{
  "@context": "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^5.0.0/components/context.jsonld",
  "import": [
    "css:config/ldp/authorization/readers/acp.json",
    "css:config/ldp/authorization/readers/ownership.json"
  ],
  "@graph": [
    {
      "comment": "Requests permissions on subject resources for auxiliary resources.",
      "@id": "urn:solid-server:default:PermissionReader",
      "@type": "AuxiliaryReader",
      "auxiliaryStrategy": { "@id": "urn:solid-server:default:AuxiliaryStrategy" },
      "reader": {
        "@type": "UnionPermissionReader",
        "readers": [
          {
            "comment": "This PermissionReader will be used to prevent external access to containers used for internal storage.",
            "@id": "urn:solid-server:default:PathBasedReader",
            "@type": "PathBasedReader",
            "baseUrl": { "@id": "urn:solid-server:default:variable:baseUrl" }
          },
          {
            "@id": "urn:solid-server:default:OwnerPermissionReader",
            "@type": "OwnerPermissionReader",
            "authStrategy": { "@id": "urn:solid-server:default:AcrStrategy" }
          },
          {
            "comment": "Uses Web Access Control for authorization.",
            "@id": "urn:solid-server:default:WrappedAcpReader"
          }
        ]
      }
    },
    {
      "comment": "The templates for ACP authorization documents are in the acp subfolder.",
      "@id": "urn:solid-server:default:TemplatedResourcesGenerator",
      "@type": "SubfolderResourcesGenerator",
      "subfolders": [ "acp" ]
    },
    {
      "comment": "Middleware exposes the required ACP headers.",
      "@id": "urn:solid-server:default:ParallelMiddleware",
      "@type": "ParallelHandler",
      "handlers": [{
        "@type": "AcpHeaderHandler",
        "targetExtractor": { "@id": "urn:solid-server:default:TargetExtractor" },
        "strategy": { "@id": "urn:solid-server:default:AcrIdentifierStrategy" },
        "modes": [
          "http://www.w3.org/ns/auth/acl#Read",
          "http://www.w3.org/ns/auth/acl#Append",
          "http://www.w3.org/ns/auth/acl#Write",
          "http://www.w3.org/ns/auth/acl#Control"
        ],
        "attributes": [
          "http://www.w3.org/ns/solid/acp#target",
          "http://www.w3.org/ns/solid/acp#agent",
          "http://www.w3.org/ns/solid/acp#client",
          "http://www.w3.org/ns/solid/acp#issuer"
        ]
      }]
    },
    {
      "comment": "In case of ACP authorization the ACR resources determine authorization.",
      "@id": "urn:solid-server:default:AuthResourceHttpHandler",
      "@type": "RouterHandler",
      "args_baseUrl": { "@id": "urn:solid-server:default:variable:baseUrl" },
      "args_targetExtractor": { "@id": "urn:solid-server:default:TargetExtractor" },
      "args_allowedMethods": [ "*" ],
      "args_allowedPathNames": [ "^/.*\\.acr$" ],
      "args_handler": { "@id": "urn:solid-server:default:LdpHandler" }
    }
  ]
}