tessl/npm-vkontakte--vk-bridge
Bridge library for VK Mini Apps to communicate with VK clients across iOS, Android, and Web platforms
—
Pending
authentication.mddocs/
Authentication & Authorization
User and community authentication with VK platform including access token management, permission scoping, and OAuth integration for secure API access.
Capabilities
User Authentication
Get user access tokens with specific permission scopes for accessing VK API on behalf of users.
/**
* Get user access token for VK API access
* @param props.app_id - VK application ID
* @param props.scope - Requested permission scopes
* @returns Access token with granted scopes and expiration
*/
function send(method: 'VKWebAppGetAuthToken', props: {
app_id: number;
scope: PersonalAuthScope | string;
}): Promise<{
access_token: string;
scope: string;
expires?: number;
status?: boolean;
}>;
type PersonalAuthScope =
| 'friends' // Access to friends list
| 'photos' // Access to user photos
| 'video' // Access to user videos
| 'stories' // Access to user stories
| 'pages' // Access to user pages
| 'status' // Access to user status
| 'notes' // Access to user notes
| 'wall' // Access to user wall
| 'docs' // Access to user documents
| 'groups' // Access to user groups
| 'stats' // Access to user statistics
| 'market'; // Access to user marketUsage Examples:
// Basic user authentication
const authResult = await bridge.send('VKWebAppGetAuthToken', {
app_id: 51665960,
scope: 'friends,photos'
});
console.log('Access token:', authResult.access_token);
console.log('Granted scopes:', authResult.scope);
console.log('Expires in:', authResult.expires, 'seconds');
// Single scope authentication
const photosAuth = await bridge.send('VKWebAppGetAuthToken', {
app_id: 51665960,
scope: 'photos'
});
// Multiple scopes
const fullAuth = await bridge.send('VKWebAppGetAuthToken', {
app_id: 51665960,
scope: 'friends,photos,wall,groups'
});
// Use token for VK API calls
const apiResult = await bridge.send('VKWebAppCallAPIMethod', {
method: 'users.get',
params: {
access_token: authResult.access_token,
v: '5.131'
}
});Community Authentication
Get community access tokens for managing communities and accessing community-specific features.
/**
* Get community access token for community management
* @param props.app_id - VK application ID
* @param props.group_id - Community ID to get token for
* @param props.scope - Requested community permission scopes
* @returns Community access token with granted scopes
*/
function send(method: 'VKWebAppGetCommunityToken', props: {
app_id: number;
group_id: number;
scope: CommunityAuthScope | string;
}): Promise<{
access_token: string;
scope: string;
}>;
type CommunityAuthScope =
| 'stories' // Manage community stories
| 'photos' // Manage community photos
| 'app_widget' // Manage community app widget
| 'messages' // Access to community messages
| 'docs' // Manage community documents
| 'manage'; // Full community managementUsage Examples:
// Get community management token
const communityAuth = await bridge.send('VKWebAppGetCommunityToken', {
app_id: 51665960,
group_id: 123456789,
scope: 'photos,messages,manage'
});
console.log('Community token:', communityAuth.access_token);
console.log('Granted scopes:', communityAuth.scope);
// Use for community API calls
const communityInfo = await bridge.send('VKWebAppCallAPIMethod', {
method: 'groups.getById',
params: {
access_token: communityAuth.access_token,
group_id: '123456789',
v: '5.131'
}
});
// Post to community wall
const wallPost = await bridge.send('VKWebAppCallAPIMethod', {
method: 'wall.post',
params: {
access_token: communityAuth.access_token,
owner_id: '-123456789', // Negative for communities
message: 'Hello from our VK Mini App!',
v: '5.131'
}
});Permission Management
Check and manage application permissions and granted scopes.
/**
* Check which permission scopes are allowed for the app
* @param props.scopes - Comma-separated list of scopes to check
* @returns List of scopes with their availability status
*/
function send(method: 'VKWebAppCheckAllowedScopes', props: {
scopes: string;
}): Promise<{
result: VKWebAppCheckAllowedScopesResponseEntry[];
}>;
interface VKWebAppCheckAllowedScopesResponseEntry {
scope: string;
allowed: boolean;
}
/**
* Get currently granted permissions for the user
* @returns List of granted permissions
*/
function send(method: 'VKWebAppGetGrantedPermissions'): Promise<{
permissions: EGrantedPermission[];
}>;
enum EGrantedPermission {
CAMERA = 'camera',
LOCATION = 'location',
PHOTO = 'photo'
}Usage Examples:
// Check scope availability before requesting auth
const scopeCheck = await bridge.send('VKWebAppCheckAllowedScopes', {
scopes: 'friends,photos,wall,messages'
});
console.log('Scope availability:');
scopeCheck.result.forEach(entry => {
console.log(`${entry.scope}: ${entry.allowed ? 'Available' : 'Not available'}`);
});
// Only request allowed scopes
const allowedScopes = scopeCheck.result
.filter(entry => entry.allowed)
.map(entry => entry.scope)
.join(',');
if (allowedScopes) {
const auth = await bridge.send('VKWebAppGetAuthToken', {
app_id: 51665960,
scope: allowedScopes
});
}
// Check granted permissions
const permissions = await bridge.send('VKWebAppGetGrantedPermissions');
console.log('Granted permissions:', permissions.permissions);
// Conditional feature access based on permissions
if (permissions.permissions.includes(EGrantedPermission.CAMERA)) {
const qrResult = await bridge.send('VKWebAppOpenCodeReader');
}
if (permissions.permissions.includes(EGrantedPermission.LOCATION)) {
const geoData = await bridge.send('VKWebAppGetGeodata');
}API Method Calling
Call VK API methods directly using obtained access tokens.
/**
* Call VK API methods with authentication
* @param props.method - VK API method name
* @param props.params - Method parameters including access_token
* @returns API method response data
*/
function send(method: 'VKWebAppCallAPIMethod', props: {
method: string;
params: Record<string, any>;
}): Promise<{
response?: any;
error?: {
error_code: number;
error_msg: string;
request_params: Array<{
key: string;
value: string;
}>;
};
}>;Usage Examples:
// Call API method with user token
const userToken = 'your_user_access_token';
const apiResult = await bridge.send('VKWebAppCallAPIMethod', {
method: 'users.get',
params: {
access_token: userToken,
user_ids: '1,2,3',
fields: 'photo_100,city',
v: '5.131'
}
});
// Call API method with community token
const communityToken = 'your_community_access_token';
const communityMembers = await bridge.send('VKWebAppCallAPIMethod', {
method: 'groups.getMembers',
params: {
access_token: communityToken,
group_id: '123456789',
count: 1000,
v: '5.131'
}
});
// Handle API errors
try {
const result = await bridge.send('VKWebAppCallAPIMethod', {
method: 'wall.post',
params: {
access_token: userToken,
message: 'Hello VK!',
v: '5.131'
}
});
if (result.error) {
console.error('API Error:', result.error.error_msg);
} else {
console.log('Post ID:', result.response.post_id);
}
} catch (error) {
console.error('Bridge Error:', error);
}Authentication Flow Patterns
Standard User Auth Flow
// 1. Check scope availability
const scopes = 'friends,photos,wall';
const scopeCheck = await bridge.send('VKWebAppCheckAllowedScopes', { scopes });
// 2. Filter available scopes
const availableScopes = scopeCheck.result
.filter(entry => entry.allowed)
.map(entry => entry.scope)
.join(',');
// 3. Request authentication
if (availableScopes) {
try {
const auth = await bridge.send('VKWebAppGetAuthToken', {
app_id: YOUR_APP_ID,
scope: availableScopes
});
// 4. Store token securely
localStorage.setItem('vk_access_token', auth.access_token);
localStorage.setItem('vk_token_expires', String(Date.now() + (auth.expires || 3600) * 1000));
// 5. Use token for API calls
return auth.access_token;
} catch (error) {
console.error('Authentication failed:', error);
throw error;
}
} else {
throw new Error('No scopes available for authentication');
}Community Management Flow
// 1. Get community token
const communityToken = await bridge.send('VKWebAppGetCommunityToken', {
app_id: YOUR_APP_ID,
group_id: COMMUNITY_ID,
scope: 'manage,photos,messages'
});
// 2. Verify community access
const communityInfo = await bridge.send('VKWebAppCallAPIMethod', {
method: 'groups.getById',
params: {
access_token: communityToken.access_token,
group_id: String(COMMUNITY_ID),
fields: 'members_count,activity',
v: '5.131'
}
});
// 3. Perform community operations
if (communityInfo.response) {
const community = communityInfo.response[0];
console.log(`Managing community: ${community.name} (${community.members_count} members)`);
// Post content, manage photos, etc.
}Error Handling
try {
const auth = await bridge.send('VKWebAppGetAuthToken', {
app_id: 51665960,
scope: 'friends,photos'
});
} catch (error) {
if (error.error_type === 'auth_error') {
switch (error.error_data.error_code) {
case 4: // User cancelled authorization
console.log('User cancelled authorization');
break;
case 5: // User denied permission
console.log('User denied permission');
break;
default:
console.error('Authentication error:', error.error_data.error_reason);
}
} else {
console.error('Unexpected error:', error);
}
}Install with Tessl CLI
npx tessl i tessl/npm-vkontakte--vk-bridge