@abtnode/core 1.16.11-next-069c3537 → 1.16.11-next-a232f5fb

package/lib/api/node.js

@@ -83,7 +83,7 @@ class NodeAPI {
   }
 
   deleteCache() {
-    this.cache.del('del');
+    this.cache.del('info');
   }
 
   async getDiskInfo() {

package/lib/blocklet/manager/disk.js

@@ -66,6 +66,7 @@ const {
   RESTORE_PROGRESS_STATUS,
   CHAIN_PROP_MAP_REVERSE,
 } = require('@blocklet/constant');
+const { consumeServerlessNFT, consumeLauncherSession } = require('../../util/launcher');
 const util = require('../../util');
 const {
   refresh: refreshAccessibleExternalNodeIp,
@@ -94,7 +95,6 @@ const {
   getBlocklet,
   ensureEnvDefault,
   getConfigFromPreferences,
-  consumeServerlessNFT,
   validateAppConfig,
   checkDuplicateMountPoint,
   validateStore,
@@ -2308,14 +2308,22 @@ class BlockletManager extends BaseBlockletManager {
         });
       }
 
-      if (blocklet?.controller?.nftId && process.env.NODE_ENV !== 'test') {
-        const nodeInfo = await states.node.read();
-        await consumeServerlessNFT({ nftId: blocklet.controller.nftId, nodeInfo, blocklet });
-        await states.blockletExtras.updateByDid(did, {
-          controller: { ...blocklet.controller, consumedAt: new Date().toISOString() },
-        });
+      if (blocklet.controller && process.env.NODE_ENV !== 'test') {
+        let isNFTConsumed = false;
+        if (blocklet.controller.launcherSessionId && blocklet.controller.launcherUrl) {
+          await consumeLauncherSession({ params: blocklet.controller, blocklet });
+          isNFTConsumed = true;
+        } else if (blocklet.controller.nftId) {
+          await consumeServerlessNFT({ nftId: blocklet.controller.nftId, blocklet });
+          isNFTConsumed = true;
+        }
 
-        this.emit(BlockletEvents.nftConsumed, { blocklet, context });
+        if (isNFTConsumed) {
+          await states.blockletExtras.updateByDid(did, {
+            controller: { ...blocklet.controller, consumedAt: new Date().toISOString() },
+          });
+          this.emit(BlockletEvents.nftConsumed, { blocklet, context });
+        }
       }
 
       if (createNotification) {

package/lib/blocklet/manager/helper/install-application-from-general.js

@@ -54,9 +54,7 @@ const installApplicationFromGeneral = async ({
 
   // check install count
   if (controller?.nftId) {
-    // sometimes nedb will throw error if use states.blocklet.count({ ['controller.nftId']: controller.nftId })
     const installedCount = await states.blockletExtras.count({ 'controller.nftId': controller.nftId });
-
     if (installedCount >= (controller.appMaxCount || 1)) {
       throw new Error(
         `You can only install ${controller.appMaxCount} blocklet with this credential: ${controller.nftId}`
@@ -120,7 +118,24 @@ const installApplicationFromGeneral = async ({
       },
     ]);
   } catch (err) {
-    await manager._rollback('install', did, {});
+    const componentDid = component?.meta?.did;
+    logger.error('failed to create blocklet extras', { did, componentDid, error: err });
+
+    try {
+      await manager._rollback('install', did, {});
+    } catch (e) {
+      logger.error('failed to remove blocklet on create extras error', { did, componentDid, error: e });
+    }
+
+    manager._createNotification(did, {
+      title: 'Blocklet Install Failed',
+      description: `Blocklet ${title || component?.meta?.title} install failed with error: ${err.message}`,
+      entityType: 'blocklet',
+      entityId: did,
+      severity: 'error',
+    });
+
+    throw err;
   }
 
   if (!blocklet.children.length) {

package/lib/index.js

@@ -16,6 +16,7 @@ const getRouterHelpers = require('./router/helper');
 const TeamManager = require('./team/manager');
 const NodeAPI = require('./api/node');
 const TeamAPI = require('./api/team');
+const { getLauncherSession, isLauncherSessionConsumed, setupAppOwner } = require('./util/launcher');
 const WebHook = require('./webhook');
 const states = require('./states');
 const Cert = require('./cert');
@@ -250,7 +251,6 @@ function ABTNode(options) {
     devBlocklet: blockletManager.dev.bind(blockletManager),
     checkComponentsForUpdates: blockletManager.checkComponentsForUpdates.bind(blockletManager),
     upgradeComponents: blockletManager.upgradeComponents.bind(blockletManager),
-    getBlockletMetaFromUrl: getMetaFromUrl.bind(blockletManager),
     getBlockletForLauncher: blockletManager.getBlockletForLauncher.bind(blockletManager),
     resetBlocklet: blockletManager.reset.bind(blockletManager),
     deleteBlockletProcess: blockletManager.deleteProcess.bind(blockletManager),
@@ -462,6 +462,12 @@ function ABTNode(options) {
 
     // for exporting blocklet data dir
     createBlockletDataArchive: createDataArchive,
+
+    // public utils used in launch workflow
+    getBlockletMetaFromUrl: getMetaFromUrl,
+    getLauncherSession,
+    isLauncherSessionConsumed,
+    setupAppOwner,
   };
 
   const events = createEvents({

package/lib/states/blocklet-extras.js

@@ -226,6 +226,16 @@ class BlockletExtrasState extends BaseState {
     return docs.filter((x) => x.controller?.nftId).filter((x) => x.expiredAt <= deadline);
   }
 
+  async isLauncherSessionConsumed(sessionId) {
+    const count = await super.count({ 'controller.sessionId': sessionId });
+    return count > 0;
+  }
+
+  async isLauncherNftConsumed(nftId) {
+    const count = await super.count({ 'controller.nftId': nftId });
+    return count > 0;
+  }
+
   encryptSecurityData({ data, _rootDid } = {}) {
     if (!data) {
       return data;

package/lib/util/blocklet.js

@@ -3,10 +3,8 @@
 const fs = require('fs-extra');
 const path = require('path');
 const dayjs = require('dayjs');
-const joinURL = require('url-join');
 const shelljs = require('shelljs');
 const os = require('os');
-const pRetry = require('p-retry');
 const tar = require('tar');
 const get = require('lodash/get');
 const uniq = require('lodash/uniq');
@@ -19,19 +17,16 @@ const diff = require('deep-diff');
 const createArchive = require('archiver');
 const isUrl = require('is-url');
 const semver = require('semver');
-const axios = require('@abtnode/util/lib/axios');
-const { stableStringify } = require('@arcblock/vc');
 const { chainInfo: chainInfoSchema } = require('@arcblock/did-auth/lib/schema');
 
 const { fromSecretKey } = require('@ocap/wallet');
-const { toHex, toBase58, isHex, toDid, toAddress } = require('@ocap/util');
+const { toHex, isHex, toDid, toAddress } = require('@ocap/util');
 const { isValid: isValidDid, isEthereumDid } = require('@arcblock/did');
 const logger = require('@abtnode/logger')('@abtnode/core:util:blocklet');
 const pm2 = require('@abtnode/util/lib/async-pm2');
 const sleep = require('@abtnode/util/lib/sleep');
 const getPm2ProcessInfo = require('@abtnode/util/lib/get-pm2-process-info');
 const killProcessOccupiedPorts = require('@abtnode/util/lib/kill-process-occupied-ports');
-const getNodeWallet = require('@abtnode/util/lib/get-app-wallet');
 const { formatEnv } = require('@abtnode/util/lib/security');
 const ensureEndpointHealthy = require('@abtnode/util/lib/ensure-endpoint-healthy');
 const CustomError = require('@abtnode/util/lib/custom-error');
@@ -100,7 +95,7 @@ const { validate: validateEngine, get: getEngine } = require('../blocklet/manage
 
 const isRequirementsSatisfied = require('./requirement');
 const { getDidDomainForBlocklet } = require('./get-domain-for-blocklet');
-const { expandBundle, findInterfacePortByName, prettyURL, getNFTState, templateReplace } = require('./index');
+const { expandBundle, findInterfacePortByName, prettyURL, templateReplace } = require('./index');
 const externalIpUtil = require('./get-accessible-external-node-ip');
 const { getIpDnsDomainForBlocklet } = require('./get-domain-for-blocklet');
 const { replaceDomainSlot } = require('./index');
@@ -1538,51 +1533,6 @@ const getBlockletURLForLauncher = async ({ blocklet, nodeInfo }) => {
   const didDomain = getDidDomainForBlocklet({ appPid: blocklet.appPid, didDomain: nodeInfo.didDomain });
   return `https://${didDomain}`;
 };
-
-const consumeServerlessNFT = async ({ nftId, nodeInfo, blocklet }) => {
-  try {
-    const state = await getNFTState(blocklet.controller.chainHost, nftId);
-    if (!state) {
-      throw new Error(`get nft state failed, chainHost: ${blocklet.controller.chainHost}, nftId: ${nftId}`);
-    }
-
-    const appURL = await getBlockletURLForLauncher({ blocklet, nodeInfo });
-
-    logger.info('app url when consuming nft', { appURL, nftId });
-
-    const body = { nftId, appURL };
-
-    const { launcherUrl } = state.data.value;
-
-    const wallet = getNodeWallet(nodeInfo.sk);
-    const func = async () => {
-      const { data } = await axios.post(joinURL(launcherUrl, '/api/serverless/consume'), body, {
-        headers: {
-          'x-sig': toBase58(wallet.sign(stableStringify(body))),
-        },
-      });
-
-      return data;
-    };
-
-    const delay = 10 * 1000;
-    const result = await pRetry(func, {
-      retries: 3,
-      minTimeout: delay,
-      maxTimeout: delay,
-      onFailedAttempt: (error) => {
-        logger.error(`attempt consume nft ${nftId} failed`, { error });
-      },
-    });
-
-    logger.info('consume serverless nft success', { nftId, hash: result.hash });
-  } catch (error) {
-    logger.error('consume serverless nft failed', { nftId, error });
-
-    throw new Error(`consume nft ${nftId} failed`);
-  }
-};
-
 const createDataArchive = (dataDir, fileName) => {
   const zipPath = path.join(os.tmpdir(), fileName);
   if (fs.existsSync(zipPath)) {
@@ -1958,7 +1908,6 @@ const shouldCleanExpiredBlocklet = (expirationDate) => {
 
 module.exports = {
   updateBlockletFallbackLogo,
-  consumeServerlessNFT,
   forEachBlocklet,
   getBlockletMetaFromUrl: (url) => getBlockletMetaFromUrl(url, { logger }),
   parseComponents,

package/lib/util/launcher.js

@@ -0,0 +1,237 @@
+const path = require('path');
+const fs = require('fs-extra');
+const joinUrl = require('url-join');
+const pick = require('lodash/pick');
+const joinURL = require('url-join');
+const { parseUserAvatar, extractUserAvatar, getAvatarFile, getAvatarByUrl } = require('@abtnode/util/lib/user');
+const { Hasher } = require('@ocap/mcrypto');
+const { getDisplayName } = require('@blocklet/meta/lib/util');
+const getBlockletInfo = require('@blocklet/meta/lib/info');
+
+const { getLauncherUser, getLauncherSession: getLauncherSessionRaw, doRequest } = require('@abtnode/auth/lib/launcher');
+const { createAuthToken, getPassportStatusEndpoint } = require('@abtnode/auth/lib/auth');
+const { createPassportVC, createPassport, createUserPassport } = require('@abtnode/auth/lib/passport');
+
+const { BlockletStatus } = require('@blocklet/constant');
+const {
+  WELLKNOWN_SERVICE_PATH_PREFIX,
+  NODE_DATA_DIR_NAME,
+  USER_AVATAR_URL_PREFIX,
+  ROLES,
+} = require('@abtnode/constant');
+
+const logger = require('@abtnode/logger')('@abtnode/core:util:launcher');
+
+const { getNFTState } = require('./index');
+const { getBlockletURLForLauncher } = require('./blocklet');
+const states = require('../states');
+
+const consumeServerlessNFT = async ({ nftId, blocklet }) => {
+  try {
+    const state = await getNFTState(blocklet.controller.chainHost, nftId);
+    if (!state) {
+      throw new Error(`Get nft state failed, chainHost: ${blocklet.controller.chainHost}, nftId: ${nftId}`);
+    }
+
+    const nodeInfo = await states.node.read();
+    const appURL = await getBlockletURLForLauncher({ blocklet, nodeInfo });
+    logger.info('Consuming serverless nft params', { appURL, nftId });
+
+    const { launcherUrl } = state.data.value;
+    const result = await doRequest(nodeInfo.sk, {
+      launcherUrl,
+      pathname: '/api/serverless/consume',
+      payload: { nftId, appURL },
+      method: 'post',
+    });
+
+    logger.info('Consume serverless nft success', { nftId, hash: result.hash });
+  } catch (error) {
+    logger.error('Consume serverless nft failed', { nftId, error });
+    throw new Error(`consume nft ${nftId} failed`);
+  }
+};
+
+const consumeLauncherSession = async ({ params, blocklet }) => {
+  try {
+    const info = await states.node.read();
+    const { appUrl, name } = getBlockletInfo(blocklet, info.sk);
+    const result = await doRequest(info.sk, {
+      launcherUrl: params.launcherUrl,
+      pathname: `/api/launches/${params.launcherSessionId}/installed`,
+      payload: { appDid: blocklet.appPid, appUrl, appName: name, ownerDid: params.ownerDid },
+      method: 'post',
+    });
+
+    logger.info('Consume launcher session success', { params, result });
+  } catch (error) {
+    logger.error('Consume launcher session failed', { params, error });
+    throw new Error(`Consume launcher session ${params.launcherSessionId} failed`);
+  }
+};
+
+const setupAppOwner = async (node, sessionId) => {
+  const session = await node.getSession({ id: sessionId });
+  if (!session) {
+    throw new Error(`Blocklet setup session not found in server: ${sessionId}`);
+  }
+
+  const { appDid, userDid, ownerDid, ownerPk, lastLoginIp, context, locale, launcherUrl, launcherSessionId } = session;
+  const [info, blocklet] = await Promise.all([states.node.read(), states.blocklet.getBlocklet(appDid)]);
+  if (!blocklet) {
+    throw new Error(`Blocklet not found in server: ${appDid}`);
+  }
+  if (blocklet.status !== BlockletStatus.installed) {
+    throw new Error(`Blocklet status not expected: ${appDid}`);
+  }
+
+  const { wallet } = getBlockletInfo(blocklet, info.sk);
+  const appUrl = blocklet.environments.find((x) => x.key === 'BLOCKLET_APP_URL').value;
+  const dataDir = blocklet.environments.find((x) => x.key === 'BLOCKLET_DATA_DIR').value;
+  const serverDataDir = path.join(node.dataDirs.data, NODE_DATA_DIR_NAME);
+
+  let user;
+  let appOwnerProfile;
+  // get user from launcher or server
+  if (launcherUrl && launcherSessionId) {
+    user = await getLauncherUser(info.sk, { launcherUrl, launcherSessionId });
+    if (!user) {
+      throw new Error(`Owner user not found from launcher: ${launcherUrl}`);
+    }
+    appOwnerProfile = pick(user, ['fullName', 'email', 'avatar']);
+    const avatarBase64 = await getAvatarByUrl(joinURL(launcherUrl, user.avatar));
+    appOwnerProfile.avatar = await extractUserAvatar(avatarBase64, { dataDir });
+    logger.info('Create owner from launcher for blocklet', { appDid, ownerDid, ownerPk, sessionId, appOwnerProfile });
+  } else {
+    user = await node.getUser({ teamDid: info.did, user: { did: userDid } });
+    if (!user) {
+      throw new Error(`Owner user not found in server: ${userDid}`);
+    }
+    appOwnerProfile = pick(user, ['fullName', 'email', 'avatar']);
+    if (user.avatar && user.avatar.startsWith(USER_AVATAR_URL_PREFIX)) {
+      const filename = user.avatar.split('/').pop();
+      const srcFile = getAvatarFile(serverDataDir, filename);
+      const destFile = getAvatarFile(dataDir, filename);
+      fs.mkdirpSync(path.dirname(destFile));
+      fs.copyFileSync(srcFile, destFile);
+    } else {
+      appOwnerProfile.avatar = extractUserAvatar(user.avatar, { dataDir });
+    }
+    logger.info('Create owner from session for blocklet', { appDid, ownerDid, ownerPk, sessionId, appOwnerProfile });
+  }
+
+  // create and send owner passport
+  const role = ROLES.OWNER;
+  const vc = createPassportVC({
+    issuerName: getDisplayName(blocklet),
+    issuerWallet: wallet,
+    ownerDid,
+    passport: await createPassport({
+      name: role,
+      node,
+      teamDid: appDid,
+      locale,
+      endpoint: appUrl,
+    }),
+    endpoint: getPassportStatusEndpoint({
+      baseUrl: joinUrl(appUrl, WELLKNOWN_SERVICE_PATH_PREFIX),
+      userDid: ownerDid,
+      teamDid: appDid,
+    }),
+    ownerProfile: { ...appOwnerProfile, avatar: parseUserAvatar(user.avatar, { dataDir: serverDataDir }) },
+    preferredColor: 'default',
+    expirationDate: undefined,
+  });
+
+  // create app owner passport
+  const passport = createUserPassport(vc, { role });
+
+  // add app owner to database
+  const doc = await node.loginUser({
+    teamDid: appDid,
+    user: {
+      ...appOwnerProfile,
+      did: ownerDid,
+      pk: ownerPk,
+      passport,
+      locale,
+      lastLoginIp,
+      connectedAccount: {
+        provider: 'wallet',
+        did: ownerDid,
+        pk: ownerPk,
+      },
+    },
+  });
+  await node.createAuditLog(
+    {
+      action: 'addUser',
+      args: { teamDid: appDid, userDid: ownerDid, reason: 'launch blocklet' },
+      context: { ...context, user: doc },
+      result: doc,
+    },
+    node
+  );
+  logger.info('Create owner for blocklet', { appDid, ownerDid, sessionId });
+
+  // create owner login token that can be used to login on blocklet site
+  const appSecret = Hasher.SHA3.hash256(Buffer.concat([wallet.secretKey, wallet.address].map(Buffer.from)));
+  const setupToken = createAuthToken({
+    did: ownerDid,
+    passport,
+    role,
+    secret: appSecret,
+    expiresIn: '7d',
+  });
+
+  await node.endSession({ id: sessionId });
+  logger.info('Complete install for blocklet', { appDid, ownerDid, sessionId });
+
+  return {
+    session,
+    blocklet,
+    setupToken,
+    passport: vc,
+  };
+};
+
+const getLauncherSession = async ({ launcherUrl, launcherSessionId, external = true }) => {
+  const info = await states.node.read();
+  const result = await getLauncherSessionRaw(info.sk, { launcherUrl, launcherSessionId });
+
+  // strip sensitive data if call from external
+  if (external && result.launcherSession) {
+    result.launcherSession = pick(result.launcherSession, ['_id', 'status']);
+  }
+
+  return result;
+};
+
+// Check local first, then remote, FIXME: @wangshijun should we check on chain nft?
+const isLauncherSessionConsumed = async (params) => {
+  let consumed = await states.blockletExtras.isLauncherSessionConsumed(params.launcherSessionId);
+  logger.info('Launcher session consumed at local?', { params, consumed });
+  if (consumed) {
+    return true;
+  }
+
+  const { error, launcherSession } = await getLauncherSession(params);
+  if (error) {
+    throw new Error(error);
+  }
+  if (!launcherSession) {
+    throw new Error('Launcher session not found');
+  }
+
+  consumed = launcherSession.status > 40;
+  logger.info('Launcher session consumed at remote?', { params, consumed });
+  return consumed;
+};
+
+module.exports = {
+  consumeServerlessNFT,
+  consumeLauncherSession,
+  setupAppOwner,
+  getLauncherSession,
+  isLauncherSessionConsumed,
+};

package/lib/validators/util.js

@@ -15,6 +15,9 @@ const blockletController = Joi.object({
   nftOwner: Joi.DID().required(),
   chainHost: Joi.string().uri().required(),
   appMaxCount: Joi.number().required().min(1),
+  launcherUrl: Joi.string().uri().optional(),
+  launcherSessionId: Joi.string().optional(),
+  ownerDid: Joi.DID().optional(),
 }).options({ stripUnknown: true });
 
 const createValidator = (schema) => (entity) => schema.validateAsync(entity);

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.11-next-069c3537",
+  "version": "1.16.11-next-a232f5fb",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,18 +19,18 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/auth": "1.16.11-next-069c3537",
-    "@abtnode/certificate-manager": "1.16.11-next-069c3537",
-    "@abtnode/constant": "1.16.11-next-069c3537",
-    "@abtnode/cron": "1.16.11-next-069c3537",
-    "@abtnode/logger": "1.16.11-next-069c3537",
-    "@abtnode/models": "1.16.11-next-069c3537",
-    "@abtnode/queue": "1.16.11-next-069c3537",
-    "@abtnode/rbac": "1.16.11-next-069c3537",
-    "@abtnode/router-provider": "1.16.11-next-069c3537",
-    "@abtnode/static-server": "1.16.11-next-069c3537",
-    "@abtnode/timemachine": "1.16.11-next-069c3537",
-    "@abtnode/util": "1.16.11-next-069c3537",
+    "@abtnode/auth": "1.16.11-next-a232f5fb",
+    "@abtnode/certificate-manager": "1.16.11-next-a232f5fb",
+    "@abtnode/constant": "1.16.11-next-a232f5fb",
+    "@abtnode/cron": "1.16.11-next-a232f5fb",
+    "@abtnode/logger": "1.16.11-next-a232f5fb",
+    "@abtnode/models": "1.16.11-next-a232f5fb",
+    "@abtnode/queue": "1.16.11-next-a232f5fb",
+    "@abtnode/rbac": "1.16.11-next-a232f5fb",
+    "@abtnode/router-provider": "1.16.11-next-a232f5fb",
+    "@abtnode/static-server": "1.16.11-next-a232f5fb",
+    "@abtnode/timemachine": "1.16.11-next-a232f5fb",
+    "@abtnode/util": "1.16.11-next-a232f5fb",
     "@arcblock/did": "1.18.80",
     "@arcblock/did-auth": "1.18.80",
     "@arcblock/did-ext": "^1.18.80",
@@ -41,10 +41,10 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "^1.18.80",
     "@arcblock/vc": "1.18.80",
-    "@blocklet/constant": "1.16.11-next-069c3537",
-    "@blocklet/meta": "1.16.11-next-069c3537",
-    "@blocklet/sdk": "1.16.11-next-069c3537",
-    "@did-space/client": "^0.2.99",
+    "@blocklet/constant": "1.16.11-next-a232f5fb",
+    "@blocklet/meta": "1.16.11-next-a232f5fb",
+    "@blocklet/sdk": "1.16.11-next-a232f5fb",
+    "@did-space/client": "^0.2.112",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "1.18.80",
     "@ocap/util": "1.18.80",
@@ -96,5 +96,5 @@
     "express": "^4.18.2",
     "jest": "^27.5.1"
   },
-  "gitHead": "680dafcd7c2d446013abf25a370b8cfb70bfa7eb"
+  "gitHead": "1af264e9b6648aa191fbf23c67717262ac717697"
 }