@jolocom/cbas v0.2.0

In order to show how the CBAS module can be used in the context of an example use case, a set of tests were written and included in the repository. These tests showcase the currently supported API, and serve as a good example of how a developer would use the CBAS library to implement authorization for their use case.

We first show how an instance of the CBAS library can be used to issue capabilities authorizing the holder to perform some actions on certain resources. The tests for getGrantsForCapability and canGrantPrivilege further show how the issued capability can be evaluated against a governance framework document (specifically the SGL statements in the rules section) to grant certain defined privileges.

These useful helpers can aid the client in finding the appropriate capabilities for a request, and the server in evaluating / verifying received capabilities. The rest of the tests focus on the evaluateCapability and evaluateInvocation functions, which can be used to verify the signature and expiry date on a capability / invocation, and evaluate it against the rules defined in the governance framework.