{"id":19123040,"url":"https://github.com/digitalbazaar/ezcap","last_synced_at":"2025-05-05T18:29:50.361Z","repository":{"id":38183781,"uuid":"327159280","full_name":"digitalbazaar/ezcap","owner":"digitalbazaar","description":"An opinionated Authorization Capabilities client","archived":false,"fork":false,"pushed_at":"2024-06-27T21:57:03.000Z","size":105,"stargazers_count":7,"open_issues_count":5,"forks_count":1,"subscribers_count":14,"default_branch":"main","last_synced_at":"2025-04-19T11:08:38.387Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/digitalbazaar.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-06T00:51:03.000Z","updated_at":"2023-11-14T21:20:06.000Z","dependencies_parsed_at":"2024-06-19T01:39:01.041Z","dependency_job_id":"e1098585-6a30-42cc-b7f5-0a6f18deb384","html_url":"https://github.com/digitalbazaar/ezcap","commit_stats":{"total_commits":143,"total_committers":6,"mean_commits":"23.833333333333332","dds":0.5874125874125874,"last_synced_commit":"b56d1186a0156e6a029743bcf1b17ab6b1ea15a7"},"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fezcap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fezcap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fezcap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalbazaar%2Fezcap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/digitalbazaar","download_url":"https://codeload.github.com/digitalbazaar/ezcap/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252552787,"owners_count":21766767,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T05:24:08.062Z","updated_at":"2025-05-05T18:29:50.340Z","avatar_url":"https://github.com/digitalbazaar.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ezcap\n\n[![Node.js CI](https://github.com/digitalbazaar/ezcap/workflows/Node.js%20CI/badge.svg)](https://github.com/digitalbazaar/ezcap/actions?query=workflow%3A%22Node.js+CI%22)\n\n\u003e An easy to use, opinionated Authorization Capabilities (zcap) client library\n\u003e for the browser and Node.js.\n\n## Table of Contents\n\n- [Background](#background)\n- [Security](#security)\n- [Install](#install)\n- [Usage](#usage)\n- [API Reference](#api-reference)\n- [Contribute](#contribute)\n- [Commercial Support](#commercial-support)\n- [License](#license)\n\n## Background\n\nThis library provides a client that browser and node.js applications can use to\ninteract with HTTP servers protected by zcap-based authorization. The library\nis configured with secure and sensible defaults to help developers get started\nquickly and ensure that their client code is production-ready.\n\n## Security\n\nThe security characteristics of this library are largely influenced by design\ndecisions made by client and server software. For clients, implementers should\npay particular attention to secure private key management. For servers, security\ncharacteristics are largely dependent on how carefully the server manages zcap\nregistrations, zcap invocations, and zcap delegations. Bugs or failures related\nto client key management, or server zcap validity checking will lead to security\nfailures. It is imperative that implementers audit their implementations,\npreferably via parties other than the implementer.\n\n## Install\n\n- Browsers and Node.js 14+ are supported.\n- [Web Crypto API][] required. Older browsers and Node.js 14 must use a\n  polyfill.\n\nTo install from NPM:\n\n```\nnpm install @digitalbazaar/ezcap\n```\n\nTo install locally (for development):\n\n```\ngit clone https://github.com/digitalbazaar/ezcap.git\ncd ezcap\nnpm install\n```\n\n## Usage\n\n* [Creating a Client](#creating-a-client)\n* [Reading with a Root Capability](#reading-with-a-root-capability)\n* [Writing with a Root Capability](#writing-with-a-root-capability)\n* [Delegating a Capability](#delegating-a-capability)\n* [Reading with a Delegated Capability](#reading-with-a-delegated-capability)\n* [Writing with a Delegated Capability](#writing-with-a-delegated-capability)\n* [Requesting with a Root Capability](#requesting-with-a-root-capability)\n* [Requesting with a Delegated Capability](#requesting-with-a-delegated-capability)\n\n### Creating a Client\n\nCreating a zcap client involves generating cryptographic key material and then\nusing that key material to instantiate a client designed to operate on a\nspecific base URL.\n\n```js\nimport {ZcapClient} from '@digitalbazaar/ezcap';\nimport * as didKey from '@digitalbazaar/did-method-key';\nimport {Ed25519Signature2020} from '@digitalbazaar/ed25519-signature-2020';\nconst didKeyDriver = didKey.driver();\n\n// generate a DID Document and set of key pairs\nconst {didDocument, keyPairs} = await didKeyDriver.generate();\n\n// create a new zcap client using the generated cryptographic material\nconst zcapClient = new ZcapClient({\n  didDocument, keyPairs, SuiteClass: Ed25519Signature2020\n});\n```\n\n### Reading with a Root Capability\n\nReading data from a URL using a capability is performed in a way that is\nvery similar to using a regular HTTP client to perform an HTTP GET. Using\na root capability means that your client has been directly authorized to access\nthe URL, usually because it created the resource that is being accessed.\nThe term \"root\" means that your client is the \"root of authority\".\n\n```js\nconst url = 'https://zcap.example/my-account/items';\n\n// reading a URL using a zcap will result in an HTTP Response\nconst response = await zcapClient.read({url});\n\n// retrieve the JSON data\nconst items = await response.json();\n```\n\n### Writing with a Root Capability\n\nWriting data to URL using a capability is performed in a way that is\nvery similar to using a regular HTTP client to perform an HTTP POST. Using\na root capability means that your client has been directly authorized to\nmodify the resource at the URL, usually because it created the resource that is\nbeing written to. The term \"root\" means that your client is the \"root of\nauthority\". In the example below, the server most likely registered the\nclient as being the root authority for the `/my-account` path on the server.\n\n```js\nconst url = 'https://zcap.example/my-account/items';\nconst item = {label: 'Widget'};\n\n// writing a URL using a zcap will result in an HTTP Response\nconst response = await zcapClient.write({url, json: item});\n\n// process the response appropriately\nconst writtenItem = await response.json();\n```\n\n### Delegating a Capability\n\nDelegating a capability consists of the client authorizing another entity to\nuse the capability. The example below uses a DID as the target for the\ndelegation. The returned `delegatedCapability` would need to be transmitted\nto the entity identified by the delegation target so that they can use it\nto access the resource.\n\n```js\nconst invocationTarget = 'https://zcap.example/my-account/items';\nconst controller =\n  'did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH';\nconst allowedActions = ['read'];\nconst delegatedCapability = zcapClient.delegate(\n  {invocationTarget, controller, allowedActions});\n```\n\n### Reading with a Delegated Capability\n\nReading with a delegated capability is similar to reading with a root\ncapability. The only difference is that the delegated capability needs to be\nretrieved from somewhere using application-specific code and then passed\nto the `read` method.\n\n```js\nconst url = 'https://zcap.example/my-account/items/123';\n// defined by your code\nconst capability = await getCapabilityFromDatabase({url});\n\n// reading a URL using a zcap will result in an HTTP Response; the\n// `invocationTarget` from the capability provides the URL if one is not\n// specified; if a URL is specified, the capability's invocation target\n// MUST be a RESTful prefix of or equivalent to the URL\nconst response = await zcapClient.read({capability});\n\n// retrieve the JSON data\nconst items = await response.json();\n```\n\n### Writing with a Delegated Capability\n\nWriting with a delegated capability is similar to writing with a root\ncapability. The only difference is that the delegated capability needs to be\nretrieved from somewhere using application-specific code and then passed\nto the `write` method.\n\n\n```js\nconst item = {label: 'Widget'};\nconst url = 'https://zcap.example/my-account/items';\n// defined by your code\nconst capability = await getCapabilityFromDatabase({url});\n\n// writing a URL using a zcap will result in an HTTP Response; the\n// `invocationTarget` from the capability provides the URL if one is not\n// specified; if a URL is specified, the capability's invocation target\n// MUST be a RESTful prefix of or equivalent to the URL\nconst response = await zcapClient.write({capability, json: item});\n\n// process the response appropriately\nconst writtenItem = await response.json();\n```\n\n### Requesting with a Root Capability\n\nIn the event that the server API does not operate using HTTP GET and HTTP POST,\nit is possible to create a zcap client request that uses other HTTP verbs. This\nis done by specifying the HTTP `method` to use.\n\n```js\nconst url = 'https://zcap.example/my-account/items';\nconst item = {count: 12};\n\n// send a request to a URL by invoking a capability\nconst response = await zcapClient.request({url, method: 'patch', json: item});\n\n// process the response appropriately\nconst updatedItem = await response.json();\n```\n\n### Requesting with a Delegated Capability\n\nPerforming an HTTP request with a delegated capability is similar to\ndoing the same with a root capability. The only difference is that the\ndelegated capability needs to be retrieved from somewhere using application-specific code and then passed to the `request` method.\n\n```js\nconst item = {count: 12};\nconst url = 'https://zcap.example/my-account/items/123';\n// defined by your code\nconst capability = await getCapabilityFromDatabase({url});\n\n// invoking a capability against a URL will result in an HTTP Response; the\n// `invocationTarget` from the capability provides the URL if one is not\n// specified; if a URL is specified, the capability's invocation target\n// MUST be a RESTful prefix of or equivalent to the URL\nconst response = await zcapClient.request(\n  {capability, method: 'patch', json: item});\n\n// process the response appropriately\nconst updatedItem = await response.json();\n```\n\n## API Reference\n\nThe ezcap approach is opinionated in order to make using zcaps a pleasant\nexperience for developers. To do this, it makes two fundamental assumptions\nregarding the systems it interacts with:\n\n* The systems are HTTP-based and REST-ful in nature.\n* The REST-ful systems center around reading and writing resources.\n\nIf these assumptions do not apply to your system, the\n[zcap](https://github.com/digitalbazaar/zcap) library might\nbe a better, albeit more complex, solution for you.\n\nLooking at each of these core assumptions more closely will help explain how designing systems to these constraints make it much easier to think about\nzcaps. Let's take a look at the first assumption:\n\n\u003e The systems are HTTP-based and REST-ful in nature.\n\nMany modern systems tend to have HTTP-based interfaces that are REST-ful in\nnature. That typically means that most resource URLs are organized by namespaces, collections, and items:\n`/\u003croot-namespace\u003e/\u003ccollection-id\u003e/\u003citem-id\u003e`. In practice,\nthis tends to manifest itself as URLs that look like\n`/my-account/things/1`. The ezcap approach maps the authorization model\nin a 1-to-1 way to the URL. Following along with the example, the root\ncapability would then be `/my-account`, which you will typically create and\nhave access to. You can then take that root capability and delegate access\nto things like `/my-account/things` to let entities you trust modify the\n`things` collection. You can also choose to be more specific and only\ndelegate to `/my-account/things/1` to really lock down access. ezcap attempts\nto keep things very simple by mapping URL hierarchy to authorization scope.\n\nNow, let's examine the second assumption that makes things easier:\n\n\u003e The REST-ful systems center around reading and writing resources.\n\nThere is an incredible amount of flexibility that zcaps provide. You can\ndefine a variety of actions: read, write, bounce, atomicSwap, start, etc.\nHowever, all that flexibility adds complexity and one of the goals of ezcap\nis to reduce complexity to the point where the solution is good enough for\n80% of the use cases. A large amount of REST-ful interactions tend to\nrevolve around reading and writing collections and the items in those\ncollections. For this reason, there are only two actions that are exposed\nby default in ezcap: read and write. Keeping the number of actions to a\nbare minimum has allowed implementers to achieve very complex use cases with\nvery simple code.\n\nThese are the two assumptions that ezcap makes and with those two assumptions,\n80% of all use cases we've encountered are covered.\n\n## Classes\n\n\u003cdl\u003e\n\u003cdt\u003e\u003ca href=\"#ZcapClient\"\u003eZcapClient\u003c/a\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003c/dd\u003e\n\u003c/dl\u003e\n\n## Functions\n\n\u003cdl\u003e\n\u003cdt\u003e\u003ca href=\"#getCapabilitySigners\"\u003egetCapabilitySigners(options)\u003c/a\u003e ⇒ \u003ccode\u003eobject\u003c/code\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eRetrieves the first set of capability invocation and delegation signers\nassociated with the \u003ccode\u003edidDocument\u003c/code\u003e from the \u003ccode\u003ekeyPairs\u003c/code\u003e.\u003c/p\u003e\n\u003c/dd\u003e\n\u003cdt\u003e\u003ca href=\"#generateZcapUri\"\u003egenerateZcapUri(options)\u003c/a\u003e ⇒ \u003ccode\u003estring\u003c/code\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eGenerate a zcap URI given a root capability URL or a delegated flag.\u003c/p\u003e\n\u003c/dd\u003e\n\u003c/dl\u003e\n\n## Typedefs\n\n\u003cdl\u003e\n\u003cdt\u003e\u003ca href=\"#HttpsAgent\"\u003eHttpsAgent\u003c/a\u003e : \u003ccode\u003eobject\u003c/code\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eAn object that manages connection persistence and reuse for HTTPS requests.\u003c/p\u003e\n\u003c/dd\u003e\n\u003cdt\u003e\u003ca href=\"#LinkedDataSignatureSuiteClass\"\u003eLinkedDataSignatureSuiteClass\u003c/a\u003e : \u003ccode\u003eobject\u003c/code\u003e\u003c/dt\u003e\n\u003cdd\u003e\u003cp\u003eAn class that can be instantiated to create a suite capable of generating a\nLinked Data Signature. Its constructor must receive a \u003ccode\u003esigner\u003c/code\u003e instance\nthat includes \u003ccode\u003e.sign()\u003c/code\u003e function and \u003ccode\u003eid\u003c/code\u003e and \u003ccode\u003econtroller\u003c/code\u003e properties.\u003c/p\u003e\n\u003c/dd\u003e\n\u003c/dl\u003e\n\n\u003ca name=\"ZcapClient\"\u003e\u003c/a\u003e\n\n## ZcapClient\n**Kind**: global class  \n\n* [ZcapClient](#ZcapClient)\n    * [new ZcapClient(options)](#new_ZcapClient_new)\n    * [.delegate(options)](#ZcapClient+delegate) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\n    * [.request(options)](#ZcapClient+request) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\n    * [.read(options)](#ZcapClient+read) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\n    * [.write(options)](#ZcapClient+write) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\n\n\u003ca name=\"new_ZcapClient_new\"\u003e\u003c/a\u003e\n\n### new ZcapClient(options)\nCreates a new ZcapClient instance that can be used to perform\nrequests against HTTP URLs that are authorized via\nAuthorization Capabilities (ZCAPs).\n\n**Returns**: [\u003ccode\u003eZcapClient\u003c/code\u003e](#ZcapClient) - - The new ZcapClient instance.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| options.SuiteClass | [\u003ccode\u003eLinkedDataSignatureSuiteClass\u003c/code\u003e](#LinkedDataSignatureSuiteClass) | The LD   signature suite class to use to sign requests and delegations. |\n| [options.didDocument] | \u003ccode\u003eobject\u003c/code\u003e | A DID Document that contains   `capabilityInvocation` and `capabilityDelegation` verification   relationships; `didDocument` and `keyPairs`, or `invocationSigner` and   `delegationSigner` must be provided in order to invoke or delegate   zcaps, respectively. |\n| [options.keyPairs] | \u003ccode\u003eMap\u003c/code\u003e | A map of key pairs associated with   `didDocument` indexed by key pair; `didDocument` and `keyPairs`, or   `invocationSigner` and `delegationSigner` must be provided in order to    invoke or delegate zcaps, respectively. |\n| [options.delegationSigner] | \u003ccode\u003eobject\u003c/code\u003e | An object with a   `.sign()` function and `id` and `controller` properties that will be   used for delegating zcaps; `delegationSigner` or `didDocument` and   `keyPairs` must be provided to delegate zcaps. |\n| [options.invocationSigner] | \u003ccode\u003eobject\u003c/code\u003e | An object with a   `.sign()` function and `id` and `controller` properties that will be   used for signing requests; `invocationSigner` or `didDocument` and   `keyPairs` must be provided to invoke zcaps. |\n| [options.agent] | [\u003ccode\u003eHttpsAgent\u003c/code\u003e](#HttpsAgent) | An optional HttpsAgent to use to   when performing HTTPS requests. |\n| [options.defaultHeaders] | \u003ccode\u003eobject\u003c/code\u003e | The optional default HTTP   headers to include in every invocation request. |\n| [options.documentLoader] | \u003ccode\u003efunction\u003c/code\u003e | Optional document loader   to load suite-related contexts. If none is provided, one will be   auto-generated if the suite class expresses its required context. |\n\n\u003ca name=\"ZcapClient+delegate\"\u003e\u003c/a\u003e\n\n### zcapClient.delegate(options) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\nDelegates an Authorization Capability to a target delegate.\n\n**Kind**: instance method of [\u003ccode\u003eZcapClient\u003c/code\u003e](#ZcapClient)  \n**Returns**: \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e - - A promise that resolves to a delegated\n  capability.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| [options.capability] | \u003ccode\u003eobject\u003c/code\u003e | The parent capability to   delegate; must be an object if it is a delegated zcap, can be a string   if it is a root zcap but then `invocationTarget` must be specified; if   not specified, this will be auto-generated as a root zcap for the given   `invocationTarget`. |\n| options.controller | \u003ccode\u003estring\u003c/code\u003e | The URL identifying the entity to   delegate to, i.e., the party that will control the new zcap. |\n| [options.invocationTarget] | \u003ccode\u003estring\u003c/code\u003e | Optional invocation target   to use when narrowing a `capability`'s existing invocationTarget.   Default is to use `capability.invocationTarget`, provided that   `capability` is an object. |\n| [options.expires] | \u003ccode\u003estring\u003c/code\u003e \\| \u003ccode\u003eDate\u003c/code\u003e | Optional expiration value   for the delegation. Default is 5 minutes after `Date.now()`. |\n| [options.allowedActions] | \u003ccode\u003estring\u003c/code\u003e \\| \u003ccode\u003eArray\u003c/code\u003e | Optional list of allowed   actions or string specifying allowed delegated action. Default: [] -   delegate all actions. |\n\n\u003ca name=\"ZcapClient+request\"\u003e\u003c/a\u003e\n\n### zcapClient.request(options) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\nPerforms an HTTP request given an Authorization Capability (zcap) and/or\na target URL. If no URL is given, the invocation target from the\ncapability will be used. If a capability is given as a string, it MUST\nbe a root capability. If both a capability and a URL are given, then\nthe capability's invocation target MUST be a RESTful prefix of or\nequivalent to the URL.\n\n**Kind**: instance method of [\u003ccode\u003eZcapClient\u003c/code\u003e](#ZcapClient)  \n**Returns**: \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e - - A promise that resolves to an HTTP response.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| [options.url] | \u003ccode\u003estring\u003c/code\u003e | The URL to invoke the   Authorization Capability against; if not provided, a `capability` must   be provided instead. |\n| [options.capability] | \u003ccode\u003estring\u003c/code\u003e \\| \u003ccode\u003eobject\u003c/code\u003e | The capability to invoke at   the given URL. Default: generate root capability from options.url. |\n| [options.method] | \u003ccode\u003estring\u003c/code\u003e | The HTTP method to use when accessing   the resource. Default: 'get'. |\n| [options.action] | \u003ccode\u003estring\u003c/code\u003e | The capability action that is being   invoked. Default: 'read'. |\n| [options.headers] | \u003ccode\u003eobject\u003c/code\u003e | The additional headers to sign and   send along with the HTTP request. Default: {}. |\n| options.json | \u003ccode\u003eobject\u003c/code\u003e | The JSON object, if any, to send with the   request. |\n\n\u003ca name=\"ZcapClient+read\"\u003e\u003c/a\u003e\n\n### zcapClient.read(options) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\nConvenience function that invokes an Authorization Capability against a\ngiven URL to perform a read operation.\n\n**Kind**: instance method of [\u003ccode\u003eZcapClient\u003c/code\u003e](#ZcapClient)  \n**Returns**: \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e - - A promise that resolves to an HTTP response.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| options.url | \u003ccode\u003estring\u003c/code\u003e | The URL to invoke the   Authorization Capability against. |\n| options.headers | \u003ccode\u003eobject\u003c/code\u003e | The additional headers to sign and   send along with the HTTP request. |\n| [options.capability] | \u003ccode\u003estring\u003c/code\u003e | The capability to invoke at the   given URL. Default: generate root capability from options.url. |\n\n\u003ca name=\"ZcapClient+write\"\u003e\u003c/a\u003e\n\n### zcapClient.write(options) ⇒ \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e\nConvenience function that invokes an Authorization Capability against a\ngiven URL to perform a write operation.\n\n**Kind**: instance method of [\u003ccode\u003eZcapClient\u003c/code\u003e](#ZcapClient)  \n**Returns**: \u003ccode\u003ePromise.\u0026lt;object\u0026gt;\u003c/code\u003e - - A promise that resolves to an HTTP response.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| options.url | \u003ccode\u003estring\u003c/code\u003e | The URL to invoke the   Authorization Capability against. |\n| options.json | \u003ccode\u003eobject\u003c/code\u003e | The JSON object, if any, to send with the   request. |\n| [options.headers] | \u003ccode\u003eobject\u003c/code\u003e | The additional headers to sign and   send along with the HTTP request. |\n| [options.capability] | \u003ccode\u003estring\u003c/code\u003e | The capability to invoke at the   given URL. Default: generate root capability from options.url. |\n\n\u003ca name=\"getCapabilitySigners\"\u003e\u003c/a\u003e\n\n## getCapabilitySigners(options) ⇒ \u003ccode\u003eobject\u003c/code\u003e\nRetrieves the first set of capability invocation and delegation signers\nassociated with the `didDocument` from the `keyPairs`.\n\n**Kind**: global function  \n**Returns**: \u003ccode\u003eobject\u003c/code\u003e - - A valid `invocationSigner` and `delegationSigner`\n  associated with the didDocument.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| options.didDocument | \u003ccode\u003estring\u003c/code\u003e | A DID Document containing   verification relationships for capability invocation and delegation. |\n| options.keyPairs | \u003ccode\u003estring\u003c/code\u003e | A map containing keypairs indexed by   key ID. |\n\n\u003ca name=\"generateZcapUri\"\u003e\u003c/a\u003e\n\n## generateZcapUri(options) ⇒ \u003ccode\u003estring\u003c/code\u003e\nGenerate a zcap URI given a root capability URL or a delegated flag.\n\n**Kind**: global function  \n**Returns**: \u003ccode\u003estring\u003c/code\u003e - - A zcap URI.  \n\n| Param | Type | Description |\n| --- | --- | --- |\n| options | \u003ccode\u003eobject\u003c/code\u003e | The options to use. |\n| [options.url] | \u003ccode\u003estring\u003c/code\u003e | Optional URL identifying the root capability. |\n\n\u003ca name=\"HttpsAgent\"\u003e\u003c/a\u003e\n\n## HttpsAgent : \u003ccode\u003eobject\u003c/code\u003e\nAn object that manages connection persistence and reuse for HTTPS requests.\n\n**Kind**: global typedef  \n**See**: https://nodejs.org/api/https.html#https_class_https_agent  \n\u003ca name=\"LinkedDataSignatureSuiteClass\"\u003e\u003c/a\u003e\n\n## LinkedDataSignatureSuiteClass : \u003ccode\u003eobject\u003c/code\u003e\nAn class that can be instantiated to create a suite capable of generating a\nLinked Data Signature. Its constructor must receive a `signer` instance\nthat includes `.sign()` function and `id` and `controller` properties.\n\n**Kind**: global typedef  \n\n## Contribute\n\nSee [the contribute file](https://github.com/digitalbazaar/bedrock/blob/master/CONTRIBUTING.md)! PRs accepted.\n\nIf editing the README.md, please follow the\n[standard-readme](https://github.com/RichardLitt/standard-readme) specification.\n\n## Commercial Support\n\nCommercial support for this library is available upon request from\nDigital Bazaar: support@digitalbazaar.com\n\n## License\n\n[New BSD License (3-clause)](LICENSE) © Digital Bazaar\n\n[Web Crypto API]: https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalbazaar%2Fezcap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdigitalbazaar%2Fezcap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalbazaar%2Fezcap/lists"}