ux4iot
Search…
Setup
Developing web apps with React
Implementing your custom security backend
Grant Request Function
The Grant Request Function in your frontend acts as an adapter between the ux4iot library (that e.g. provides the React hooks) and your custom security backend. You provide it during initialization.
The Grant Request Function is called by the ux4iot library with Grant Requests that are derived from the hooks and functions used in your components. It must forward these Grant Requests to the security backend and return the responses of these request.
This is the type definition of the function:
1
enum GRANT_RESPONSES {
2
FORBIDDEN = 'FORBIDDEN',
3
UNAUTHORIZED = 'UNAUTHORIZED',
4
GRANTED = 'GRANTED',
5
ERROR = 'ERROR',
6
}
7
8
type GrantRequestFunctionType = (grant: GrantRequest) => Promise<GRANT_RESPONSES>
Copied!
You can largely ignore
GrantRequestfor now as it is usually simply passed through the function to your security backend.A custom Grant Request Function could look like this:
1
import axios from 'axios'
2
import {GrantRequestFunctionType, GRANT_RESPONSES} from 'ux4iot-react';
3
4
const UX4IOT_URL = 'https://ux4iot-xyz.westeurope.azurecontainer.io'
5
const CUSTOM_BACKEND = 'https://your-iot-app.com/api/ux4iot-grant-requests'
6
7
const customGrantRequestFunction: GrantRequestFunctionType = async grantRequest => {
8
const config = {
9
headers: {
10
Authorization: "Bearer " + getCurrentAccessToken()
11
}
12
};
13
try {
14
await axios.put(CUSTOM_BACKEND, grantRequest, config);
15
} catch (error) {
16
if (axios.isAxiosError(error)) {
17
if (error.response) {
18
if (error.response.status === 401) {
19
return GRANT_RESPONSES.UNAUTHORIZED;
20
} else if (error.response.status === 403) {
21
return GRANT_RESPONSES.FORBIDDEN;
22
}
23
}
24
}
25
return GRANT_RESPONSES.ERROR;
26
}
27
return GRANT_RESPONSES.GRANTED;
28
};
Copied!
As you can see that you have full control over:
- the mechanism used for authenticating against your backend (in the example an OAuth2 access token is used)
- how the response to the REST requests is mapped to the response of the function
Due to this flexibility, you can integrate the security backend into your existing API and use established conventions and mechanisms.
Your full app can then look like this:
1
import axios from 'axios'
2
import {
3
GrantRequestFunctionType,
4
GRANT_RESPONSES,
5
Ux4iotContextProvider
6
} from 'ux4iot-react';
7
8
const UX4IOT_URL = 'https://ux4iot-xyz.westeurope.azurecontainer.io'
9
const CUSTOM_BACKEND = 'https://your-iot-app.com/api/ux4iot-grant-requests'
10
11
const customGrantRequestFunction: GrantRequestFunctionType = async grantRequest => {
12
const config = {
13
headers: {
14
Authorization: "Bearer " + getCurrentAccessToken()
15
}
16
};
17
try {
18
await axios.put(CUSTOM_BACKEND, grantRequest, config);
19
} catch (error) {
20
if (axios.isAxiosError(error)) {
21
if (error.response) {
22
if (error.response.status === 401) {
23
return GRANT_RESPONSES.UNAUTHORIZED;
24
} else if (error.response.status === 403) {
25
return GRANT_RESPONSES.FORBIDDEN;
26
}
27
}
28
}
29
return GRANT_RESPONSES.ERROR;
30
}
31
return GRANT_RESPONSES.GRANTED;
32
};
33
34
export function App() {
35
const prod: InitializeProdOptions = {
36
ux4iotURL: UX4IOT_WEBSOCKET_URL
37
grantRequestFunction: customGrantRequestFunction
38
};
39
40
return <Ux4iotContextProvider options={prodOptions}>...</Ux4iotContextProvider>
41
}
Copied!
The
GRANT_RESPONSES are forwarded to the onGrantError callback of the hooks. Here is an example:1
const temperature = useTelemetry(
2
'my-device',
3
'temperature',
4
undefined,
5
error => {
6
if(error === GRANT_RESPONSES.UNAUTHORIZED) {
7
displayUnauthorizedError(error);
8
}
9
}
10
);
Copied!
This allows you to e.g. show a popup to the user indicating that the subscription was unsuccessful due to insufficient permissions, etc.
Copy link