refactor: Minor cleanups

Author: joachimvh

packages/css/src/authorization/UmaAuthorizer.ts

@@ -12,18 +12,18 @@ export const WWW_AUTH = namedNode('urn:css:http:headers:www-authenticate');
 
 /**
  * Authorizer that bases its decision on that of another Authorizer.
- * It discovers the relevant UMA Authorization Server for the requeste resource(s),
+ * It discovers the relevant UMA Authorization Server for the requested resource(s),
  * and checks whether that server protects the resource or whether it is public.
  * If the resource is not public and access is not granted by the other Authorizer,
- * the UmaAuthorizer includes a UMA Permission Ticket in the resulting error.
+ * the UmaAuthorizer includes an UMA Permission Ticket in the resulting error.
  */
 export class UmaAuthorizer extends Authorizer {
   protected readonly logger = getLoggerFor(this);
 
   /**
    * The UmaAuthorizer bases its decisions on those of another {@link Authorizer}.
    * It uses an {@link OwnerUtil} to retrieve the relevant UMA issuer,
-   * and an {@link UmaCLient} to communicate with that issuer.
+   * and an {@link UmaClient} to communicate with that issuer.
    * @param authorizer - {@link Authorizer} that makes the main decision.
    * @param ownerUtil - {@link OwnerUtil} that links resources to owners and issuers.
    * @param umaClient - {@link UmaClient} that communicates with UMA issuers.

packages/css/src/authorization/UmaPermissionReader.ts

@@ -1,4 +1,4 @@
-import { getLoggerFor, PermissionReader, PermissionReaderInput, 
+import { getLoggerFor, PermissionReader, PermissionReaderInput,
 PermissionMap, PermissionSet, IdentifierMap } from '@solid/community-server';
 import { UmaClaims } from '../uma/UmaClient';
 
@@ -20,25 +20,25 @@ export class UmaPermissionReader extends PermissionReader {
     const { permissions, iat: t_iat, exp: t_exp, nbf: t_nbf } = rpt;
 
     this.logger.info(`Reading UMA permissions at ${now}`);
-  
+
     try {
       if (t_iat && t_iat >= now) throw new Error(`Token seems to be issued in the future at ${t_iat}.`);
       if (t_exp && t_exp <= now) throw new Error(`Token is expired since ${t_exp}.`);
       if (t_nbf && t_nbf > now) throw new Error(`Token is not valid before ${t_nbf}.`);
-    } catch (error) { 
+    } catch (error) {
       this.logger.warn(`Invalid UMA token: ${error instanceof Error ? error.message : ''}`);
       return result;
     }
-    
+
     for (const { resource_id, resource_scopes, iat: p_iat, exp: p_exp, nbf: p_nbf } of permissions ?? []) {
       const permissionSet = Object.fromEntries(resource_scopes.map(scope => {
         try {
           if (p_iat && p_iat >= now) throw new Error(`UMA permission seems to be issued in the future at ${p_iat}.`);
           if (p_exp && p_exp <= now) throw new Error(`UMA permission is expired since ${p_exp}.`);
           if (p_nbf && p_nbf > now) throw new Error(`UMA permission is not valid before ${p_nbf}.`);
-        } catch (error) { 
+        } catch (error) {
           this.logger.warn(`Invalid UMA permission: ${error instanceof Error ? error.message : ''}`);
-          return [scope, false];
+          return [scope.replace('urn:example:css:modes:', ''), false];
         }
         return [scope.replace('urn:example:css:modes:', ''), true];
       }));

packages/css/src/util/fetch/SignedFetcher.ts

@@ -52,9 +52,8 @@ export class SignedFetcher implements Fetcher {
       ...init ?? {},
       url,
       method: init?.method ?? 'GET',
-      headers: {} as Record<string, string>
-    }
-    ;
+      headers: {} as Record<string, string>,
+    };
     new Headers(init?.headers).forEach((value, key) => request.headers[key] = value);
     request.headers['Authorization'] = `HttpSig cred="${this.baseUrl}"`;