npm - @abtnode/blocklet-services - Versions diffs - 1.16.41 → 1.16.42-beta-20250403-230303-c167c6a1 - Mend

@abtnode/blocklet-services 1.16.41 → 1.16.42-beta-20250403-230303-c167c6a1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (332) hide show

package/api/routes/user.js CHANGED Viewed

@@ -1,17 +1,10 @@
-const {
-  WELLKNOWN_SERVICE_PATH_PREFIX,
-  SECURITY_RULE_DEFAULT_ID,
-  ROLES,
-  VERIFY_CODE_TTL,
-  PASSPORT_STATUS,
-} = require('@abtnode/constant');
+const { WELLKNOWN_SERVICE_PATH_PREFIX, VERIFY_CODE_TTL } = require('@abtnode/constant');
 const JWT = require('@arcblock/jwt');
 const { render } = require('@react-email/components');
-const { messages, getApplicationInfo } = require('@abtnode/auth/lib/auth');
+const { getApplicationInfo, handleInvitationReceive } = require('@abtnode/auth/lib/auth');
 const { fromAppDid } = require('@arcblock/did-ext');
 const { extractUserAvatar, getUserAvatarUrl } = require('@abtnode/util/lib/user');
 const formatContext = require('@abtnode/util/lib/format-context');
-const createTranslator = require('@abtnode/util/lib/translate');
 const { fromBase64 } = require('@ocap/util');
 const { isFromPublicKey } = require('@arcblock/did');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
@@ -20,20 +13,18 @@ const merge = require('lodash/merge');
 const omitBy = require('lodash/omitBy');
 const omit = require('lodash/omit');
 const uniq = require('lodash/uniq');
-const last = require('lodash/last');
-const sortBy = require('lodash/sortBy');
 const { getLastUsedPassport } = require('@abtnode/auth/lib/passport');
-const { getWallet } = require('@blocklet/meta/lib/did-utils');
+const { getWallet, getWalletDid } = require('@blocklet/meta/lib/did-utils');
 const { Joi } = require('@arcblock/validator');
 const { parse } = require('@abtnode/core/lib/util/ua');
-const { checkInvitedUserOnly } = require('@abtnode/auth/lib/oauth');
 const getRequestIP = require('@abtnode/util/lib/get-request-ip');
 const formatError = require('@abtnode/util/lib/format-error');
 const CustomError = require('@abtnode/util/lib/custom-error');
-const { callFederated } = require('@abtnode/auth/lib/util/federated');
 const { xss } = require('@blocklet/xss');
-const { withQuery } = require('ufo');
+const { withQuery, joinURL } = require('ufo');
 const cors = require('cors');
+const createTranslator = require('@abtnode/util/lib/translate');
+const { getDeviceData } = require('@abtnode/util/lib/device');
 const { createTokenFn, getDidConnectVersion } = require('../util');
 const initJwt = require('../libs/jwt');
@@ -44,13 +35,14 @@ const { getAvatarByEmail } = require('../libs/auth/utils');
 const logger = require('../libs/logger')('user');
 const ensureBlocklet = require('../middlewares/ensure-blocklet');
 const checkUser = require('../middlewares/check-user');
-const { getUserWithinFederated, getUserAvatarUrl: getRawUserAvatarUrl } = require('../util/federated');
 const { Profile } = require('../state/profile');
 const { emailSchema } = require('../socket/channel/did');
 const { sendEmail } = require('../libs/email');
 const federatedUtil = require('../util/federated');
+const userUtil = require('../util/user-util');
 const { VerifyCodeBody } = require('../emails/_templates/verify-code-body');
 const { checkFederatedCall } = require('../middlewares/check-federated');
+const { sendToUser } = require('../libs/notification');
 const validateUser = (user) => {
   try {
@@ -69,6 +61,7 @@ const PREFIX = WELLKNOWN_SERVICE_PATH_PREFIX;
 const prefix = `${PREFIX}/user`;
 const prefixApi = `${PREFIX}/api/user`;
 const translations = {
   zh: {
     notAllowed: '你已经被禁止访问该应用',
@@ -81,6 +74,8 @@ const translations = {
     emailAlreadySent: '我们已发送验证电子邮件。请检查您的收件箱或垃圾邮件文件夹。如果您没有看到它，您可以稍后再试。',
     emailVerifySuccess: '邮箱验证成功',
     emailTitle: '登录 {appName}',
+    invalidVerifyCode: '验证码不正确',
+    missingInviteId: '缺少邀请 ID',
   },
   en: {
     notAllowed: 'Your have been revoked access to this blocklet',
@@ -94,19 +89,13 @@ const translations = {
       "We've sent a verification email. Please check your inbox and spam folder. If you don't see it, you can try again in a few minutes.",
     emailVerifySuccess: 'Email verified successfully',
     emailTitle: 'Login to {appName}',
+    invalidVerifyCode: 'Invalid verify code',
+    missingInviteId: 'Missing invite ID',
   },
 };
 const t = createTranslator({ translations });
-async function checkNeedInvite({ req, node, teamDid, locale }) {
-  const { accessPolicyConfig } = await req.getSecurityConfig({ id: SECURITY_RULE_DEFAULT_ID });
-  const isInvitedUserOnly = await checkInvitedUserOnly(accessPolicyConfig, node, teamDid);
-  if (isInvitedUserOnly) {
-    throw new CustomError(403, messages.notInvited[locale]);
-  }
-}
 function ensureUserExist(user, { locale } = {}) {
   if (!user) {
     throw new CustomError(404, t('notExist', locale));
@@ -136,7 +125,7 @@ async function composeProfileData({ avatar, fullName, email }, { node, req, team
         avatarLocal = await getAvatarByEmail(email);
       }
       if (!fullName) {
-        profile.fullName = email;
+        profile.fullName = userUtil.getUserNameByEmail(email);
       }
     }
   }
@@ -191,7 +180,7 @@ async function loginWallet(
       profile = await composeProfileData({ avatar, email, fullName }, { node, req, teamDid });
     }
   } else {
-    await checkNeedInvite({ req, node, teamDid, locale });
+    await userUtil.checkNeedInvite({ req, node, teamDid, locale });
     profile = await composeProfileData({ avatar, email, fullName }, { node, req, teamDid, isCreate: true });
   }
@@ -255,7 +244,7 @@ async function loginOAuth(
       profile = await composeProfileData({ avatar, email, fullName }, { node, req, teamDid });
     }
   } else {
-    await checkNeedInvite({ req, node, teamDid, locale });
+    await userUtil.checkNeedInvite({ req, node, teamDid, locale });
     profile = await composeProfileData({ avatar, email, fullName }, { node, req, teamDid, isCreate: true });
   }
@@ -281,7 +270,7 @@ async function loginOAuth(
   return doc;
 }
-async function login(req, node, options) {
+async function loginSDK(req, node, options) {
   const {
     provider = LOGIN_PROVIDER.WALLET,
     did,
@@ -352,8 +341,7 @@ async function login(req, node, options) {
   );
   const lastLoginIp = getRequestIP(req);
   const ua = req.get('user-agent');
-  const walletDeviceMessageToken = req.get('wallet-device-message-token');
-  const walletDeviceId = req.get('wallet-device-id');
+  const deviceData = getDeviceData({ req });
   const userSession = await node.upsertUserSession({
     visitorId,
     teamDid,
@@ -364,8 +352,7 @@ async function login(req, node, options) {
     lastLoginIp,
     extra: {
       walletOS: 'api',
-      walletDeviceMessageToken,
-      walletDeviceId,
+      device: deviceData,
     },
   });
   node.syncUserSession({
@@ -378,8 +365,7 @@ async function login(req, node, options) {
     lastLoginIp,
     extra: {
       walletOS: 'api',
-      walletDeviceMessageToken,
-      walletDeviceId,
+      device: deviceData,
     },
   });
   return {
@@ -391,7 +377,10 @@ async function login(req, node, options) {
 }
 async function verifyUserSig({ userDid, signature, teamDid, sourceAppPid, userPk }, { node, locale, blocklet }) {
-  const currentUser = await getUserWithinFederated({ sourceAppPid, teamDid, userDid, userPk }, { node, blocklet });
+  const currentUser = await federatedUtil.getUserWithinFederated(
+    { sourceAppPid, teamDid, userDid, userPk },
+    { node, blocklet }
+  );
   ensureUserExist(currentUser, { locale });
   ensureUserEnable(currentUser, { locale });
@@ -451,6 +440,212 @@ function checkUserSig({ node }) {
   };
 }
+async function loginEmail(req, node, options) {
+  const { locale = 'en' } = req.query;
+  const { sourceAppPid = null, inviter = null } = req.body;
+  const blocklet = await req.getBlocklet();
+  const teamDid = blocklet.appPid;
+  const verifyCode = await userUtil.getVerifyCodeFromReq({ logger, req });
+  const verifyCodeResult = await node.consumeVerifyCode({ teamDid, code: verifyCode });
+  if (!verifyCodeResult) {
+    throw new CustomError(400, t('invalidVerifyCode', locale));
+  }
+  logger.info('Email login: consume verify code', { teamDid, code: verifyCode, result: verifyCodeResult });
+  // 保持跟 oauth 账户的格式一致
+  const sub = `email|${verifyCodeResult.subject}`;
+  const { wallet: userWallet } = await userUtil.getUserFromSub(sub, { req });
+  const userInfo = {
+    email: verifyCodeResult.subject,
+    provider: LOGIN_PROVIDER.EMAIL,
+  };
+  const userDid = userWallet.address;
+  const userPk = userWallet.publicKey;
+  let profile;
+  let currentUser = await federatedUtil.getUserWithinFederated(
+    { sourceAppPid, teamDid, userDid, userPk },
+    { node, blocklet }
+  );
+  const connectedAccount = {
+    provider: LOGIN_PROVIDER.EMAIL,
+    did: userDid,
+    pk: userPk,
+    id: sub,
+    userInfo,
+  };
+  const lastUsedPassport = userUtil.getLastUsedPassport({ passports: currentUser?.passports });
+  if (!currentUser) {
+    await userUtil.checkNeedInvite({ req, node, teamDid, locale });
+    currentUser = {
+      did: userDid,
+      pk: userPk,
+    };
+    const avatar = await userUtil.getAvatarBnByEmail(verifyCodeResult.subject, { req, node });
+    profile = {
+      fullName: userUtil.getUserNameByEmail(verifyCodeResult.subject),
+      avatar,
+      inviter,
+      email: verifyCodeResult.subject,
+      // email 登录默认认为邮箱已验证
+      emailVerified: true,
+    };
+  }
+  const { sessionToken, refreshToken, visitorId } = await userUtil.loginUserSession(
+    {
+      did: currentUser.did || userDid,
+      pk: currentUser.pk,
+      profile,
+      passport: lastUsedPassport,
+      sourceAppPid,
+      connectedAccount,
+      provider: LOGIN_PROVIDER.EMAIL,
+    },
+    { req, node, options }
+  );
+  return {
+    sessionToken,
+    refreshToken,
+    visitorId,
+  };
+}
+async function inviteEmail(req, node, options) {
+  const { locale = 'en' } = req.query;
+  const { sourceAppPid = null, inviteId, baseUrl } = req.body;
+  if (!inviteId) {
+    throw new CustomError(400, t('missingInviteId', locale));
+  }
+  const blocklet = await req.getBlocklet();
+  const teamDid = blocklet.appPid;
+  const verifyCode = await userUtil.getVerifyCodeFromReq({ logger, req });
+  const verifyCodeResult = await node.consumeVerifyCode({ teamDid, code: verifyCode });
+  if (!verifyCodeResult) {
+    throw new CustomError(400, t('invalidVerifyCode', locale));
+  }
+  logger.info('Email invite: consume verify code', { teamDid, code: verifyCode, result: verifyCodeResult });
+  // 保持跟 oauth 账户的格式一致
+  const sub = `email|${verifyCodeResult.subject}`;
+  const { wallet: userWallet } = await userUtil.getUserFromSub(sub, { req });
+  const userInfo = {
+    email: verifyCodeResult.subject,
+    provider: LOGIN_PROVIDER.EMAIL,
+  };
+  const userDid = userWallet.address;
+  const userPk = userWallet.publicKey;
+  let profile;
+  let currentUser = await federatedUtil.getUserWithinFederated(
+    { sourceAppPid, teamDid, userDid, userPk },
+    { node, blocklet }
+  );
+  logger.info('Email invite: get user info', { teamDid, currentUser });
+  const nodeInfo = await req.getNodeInfo();
+  const { name: applicationName } = await getApplicationInfo({ node, nodeInfo, teamDid });
+  if (!currentUser) {
+    currentUser = {
+      did: userDid,
+      pk: userPk,
+    };
+    const avatar = await userUtil.getAvatarBnByEmail(verifyCodeResult.subject, { req, node });
+    profile = {
+      fullName: userUtil.getUserNameByEmail(verifyCodeResult.subject),
+      avatar,
+      email: verifyCodeResult.subject,
+      // email 登录默认认为邮箱已验证
+      emailVerified: true,
+    };
+  }
+  const statusEndpointBaseUrl = joinURL(baseUrl, WELLKNOWN_SERVICE_PATH_PREFIX);
+  const endpoint = baseUrl;
+  const { passport, response, role, inviteInfo, user } = await handleInvitationReceive({
+    req,
+    node,
+    endpoint,
+    inviteId,
+    nodeInfo,
+    profile: profile || {
+      email: currentUser.email,
+      fullName: currentUser.fullName,
+      avatar: getUserAvatarUrl(baseUrl, currentUser.avatar),
+    },
+    statusEndpointBaseUrl,
+    teamDid,
+    userDid: userWallet.address,
+    userPk: userWallet.publicKey,
+    locale,
+    provider: LOGIN_PROVIDER.EMAIL,
+  });
+  if (currentUser) {
+    const walletDid = getWalletDid(currentUser);
+    if (walletDid) {
+      // 如果已经绑定了 wallet 账户，则将 passport 发送给 wallet 账户
+      await sendToUser(
+        walletDid,
+        {
+          title: 'Invitation accepted',
+          body: `You accept an invitation to be a ${role} of ${applicationName}`,
+          attachments: [
+            {
+              type: 'vc',
+              data: {
+                credential: response.data,
+                tag: role,
+              },
+            },
+          ],
+        },
+        { req }
+      );
+    }
+  }
+  const connectedAccount = {
+    provider: LOGIN_PROVIDER.EMAIL,
+    id: sub,
+    did: userWallet.address,
+    pk: userWallet.publicKey,
+    userInfo,
+  };
+  if (profile) {
+    profile.inviter = inviteInfo.inviter?.did;
+  }
+  const { sessionToken, refreshToken, visitorId } = await userUtil.loginUserSession(
+    {
+      did: currentUser.did,
+      pk: currentUser.pk,
+      profile,
+      passport,
+      sourceAppPid,
+      connectedAccount,
+    },
+    { req, node, options, loggedUser: user }
+  );
+  return {
+    sessionToken,
+    refreshToken,
+    visitorId,
+  };
+}
 const privacyConfigInputSchema = Joi.object({
   userDid: Joi.DID().required(),
 });
@@ -545,7 +740,7 @@ module.exports = {
     // 应用后端自行登录逻辑（SDK 中调用）
     server.post([`${prefix}/login`, `${prefixApi}/login`], verifySig, async (req, res) => {
       try {
-        const data = await login(req, node, options);
+        const data = await loginSDK(req, node, options);
         res.status(200).json(data);
       } catch (err) {
         logger.error('Failed login', { error: err });
@@ -647,8 +842,7 @@ module.exports = {
         { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
       );
       const ua = req.get('user-agent');
-      const walletDeviceMessageToken = req.get('wallet-device-message-token');
-      const walletDeviceId = req.get('wallet-device-id');
+      const deviceData = getDeviceData({ req });
       const userSession = await node.upsertUserSession({
         visitorId,
         teamDid,
@@ -659,8 +853,7 @@ module.exports = {
         lastLoginIp,
         extra: {
           walletOS,
-          walletDeviceMessageToken,
-          walletDeviceId,
+          device: deviceData,
         },
       });
       node.syncUserSession({
@@ -673,8 +866,7 @@ module.exports = {
         lastLoginIp,
         extra: {
           walletOS,
-          walletDeviceMessageToken,
-          walletDeviceId,
+          device: deviceData,
         },
       });
@@ -700,7 +892,7 @@ module.exports = {
       const { did: teamDid } = await req.getBlockletInfo();
       const pendingList = users.map(async (item) => {
         if (item?.did && item?.pk) {
-          const findUser = await getUserWithinFederated(
+          const findUser = await federatedUtil.getUserWithinFederated(
             { sourceAppPid, teamDid, userDid: item.did, userPk: item.pk },
             { node, blocklet }
           );
@@ -971,230 +1163,26 @@ module.exports = {
       }
     });
     server.post(`${prefixApi}/email/login`, ensureBlocklet(), ensureCors, async (req, res) => {
-      try {
-        const { locale = 'en' } = req.query;
-        const { blocklet } = req;
-        const teamDid = blocklet.appPid;
-        let passport = { name: 'Guest', role: 'guest' };
-        const { code, magicToken, sourceAppPid = null } = req.body;
-        const blockletInfo = await req.getBlockletInfo();
-        let finalCode = code;
-        if (!code && magicToken) {
-          const valid = await JWT.verify(magicToken, blockletInfo.wallet.publicKey);
-          if (!valid) {
-            logger.error('Email login: Invalid magic token', { teamDid, magicToken });
-            throw new CustomError(401, 'Invalid magic link');
-          }
-          const decodeData = JWT.decode(magicToken, true);
-          if (!decodeData?.data?.code) {
-            logger.error('Email login: failed to parse magicToken data', { teamDid, magicToken, decodeData });
-            throw new CustomError(400, 'Invalid magic token format');
-          }
-          finalCode = decodeData?.data?.code;
-        }
-        const verifyCodeResult = await node.consumeVerifyCode({ teamDid, code: finalCode });
-        if (!verifyCodeResult) {
-          throw new CustomError(400, 'Invalid verify code');
-        }
-        logger.info('Email login: consume verify code', { teamDid, code, result: verifyCodeResult });
-        // 保持跟 oauth 账户的格式一致
-        const sub = `email|${verifyCodeResult.subject}`;
-        let userWallet;
-        if (sourceAppPid) {
-          const masterSite = federatedUtil.getFederatedMaster(blocklet);
-          const { permanentWallet } = blockletInfo;
-          const result = await callFederated({
-            action: 'getUser',
-            site: masterSite,
-            permanentWallet,
-            data: {
-              userSub: sub,
-            },
-          });
-          userWallet = result?.wallet;
-        } else {
-          userWallet = fromAppDid(sub, blockletInfo.wallet.secretKey);
-        }
-        const lastLoginIp = getRequestIP(req);
-        const userDid = userWallet.address;
-        const userPk = userWallet.publicKey;
-        let doc;
-        let passportForLog;
-        let profile;
-        let currentUser = await node.getUser({ teamDid, user: { did: userWallet.address } });
-        const connectedAccount = {
-          provider: LOGIN_PROVIDER.EMAIL,
-          did: userDid,
-          pk: userPk,
-          id: sub,
-        };
-        if (currentUser) {
-          profile = {
-            fullName: currentUser.fullName,
-            email: currentUser.email,
-            avatar: currentUser.avatar,
-          };
-          const allPassports = currentUser.passports || [];
-          const validPassports = allPassports.filter((item) => item.status === PASSPORT_STATUS.VALID);
-          const lastUsedPassport = last(sortBy(validPassports, 'lastLoginAt'));
-          passportForLog = lastUsedPassport;
-          if (lastUsedPassport) {
-            passport = pick(lastUsedPassport, ['id', 'name', 'role', 'scope']);
-          }
-          doc = await node.loginUser({
-            teamDid,
-            user: {
-              did: currentUser.did,
-              pk: currentUser.pk,
-              locale,
-              lastLoginIp,
-              sourceAppPid,
-              passport: lastUsedPassport,
-              connectedAccount,
-            },
-          });
-        } else {
-          await checkNeedInvite({ req, node, teamDid, locale });
-          currentUser = {
-            did: userWallet.address,
-            pk: userWallet.publicKey,
-          };
-          const nodeInfo = await req.getNodeInfo();
-          const { dataDir } = await getApplicationInfo({ node, nodeInfo, teamDid });
-          let avatar = await getAvatarByEmail(verifyCodeResult.subject);
-          avatar = await extractUserAvatar(avatar, { dataDir });
-          profile = {
-            fullName: verifyCodeResult.subject.split('@')[0],
-            email: verifyCodeResult.subject,
-            avatar,
-            // email 登录默认认为邮箱已验证
-            emailVerified: true,
-          };
-          // 实际创建用户
-          doc = await node.loginUser({
-            teamDid,
-            user: {
-              did: currentUser.did,
-              pk: currentUser.pk,
-              ...profile,
-              locale,
-              lastLoginIp,
-              sourceAppPid,
-              connectedAccount,
-            },
-          });
-        }
-        await node.createAuditLog(
-          {
-            action: 'login',
-            args: {
-              teamDid,
-              userDid: currentUser.did || userDid,
-              passport: passportForLog,
-              provider: LOGIN_PROVIDER.EMAIL,
-              sourceAppPid,
-            },
-            context: formatContext(Object.assign(req, { user: doc })),
-            result: doc,
-          },
-          node
-        );
-        const ua = req.get('user-agent');
-        const visitorId = req.get('x-blocklet-visitor-id');
-        const walletDeviceMessageToken = req.get('wallet-device-message-token');
-        const walletDeviceId = req.get('wallet-device-id');
-        const userSessionDoc = await node.upsertUserSession({
-          teamDid,
-          userDid: currentUser.did,
-          visitorId,
-          appPid: teamDid,
-          passportId: passport?.id,
-          status: 'online',
-          ua: null,
-          lastLoginIp,
-          extra: {
-            walletOS: 'web',
-            walletDeviceMessageToken,
-            walletDeviceId,
-          },
-        });
-        if (federatedUtil.shouldSyncFederated(sourceAppPid, blocklet)) {
-          const syncUserData = {
-            did: currentUser.did,
-            pk: currentUser.pk,
-            ...profile,
-            avatar: getUserAvatarUrl(blockletInfo.appUrl, profile.avatar),
-            connectedAccount: [connectedAccount],
-            inviter: doc.inviter,
-          };
-          const masterSite = federatedUtil.getFederatedMaster(blocklet);
+      const { action = 'login' } = req.body;
+      const actionMap = {
+        login: loginEmail,
+        invite: inviteEmail,
+      };
+      if (!actionMap[action]) {
+        logger.error('Failed to login by email', { error: 'action not exist', action });
+        throw new Error(`action not exist: ${action}`);
+      }
-          node
-            .syncFederated({
-              did: teamDid,
-              data: {
-                users: [
-                  {
-                    ...syncUserData,
-                    action: 'connectAccount',
-                    sourceAppPid: sourceAppPid || masterSite?.appPid,
-                  },
-                ],
-              },
-            })
-            .then(() => {
-              node.syncUserSession({
-                teamDid,
-                userDid: userSessionDoc.userDid,
-                visitorId: userSessionDoc.visitorId,
-                passportId: passport?.id,
-                targetAppPid: sourceAppPid,
-                ua,
-                lastLoginIp,
-                extra: {
-                  walletOS: 'web',
-                  walletDeviceMessageToken,
-                  walletDeviceId,
-                },
-              });
-            });
+      try {
+        const result = await actionMap[action](req, node, options);
+        res.json(result);
+      } catch (err) {
+        logger.error('Failed login email', { error: err, action });
+        if (err instanceof CustomError) {
+          res.status(err.code).send(err.message);
+          return;
         }
-        const { createSessionToken } = initJwt(node, options);
-        const createToken = createTokenFn(createSessionToken);
-        const sessionConfig = blocklet.settings?.session || {};
-        const { sessionToken, refreshToken } = createToken(
-          currentUser.did,
-          {
-            secret: blockletInfo.secret,
-            passport,
-            role: passport.scope === 'passport' ? passport.role : ROLES.GUEST,
-            fullName: doc.fullName,
-            provider: LOGIN_PROVIDER.EMAIL,
-            walletOS: 'web',
-            emailVerified: !!doc?.emailVerified,
-            phoneVerified: !!doc?.phoneVerified,
-          },
-          { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
-        );
-        return res.status(200).json({
-          sessionToken,
-          refreshToken,
-          visitorId: userSessionDoc.visitorId,
-        });
-      } catch (error) {
-        logger.error('Email login failed', { error });
-        return res.status(400).send(error.message);
+        throw err;
       }
     });
@@ -1434,7 +1422,7 @@ module.exports = {
         return;
       }
       if (user.avatar) {
-        user.avatar = getRawUserAvatarUrl(user.avatar, blocklet);
+        user.avatar = federatedUtil.getUserAvatarUrl(user.avatar, blocklet);
       }
       let returnFields = ['avatar', 'did', 'fullName', 'sourceAppPid', 'createdAt', 'email', 'phone', 'metadata'];