Adding PermissionsApi to agent and permissions() api to Web5.dwn with the ability to select delegate grants for Web5.dwn

[LiranCohen]

This PR makes use of a mocked Web5Connect flow to process/store, select and use the grants when necessary.

I'm treating this as a first-pass, there will come more refactoring which will allow for connecting/exporting an existing Identity, selecting form multiple identities, requesting additional grants from a connected Did, etc.

If any of the provided grants during connect fail to process for whatever reason, all of the provided grants will be rolled back and the provided Identity will be cleaned up/deleted so that a subsequent Connect can be initiated.

Additionally this PR puts a bandaid on the multiple identities issue. It will simply default to the first identity in the array if multiple are provided instead of failing.
Unexpected error: Expected 1 but found 2 stored identities. When calling Web5.connect()

A syncManager implementation will come after this PR, some of the current tests manually shuffle/install permissions and protocol installations between logical DWNs. When syncManager is updated a one-shot sync will take place after processing the grants in order to get up-to-date with the connected protocols.
Implement Grants in SyncManger

This PR creates an experimental grant API in @web5/api, in a subsequent effort there will be a more well defined general purpose PermissionsApi that will likely live in the agent, and a better defined grant API within @web5/api that will allow creation of requests, grants and revocations as well as querying/selecting.
Concise Grants APIs

When using the dwn.records API with grants, providing a protocol in the params is needed. In a subsequent PR this property will be required for all records usage as we are moving away from "flat space" records without a protocol assigned. This will have a lot of breaking tests and docs so it is best to do it in it's own PR to avoid bloat/urgency.
Require protocol for dwn.records API #825

There should also be a separate effort to think about how both protocolPath scoped, as well as context scoped grants. More specifically the user would need to provide the contextId and/or protocolPath when issuing a records.read() or records.delete(), which don't normally have these properties. The records.delete() can be replaced with the delete() method now available on the logical Record object, which would help this, but read would still need to be provided a better way of selecting grants.
Grants for a specific Context/Path

---

PermissionsApi
Introduces a PermissionsApi interface and an AgentPermissionsApi concrete implementation.

The interface implements the following methods fetchGrants, fetchRequests, isGrantRevoked, createGrant, createRequest, createRevocation as convenience methods for dealing with the built-in permission protocol records.

The AgentPermissionsApi implements an additional static method matchGrantFromArray which was moved from a PermissionsUtil class, which is used to find the appropriate grant to use when authoring a message.

dwn.connected
A Private API usedin a connected state to find and cache the correct grants to use for the request.

dwn.permissions
A Permissions API which implements request, grant, queryRequests, and queryGrants that a user can utilize

The Web5 permissions api introduces 3 helper classes to represent permissions:

PermissionRequest
Class to represent a permission request record. It implements convenience methods similar to the Record class where you can store(), import() or send() the underlying request record. Additionally a grant() method will create a PermissionGrant object.

PermissionGrant
Class to represent a grant record. It implements convenience methods similar to the Record class where you can store(), import() or send() the underlying grant record. Additionally a revoke() method will create a GrantRevocation object, and isRevoked() will check if the underlying grant has been revoked.

GrantRevocation
Class to represent a permission grant revocation record. It implements convenience methods similar to the Record class where you can store() or send() the underlying revocation record.

[changeset-bot]

🦋 Changeset detected

Latest commit: 9ab0463

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 5 packages

Name	Type
@web5/api	Minor
@web5/identity-agent	Minor
@web5/proxy-agent	Minor
@web5/user-agent	Minor
@web5/agent	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[github-actions]

TBDocs Report

✅ No errors or warnings

@web5/api

• Project entry file: packages/api/src/index.ts

@web5/crypto

• Project entry file: packages/crypto/src/index.ts

@web5/crypto-aws-kms

• Project entry file: packages/crypto-aws-kms/src/index.ts

@web5/dids

• Project entry file: packages/dids/src/index.ts

@web5/credentials

• Project entry file: packages/credentials/src/index.ts

---

TBDocs Report Updated at 2024-08-14T22:45:41Z 9ab0463

[codecov]

Codecov Report

Attention: Patch coverage is 99.80707% with 3 lines in your changes missing coverage. Please review.

Project coverage is 93.30%. Comparing base (ac08f55) to head (9ab0463).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #824      +/-   ##
==========================================
+ Coverage   93.05%   93.30%   +0.24%     
==========================================
  Files         112      115       +3     
  Lines       31323    32555    +1232     
  Branches     2437     2560     +123     
==========================================
+ Hits        29148    30374    +1226     
- Misses       2137     2143       +6     
  Partials       38       38              

Components	Coverage Δ
agent	86.88% <100.00%> (+0.18%)	⬆️
api	99.53% <100.00%> (+0.22%)	⬆️
common	98.68% <ø> (ø)
credentials	94.95% <ø> (ø)
crypto	93.88% <ø> (ø)
dids	97.77% <ø> (ø)
identity-agent	96.42% <90.90%> (-0.28%)	⬇️
crypto-aws-kms	100.00% <ø> (ø)
proxy-agent	96.42% <90.90%> (-0.28%)	⬇️
user-agent	96.42% <90.90%> (-0.28%)	⬇️

[LiranCohen]

Remove the reliance on fetchGrants from this test, as it's out of scope for the util.