Package io.fliqa.client.interledger.model

Class GrantAccessRequest

java.lang.Object
io.fliqa.client.interledger.model.GrantAccessRequest
public class GrantAccessRequest extends Object
Represents a request to grant access to resources using the GNAP protocol.

This class is used to initiate an access request to the authorization server in the Grant Negotiation and Authorization Protocol (GNAP). It contains the client identifier, the access token request specifying what permissions are being requested, and optionally the interaction methods for obtaining user consent.

The grant access request is typically the first step in the GNAP flow where the client requests permission to access protected resources on behalf of a resource owner. The request includes:

  • Client identification (wallet address)
  • Access token request with desired permissions
  • Optional interaction methods for user consent

Example usage: 

 GrantAccessRequest request = GrantAccessRequest.outgoing(
     clientWallet,
     AccessItemType.outgoingPayment,
     Set.of(AccessAction.create),
     quoteId,
     debitAmount
 );
 request.redirectInteract(returnUrl, nonce);
Since:
1.0
See Also:

  • Field Details

    • client

      public WalletAddress client
      The client identifier for this access request.

      This identifies the client application that is requesting access to protected resources. In the context of Interledger Open Payments, this is typically the wallet address of the client application.

      See Also:

    • accessToken

      public AccessToken accessToken
      The access token request specifying what permissions are being requested.

      This field contains the detailed specification of what access the client is requesting. It includes the types of resources, the actions that can be performed, and any limits or constraints on the access.

      See Also:

    • interact

      public AccessInteract interact
      Optional interaction methods for obtaining user consent.

      This field specifies how the client can interact with the authorization server to obtain consent from the resource owner. If not present, the authorization server may use its default interaction methods or deny the request if interaction is required.

      See Also:

  • Constructor Details

    • GrantAccessRequest

      public GrantAccessRequest(WalletAddress clientWalletAddress)
      Constructs a new grant access request for the specified client.
      Parameters:
      clientWalletAddress - the client wallet address making the access request
      Throws:
      IllegalArgumentException - if client is null

  • Method Details

    • build

      public static GrantAccessRequest build(WalletAddress clientWallet, AccessItemType accessType, Set<AccessAction> accessActions)
      Helper method to quickly assemble a basic access request.

      This method creates a grant access request with the specified client wallet address, access type, and actions. It automatically creates the necessary access token and access item structures.

      Parameters:
      clientWallet - the client wallet address making the request
      accessType - the type of access being requested (incoming/outgoing)
      accessActions - the set of actions to be performed
      Returns:
      a new GrantAccessRequest instance configured with the specified parameters

    • outgoing

      public static GrantAccessRequest outgoing(WalletAddress clientWallet, AccessItemType accessType, Set<AccessAction> accessActions, URI identifier, InterledgerAmount debitAmount)
      Creates a grant access request for outgoing payment operations.

      This method creates a specialized access request for outgoing payments, including the specific identifier and debit amount limits. It's commonly used when requesting permission to create outgoing payments with specific constraints.

      Parameters:
      clientWallet - the client wallet address making the request
      accessType - the type of access being requested (typically outgoingPayment)
      accessActions - the set of actions to be performed (typically create)
      identifier - the URI identifier for the specific resource (e.g., quote ID)
      debitAmount - the maximum amount that can be debited
      Returns:
      a new GrantAccessRequest configured for outgoing payments

    • redirectInteract

      public GrantAccessRequest redirectInteract(URI returnUrl, String nonce)
      Configures this request to use redirect-based interaction.

      This method sets up the request to use browser-based redirect interaction for obtaining user consent. The authorization server will redirect the user to the specified return URL after the interaction is complete.

      Parameters:
      returnUrl - the URL to return to when interaction is finished, or null to omit
      nonce - a unique value to prevent replay attacks during the interaction
      Returns:
      this GrantAccessRequest instance for method chaining