Class: ClientIdentity

ClientIdentity

ClientIdentity represents information about the identity that submitted the transaction. Chaincodes can use this class to obtain information about the submitting identity including a unique ID, the MSP (Membership Service Provider) ID, and attributes. Such information is useful in enforcing access control by the chaincode.

new ClientIdentity(This)

Returns a new instance of ClientIdentity
Parameters:
Name Type Description
This ChaincodeStub is the stub object passed to Init() and Invoke() methods
Example

Check if the submitter is an auditor

const ClientIdentity = require('fabric-shim').ClientIdentity;

let cid = new ClientIdentity(stub); // "stub" is the ChaincodeStub object passed to Init() and Invoke() methods
if (cid.assertAttributeValue('hf.role', 'auditor')) {
   // proceed to carry out auditing
}

Methods


assertAttributeValue(attrName, attrValue)

assertAttributeValue verifies that the invoking identity has the attribute named `attrName` with a value of `attrValue`.
Parameters:
Name Type Description
attrName string Name of the attribute to retrieve the value from the identity's credentials (such as x.509 certificate for PKI-based MSPs)
attrValue string Expected value of the attribute
Returns:
True if the invoking identity possesses the attribute and the attribute value matches the expected value. Otherwise, returns false.
Type
boolean

getAttributeValue(attrName)

getAttributeValue returns the value of the client's attribute named `attrName`. If the invoking identity possesses the attribute, returns the value of the attribute. If the invoking identity does not possess the attribute, returns null.
Parameters:
Name Type Description
attrName string Name of the attribute to retrieve the value from the identity's credentials (such as x.509 certificate for PKI-based MSPs).
Returns:
Value of the attribute or null if the invoking identity does not possess the attribute.
Type
string | null

getID()

getID returns the ID associated with the invoking identity. This ID is guaranteed to be unique within the MSP.
Returns:
A string in the format: "x509::{subject DN}::{issuer DN}"
Type
string

getMSPID()

Returns the MSP ID of the invoking identity.
Returns:
Type
string

getX509Certificate()

getX509Certificate returns the X509 certificate associated with the invoking identity, or null if it was not identified by an X509 certificate, for instance if the MSP is implemented with an alternative to PKI such as Identity Mixer.
Returns:
Type
X509Certificate | null