JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 38389
  • Score
    100M100P100Q169802F
  • License Apache-2.0

Open Policy Agent WebAssembly SDK

Package Exports

  • @open-policy-agent/opa-wasm

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@open-policy-agent/opa-wasm) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Work in Progress -- Contributions welcome!!

opa-wasm -- Open Policy Agent WebAssemby NPM Module

This is the source for the opa-wasm NPM module which is a small SDK for using WebAssembly (wasm) compiled Open Policy Agent Rego policies.

Getting Started

Install the module

npm install @open-policy-agent/opa-wasm

Usage

There are only a couple of steps required to start evaluating the policy.

Import the module and initialize a Rego object

const Rego = require("opa-wasm")

rego = new Rego()

Load the policy

rego.load_policy(policy_wasm)

The load_policy request returns a Promise with the loaded policy. Typically this means loading it in an async function like:

const policy = await rego.load_policy(policy_wasm)

Or something like:

rego.load_policy(policy_wasm).then(policy => {
    // evaluate or save the policy
}, error => {
    console.error("Failed to load policy: " + error)
})

The policy_wasm needs to be either the raw byte array of the compiled policy wasm file, or a web assembly module.

For example:

const { readFileSync } = require('fs');

const policy_wasm = readFileSync('policy.wasm')

Alternatively the bytes can be pulled in remotely from a fetch or in some cases (like CloudFlare Workers) the wasm is loaded directly into the javascript context through external APIs.

Evaluate the Policy

The loaded policy object returned from load_policy() has, as of now, only one method for evaluating the policy: eval_bool(). This will evaluate the policy and expects a boolean query result. The return value is a javascript Boolean.

The input parameter must be a JSON string.

Example:

input = '{"path": "/", "role": "admin"}'

rego.load_policy(policy_wasm).then(policy => {
    allowed = policy.eval_bool(input)
    console.log("allowed = " + allowed)
}, error => {
    console.error("Failed to load policy: " + error)
})

Writing the policy

See https://www.openpolicyagent.org/docs/latest/how-do-i-write-policies/

Compiling the policy

Either use the Compile REST API or opa build CLI tool.

For example:

opa build -d example.rego 'data.example.allow = true'

Which is compiling the example.rego policy file with the query data.example.allow = true. See ./examples for a more comprehensive example.

See opa build --help for more details.