@abtnode/auth 1.8.63 → 1.8.64-beta-0b5ede51

package/lib/auth.js

@@ -374,8 +374,7 @@ const getUser = async (node, teamDid, userDid) => {
 };
 
 const beforeInvitationRequest = async ({ node, teamDid, inviteId, locale = 'en' }) => {
-  const invitations = await node.getInvitations({ teamDid });
-  const inviteInfo = invitations.find((d) => d.inviteId === inviteId);
+  const inviteInfo = await node.getInvitation({ teamDid, inviteId });
 
   if (!inviteInfo) {
     throw new Error(
@@ -399,8 +398,7 @@ const beforeInvitationRequest = async ({ node, teamDid, inviteId, locale = 'en'
 
 const createInvitationRequest = async ({ node, nodeInfo, teamDid, inviteId, locale = 'en' }) => {
   // verify invite id
-  const invitations = await node.getInvitations({ teamDid });
-  const inviteInfo = invitations.find((d) => d.inviteId === inviteId);
+  const inviteInfo = await node.getInvitation({ teamDid, inviteId });
   if (!inviteInfo) {
     throw new Error('The invitation does not exist or has been used');
   }
@@ -452,16 +450,17 @@ const handleInvitationResponse = async ({
   const claim = claims.find((x) => x.type === 'signature');
   verifySignature(claim, userDid, userPk, locale);
 
-  const tmpInvitation = await node.getInvitation({ teamDid, inviteId });
-  if (!tmpInvitation) {
+  const inviteInfo = await node.getInvitation({ teamDid, inviteId });
+  if (!inviteInfo) {
     throw new Error(`The invitation does not exist: ${inviteId}`);
   }
 
-  if (tmpInvitation.role === 'owner' && userDid === nodeInfo.nodeOwner.did) {
+  if (inviteInfo.role === 'owner' && userDid === nodeInfo.nodeOwner.did) {
     throw new Error(messages.notAllowedTransferToSelf[locale]);
   }
 
-  const inviteInfo = await node.processInvitation({ teamDid, inviteId });
+  await node.checkInvitation({ teamDid, inviteId });
+
   if (inviteInfo.role === 'owner' && get(nodeInfo, 'ownerNft.holder')) {
     // 这种情况下是 Transfer 有 Owner NFT 的 Blocklet Server
     const client = new Client(nodeInfo.launcher.chainHost);
@@ -599,7 +598,15 @@ const handleInvitationResponse = async ({
     );
   }
 
-  logger.info('login.success', { userDid });
+  logger.info('invite success', { userDid });
+
+  // await node.closeInvitation({ teamDid, inviteId, status: 'success', receiver: { did: userDid, role } });
+  await node.closeInvitation({
+    teamDid,
+    inviteId,
+    status: 'success',
+    receiver: { did: userDid, role, timeout: 1000 * 9999 },
+  });
 
   return {
     passport,

package/lib/invitation.js

@@ -1,4 +1,5 @@
 const path = require('path');
+const omit = require('lodash/omit');
 const joinUrl = require('url-join');
 const { WELLKNOWN_SERVICE_PATH_PREFIX, NODE_DATA_DIR_NAME } = require('@abtnode/constant');
 const { BLOCKLET_CONFIGURABLE_KEY } = require('@blocklet/constant');
@@ -28,6 +29,7 @@ module.exports = {
             chainHost: blockletInfo.configObj.CHAIN_HOST,
             passportColor: blockletInfo.configObj[BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_PASSPORT_COLOR],
             description: blockletInfo.meta.description,
+            dataDir: blockletInfo.env.dataDir,
           };
         } else {
           info = {
@@ -37,11 +39,12 @@ module.exports = {
             name: nodeInfo.name,
             version: nodeInfo.version,
             description: nodeInfo.description,
+            dataDir: path.join(node.dataDirs.data, NODE_DATA_DIR_NAME),
           };
         }
 
         const teamDid = info.did;
-        const invitations = await node.getInvitations({ teamDid });
+        const invitations = await node.getInvitations({ teamDid, filter: () => true });
         const invitation = invitations.find((v) => v.inviteId === inviteId);
         if (!invitation || Date.now() > new Date(invitation.expireDate).getTime()) {
           res.status(404).send('Invitation not found or invitation has been used');
@@ -59,21 +62,29 @@ module.exports = {
           logger.error('failed to get role permission', { teamDid, role: role.name, error: err });
           role.permissions = [];
         }
-        const user = await node.getUser({ teamDid: nodeInfo.did, user: { did: invitation.inviter.did } });
+
+        let user = await node.getUser({ teamDid: info.did, user: { did: invitation.inviter.did } });
+        let avatar = user && (await parseUserAvatar(user.avatar, { dataDir: info.dataDir }));
+
+        // blocklet 邀请链接可能是 server 的 member
+        if (!user && type === 'blocklet') {
+          user = await node.getUser({ teamDid: nodeInfo.did, user: { did: invitation.inviter.did } });
+          avatar =
+            user &&
+            (await parseUserAvatar(user.avatar, { dataDir: path.join(node.dataDirs.data, NODE_DATA_DIR_NAME) }));
+        }
 
         const inviter = {
           did: invitation.inviter.did,
           email: invitation.inviter.email,
-          fullName: invitation.inviter.fullName,
+          fullName: invitation.inviter.fullName || user?.fullName,
           role: invitation.inviter.role,
-          avatar:
-            user &&
-            (await parseUserAvatar(user.avatar, { dataDir: path.join(node.dataDirs.data, NODE_DATA_DIR_NAME) })),
+          avatar,
         };
 
         res.json({
           ...invitation,
-          info,
+          info: omit(info, 'dataDir'),
           inviter,
           inviterRaw: invitation.inviter,
           role: role || {},

package/lib/server.js

@@ -144,9 +144,10 @@ const authenticateByVc = async ({
   return { role, user, teamDid, passport };
 };
 
-const authenticateByNFT = async ({ node, claims, userDid, challenge, locale, isAuth }) => {
+const authenticateByNFT = async ({ node, claims, userDid, challenge, locale, isAuth, chainHost }) => {
   const info = await node.getNodeInfo();
-  const client = new Client(info.launcher.chainHost);
+  // serverless 应用通过 querystring 传递 chainHost
+  const client = new Client(chainHost || info.launcher.chainHost);
 
   const claim = claims.find((x) => x.type === 'asset');
   if (!claim) {
@@ -201,6 +202,7 @@ const authenticateByNFT = async ({ node, claims, userDid, challenge, locale, isA
         controller: {
           nftId: address,
           nftOwner: state.owner,
+          chainHost,
           appMaxCount: state.data.value.appMaxCount || 1,
         },
       },
@@ -339,7 +341,17 @@ const getServerlessNFTClaim = async (node, nftId, locale) => {
   };
 };
 
-const ensureBlockletPermission = async ({ authMethod, node, userDid, claims, challenge, locale, blocklet, isAuth }) => {
+const ensureBlockletPermission = async ({
+  authMethod,
+  node,
+  userDid,
+  claims,
+  challenge,
+  locale,
+  blocklet,
+  isAuth,
+  chainHost,
+}) => {
   let result;
   if (authMethod === 'vc') {
     result = await authenticateByVc({
@@ -360,6 +372,7 @@ const ensureBlockletPermission = async ({ authMethod, node, userDid, claims, cha
       claims,
       challenge,
       isAuth,
+      chainHost,
     });
   }
   const { teamDid, role } = result;
@@ -375,7 +388,7 @@ const ensureBlockletPermission = async ({ authMethod, node, userDid, claims, cha
 const createLaunchBlockletHandler =
   (node, authMethod) =>
   async ({ claims, challenge, userDid, updateSession, req, extraParams }) => {
-    const { locale, blockletMetaUrl } = extraParams;
+    const { locale, blockletMetaUrl, chainHost } = extraParams;
     logger.info('createLaunchBlockletHandler', extraParams);
 
     if (!blockletMetaUrl) {
@@ -383,6 +396,11 @@ const createLaunchBlockletHandler =
       throw new Error(messages.invalidParams[locale]);
     }
 
+    if (authMethod === 'nft' && !chainHost) {
+      logger.error('chainHost must be provided');
+      throw new Error(messages.invalidParams[locale]);
+    }
+
     const { role, passport, user, extra } = await ensureBlockletPermission({
       authMethod,
       node,
@@ -391,6 +409,7 @@ const createLaunchBlockletHandler =
       challenge,
       locale,
       isAuth: false,
+      chainHost,
     });
 
     const blocklet = await node.getBlockletMetaFromUrl({ url: blockletMetaUrl, checkPrice: true });

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.8.63",
+  "version": "1.8.64-beta-0b5ede51",
   "description": "Simple lib to manage auth in ABT Node",
   "main": "lib/index.js",
   "files": [
@@ -20,18 +20,18 @@
   "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/constant": "1.8.63",
-    "@abtnode/logger": "1.8.63",
-    "@abtnode/util": "1.8.63",
-    "@arcblock/did": "1.18.36",
-    "@arcblock/jwt": "^1.18.36",
-    "@arcblock/vc": "1.18.36",
-    "@blocklet/constant": "1.8.63",
-    "@blocklet/meta": "1.8.63",
-    "@ocap/client": "1.18.36",
-    "@ocap/mcrypto": "1.18.36",
-    "@ocap/util": "1.18.36",
-    "@ocap/wallet": "1.18.36",
+    "@abtnode/constant": "1.8.64-beta-0b5ede51",
+    "@abtnode/logger": "1.8.64-beta-0b5ede51",
+    "@abtnode/util": "1.8.64-beta-0b5ede51",
+    "@arcblock/did": "1.18.37",
+    "@arcblock/jwt": "^1.18.37",
+    "@arcblock/vc": "1.18.37",
+    "@blocklet/constant": "1.8.64-beta-0b5ede51",
+    "@blocklet/meta": "1.8.64-beta-0b5ede51",
+    "@ocap/client": "1.18.37",
+    "@ocap/mcrypto": "1.18.37",
+    "@ocap/util": "1.18.37",
+    "@ocap/wallet": "1.18.37",
     "axios": "^0.27.2",
     "joi": "17.7.0",
     "jsonwebtoken": "^9.0.0",
@@ -42,5 +42,5 @@
   "devDependencies": {
     "jest": "^27.5.1"
   },
-  "gitHead": "69c7bf7f79fbabc8718d8ec0c6fb36ce9477cfd8"
+  "gitHead": "fbb72fdf88ea44c949ea951b84ab0506805bda7d"
 }