credential = new HashMap<>(); credential.put(CONTEXT, Arrays.asList(VC_CONTEXT_URI, INRUPT_CONTEXT_URI)); - credential.put("expirationDate", expiration.truncatedTo(ChronoUnit.SECONDS).toString()); + if (expiration != null) { + credential.put("expirationDate", expiration.truncatedTo(ChronoUnit.SECONDS).toString()); + } credential.put(CREDENTIAL_SUBJECT, subject); final Map data = new HashMap<>(); @@ -547,10 +553,12 @@ static Map buildAccessGrantv1(final URI agent, final Set re static Map buildAccessRequestv1(final URI agent, final Set resources, final Set modes, final Instant expiration, final Set purposes) { final Map consent = new HashMap<>(); - consent.put(MODE, modes); consent.put(HAS_STATUS, "https://w3id.org/GConsent#ConsentStatusRequested"); + consent.put(MODE, modes); consent.put(FOR_PERSONAL_DATA, resources); - consent.put(IS_PROVIDED_TO_PERSON, agent); + if (agent != null) { + consent.put("isConsentForDataSubject", agent); + } if (!purposes.isEmpty()) { consent.put("forPurpose", purposes); } @@ -560,7 +568,9 @@ static Map buildAccessRequestv1(final URI agent, final Set final Map credential = new HashMap<>(); credential.put(CONTEXT, Arrays.asList(VC_CONTEXT_URI, INRUPT_CONTEXT_URI)); - credential.put("expirationDate", expiration.truncatedTo(ChronoUnit.SECONDS).toString()); + if (expiration != null) { + credential.put("expirationDate", expiration.truncatedTo(ChronoUnit.SECONDS).toString()); + } credential.put(CREDENTIAL_SUBJECT, subject); final Map data = new HashMap<>(); diff --git a/access-grant/src/test/resources/vc-5.json b/access-grant/src/test/resources/vc-5.json index 3f2cdcad566..1e1b5280ea6 100644 --- a/access-grant/src/test/resources/vc-5.json +++ b/access-grant/src/test/resources/vc-5.json @@ -19,7 +19,7 @@ "hasConsent":{ "mode":["Read","Append"], "hasStatus":"https://w3id.org/GConsent#ConsentStatusRequested", - "isProvidedToPerson":"https://id.test/agent", + "isConsentForDataSubject":"https://id.test/agent", "forPurpose":["https://purpose.test/Purpose1"], "forPersonalData":["https://storage.test/data/"]}}, "proof":{