@abtnode/core 1.8.66-beta-7f4224af → 1.8.66

package/lib/blocklet/manager/disk.js

@@ -15,18 +15,20 @@ const { isNFTExpired, getNftExpirationDate } = require('@abtnode/util/lib/nft');
 const didDocument = require('@abtnode/util/lib/did-document');
 const { sign } = require('@arcblock/jwt');
 const { isValid: isValidDid } = require('@arcblock/did');
+const { verifyPresentation } = require('@arcblock/vc');
 const { toSvg: createDidLogo } =
   process.env.NODE_ENV !== 'test' ? require('@arcblock/did-motif') : require('@arcblock/did-motif/dist/did-motif.cjs');
 const getBlockletInfo = require('@blocklet/meta/lib/info');
 const sleep = require('@abtnode/util/lib/sleep');
 
 const logger = require('@abtnode/logger')('@abtnode/core:blocklet:manager');
+const { getVcFromPresentation } = require('@abtnode/util/lib/vc');
 const {
+  VC_TYPE_BLOCKLET_PURCHASE,
   WHO_CAN_ACCESS,
   SERVER_ROLES,
   WHO_CAN_ACCESS_PREFIX_ROLES,
   BLOCKLET_INSTALL_TYPE,
-  NODE_MODES,
 } = require('@abtnode/constant');
 
 const getBlockletEngine = require('@blocklet/meta/lib/engine');
@@ -109,8 +111,6 @@ const {
   validateAppConfig,
   checkDuplicateAppSk,
   checkDuplicateMountPoint,
-  validateStore,
-  validateInServerless,
 } = require('../../util/blocklet');
 const StoreUtil = require('../../util/store');
 const states = require('../../states');
@@ -242,8 +242,6 @@ class BlockletManager extends BaseBlockletManager {
    *  did: string;
    *  title: string;
    *  description: string;
-   *  storeUrl: string;
-   *  blockletSecretKey: string;
    *  sync: boolean = false; // download synchronously, not use queue
    *  delay: number; // push download task to queue after a delay
    *  downloadTokenList: Array<{did: string, token: string}>;
@@ -331,7 +329,7 @@ class BlockletManager extends BaseBlockletManager {
   async installComponent(
     {
       rootDid,
-      mountPoint,
+      mountPoint: tmpMountPoint,
       url,
       file,
       did,
@@ -345,15 +343,10 @@ class BlockletManager extends BaseBlockletManager {
     },
     context = {}
   ) {
+    const mountPoint = await mountPointSchema.validateAsync(tmpMountPoint);
     logger.debug('start install component', { rootDid, mountPoint, url });
 
     if (file) {
-      // TODO: 如何触发这种场景？
-      const info = await states.node.read();
-      if (info.mode === NODE_MODES.SERVERLESS) {
-        throw new Error("Can't install component in serverless-mode server via upload");
-      }
-
       return this._installComponentFromUpload({
         rootDid,
         mountPoint,
@@ -367,11 +360,6 @@ class BlockletManager extends BaseBlockletManager {
     }
 
     if (url) {
-      const info = await states.node.read();
-      if (info.mode === NODE_MODES.SERVERLESS) {
-        validateStore(info, url);
-      }
-
       return this._installComponentFromUrl({
         rootDid,
         mountPoint,
@@ -443,6 +431,25 @@ class BlockletManager extends BaseBlockletManager {
     return { isInstalled: !!blocklet, isRunning, blockletDid, isExternal };
   }
 
+  async installBlockletFromVc({ vcPresentation, challenge }, context) {
+    logger.info('Install from vc');
+    const vc = getVcFromPresentation(vcPresentation);
+
+    // FIXME: 这里的 trustedIssuers 相当于相信任何 VC，需要想更安全的方法
+    verifyPresentation({ presentation: vcPresentation, trustedIssuers: [get(vc, 'issuer.id')], challenge });
+
+    if (!vc.type.includes(VC_TYPE_BLOCKLET_PURCHASE)) {
+      throw new Error(`Expect ${VC_TYPE_BLOCKLET_PURCHASE} VC type`);
+    }
+
+    const blockletUrl = get(vc, 'credentialSubject.purchased.blocklet.url');
+    const urlObject = new URL(blockletUrl);
+    const did = get(vc, 'credentialSubject.purchased.blocklet.id');
+    const registry = urlObject.origin;
+
+    return this._installFromStore({ did, registry }, context);
+  }
+
   async start({ did, throwOnError, checkHealthImmediately = false, e2eMode = false }, context) {
     logger.info('start blocklet', { did });
     // should check blocklet integrity
@@ -1190,8 +1197,8 @@ class BlockletManager extends BaseBlockletManager {
     return this.getBlocklet(rootDid);
   }
 
-  async updateComponentMountPoint({ did, rootDid: inputRootDid, mountPoint }, context) {
-    await mountPointSchema.validateAsync(mountPoint);
+  async updateComponentMountPoint({ did, rootDid: inputRootDid, mountPoint: tmpMountPoint }, context) {
+    const mountPoint = await mountPointSchema.validateAsync(tmpMountPoint);
 
     const blocklet = await states.blocklet.getBlocklet(inputRootDid);
 
@@ -2167,11 +2174,6 @@ class BlockletManager extends BaseBlockletManager {
 
     // install from store if url is a store url
     const { inStore, registryUrl, blockletDid: bundleDid } = await StoreUtil.parseSourceUrl(url, controller);
-
-    const nodeInfo = await states.node.read();
-
-    await validateStore(nodeInfo, registryUrl);
-
     if (inStore) {
       const exist = await states.blocklet.getBlocklet(blockletDid);
       if (exist) {
@@ -2787,11 +2789,6 @@ class BlockletManager extends BaseBlockletManager {
 
     validateBlockletMeta(meta, { ensureDist: true });
 
-    const info = await states.node.read();
-    if (info.mode === NODE_MODES.SERVERLESS) {
-      validateInServerless({ blockletMeta: meta });
-    }
-
     const { name, did, version } = meta;
 
     const oldExtraState = await states.blockletExtras.findOne({ did: meta.did });
@@ -3414,7 +3411,6 @@ class BlockletManager extends BaseBlockletManager {
     }
     const number = await states.node.increaseCustomBlockletNumber();
     const name = `custom-${number}`;
-    // MEMO: 空壳 APP可以保留原有的 did 生成逻辑
     const did = toBlockletDid(name);
     const blocklet = await states.blocklet.getBlocklet(did);
     if (blocklet) {

package/lib/blocklet/storage/backup/spaces.js

@@ -152,7 +152,7 @@ class SpacesBackup {
         source: join(this.blockletBackupDir, '/'),
         target: join('.did-objects', this.blocklet.appDid),
         debug: true,
-        concurrency: 32,
+        concurrency: 64,
         retryCount: 100,
         filter: (object) => {
           return object.name !== '.DS_Store';

package/lib/blocklet/storage/restore/spaces.js

@@ -117,7 +117,7 @@ class SpacesRestore {
         source: join('.did-objects', this.blockletWallet.address, '/'),
         target: this.blockletRestoreDir,
         debug: true,
-        concurrency: 32,
+        concurrency: 64,
         retryCount: 100,
       })
     );

package/lib/index.js

@@ -192,6 +192,7 @@ function ABTNode(options) {
 
     // Blocklet manager
     installBlocklet: blockletManager.install.bind(blockletManager),
+    installBlockletFromVc: blockletManager.installBlockletFromVc.bind(blockletManager),
     installComponent: blockletManager.installComponent.bind(blockletManager),
     startBlocklet: blockletManager.start.bind(blockletManager),
     stopBlocklet: blockletManager.stop.bind(blockletManager),

package/lib/router/helper.js

@@ -518,7 +518,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
 
     const ensureDomainCert = async (domain, url) => {
       const cert = await certManager.getByDomain(domain);
-      if (!cert || get(cert, 'meta.validTo') <= Date.now()) {
+      if (!cert) {
         await downloadCert({
           domain,
           url,

package/lib/router/manager.js

@@ -258,8 +258,8 @@ class RouterManager extends EventEmitter {
     return dbSite;
   }
 
-  async addRoutingRule({ id, rule, skipCheckDynamicBlacklist = false }, context = {}) {
-    await validateAddRule({ id, rule }, context);
+  async addRoutingRule({ id, rule: tempRule, skipCheckDynamicBlacklist = false }, context = {}) {
+    const { rule } = await validateAddRule({ id, rule: tempRule }, context);
     const dbSite = await states.site.findOne({ _id: id });
     if (!dbSite) {
       throw new Error(`site ${id} does not exist`);
@@ -294,8 +294,8 @@ class RouterManager extends EventEmitter {
     return newSite;
   }
 
-  async updateRoutingRule({ id, rule, skipProtectedRuleChecking = false }, context = {}) {
-    await validateEditRule({ id, rule }, context);
+  async updateRoutingRule({ id, rule: tmpRule, skipProtectedRuleChecking = false }, context = {}) {
+    const { rule } = await validateEditRule({ id, rule: tmpRule }, context);
     const dbSite = await states.site.findOne({ _id: id, 'rules.id': rule.id });
     if (!dbSite) {
       throw new Error(`site ${id}, rule ${rule.id} does not exist`);

package/lib/states/node.js

@@ -124,7 +124,7 @@ class NodeState extends BaseState {
                 routing,
                 docker,
                 mode,
-                enableWelcomePage: mode !== NODE_MODES.SERVERLESS,
+                enableWelcomePage: true,
                 runtimeConfig,
                 ownerNft,
                 diskAlertThreshold: DISK_ALERT_THRESHOLD_PERCENT,

package/lib/util/blocklet.js

@@ -31,12 +31,7 @@ const getFolderSize = require('@abtnode/util/lib/get-folder-size');
 const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
 const hashFiles = require('@abtnode/util/lib/hash-files');
 const isPathPrefixEqual = require('@abtnode/util/lib/is-path-prefix-equal');
-const {
-  BLOCKLET_MAX_MEM_LIMIT_IN_MB,
-  BLOCKLET_STORE,
-  BLOCKLET_INSTALL_TYPE,
-  BLOCKLET_STORE_DEV,
-} = require('@abtnode/constant');
+const { BLOCKLET_MAX_MEM_LIMIT_IN_MB, BLOCKLET_STORE, BLOCKLET_INSTALL_TYPE } = require('@abtnode/constant');
 const formatBackSlash = require('@abtnode/util/lib/format-back-slash');
 
 const SCRIPT_ENGINES_WHITE_LIST = ['npm', 'npx', 'pnpm', 'yarn'];
@@ -840,7 +835,7 @@ const parseChildrenFromMeta = async (src, context = {}) => {
 };
 
 const validateBlocklet = (blocklet) =>
-  forEachBlocklet(blocklet, async (b) => {
+  forEachBlocklet(blocklet, (b) => {
     isRequirementsSatisfied(b.meta.requirements);
     validateEngine(getBlockletEngineNameByPlatform(b.meta));
   });
@@ -1405,14 +1400,12 @@ const getBlocklet = async ({
 
   blocklet.settings.storeList = blocklet.settings.storeList || [];
 
-  [BLOCKLET_STORE_DEV, BLOCKLET_STORE].forEach((store) => {
-    if (!blocklet.settings.storeList.find((x) => x.url === store.url)) {
-      blocklet.settings.storeList.unshift({
-        ...store,
-        protected: true,
-      });
-    }
-  });
+  if (!blocklet.settings.storeList.find((x) => x.url === BLOCKLET_STORE.url)) {
+    blocklet.settings.storeList.unshift({
+      ...BLOCKLET_STORE,
+      protected: true,
+    });
+  }
 
   // app site
   blocklet.site = await states.site.findOneByBlocklet(blocklet.meta.did);
@@ -1697,32 +1690,6 @@ const checkDuplicateMountPoint = (blocklet, mountPoint) => {
   }
 };
 
-const validateStore = (nodeInfo, storeUrl) => {
-  if (nodeInfo.mode !== 'serverless') {
-    return;
-  }
-
-  const inStoreList = nodeInfo.blockletRegistryList.find((item) => {
-    const itemURLObj = new URL(item.url);
-    const storeUrlObj = new URL(storeUrl);
-
-    return itemURLObj.host === storeUrlObj.host;
-  });
-
-  if (!inStoreList) {
-    throw new Error('Must be installed from the compliant blocklet store list');
-  }
-};
-
-const validateInServerless = ({ blockletMeta }) => {
-  const { interfaces } = blockletMeta;
-  const externalPortInterfaces = (interfaces || []).filter((item) => !!item.port?.external);
-
-  if (externalPortInterfaces.length > 0) {
-    throw new Error('Blocklets with exposed ports cannot be installed');
-  }
-};
-
 module.exports = {
   consumeServerlessNFT,
   forEachBlocklet,
@@ -1770,6 +1737,4 @@ module.exports = {
   validateAppConfig,
   checkDuplicateAppSk,
   checkDuplicateMountPoint,
-  validateStore,
-  validateInServerless,
 };

package/lib/validators/router.js

@@ -1,6 +1,7 @@
 /* eslint-disable newline-per-chained-call */
 const Joi = require('joi');
 const { DOMAIN_FOR_DEFAULT_SITE, ROUTING_RULE_TYPES, ROUTER_CACHE_GROUPS } = require('@abtnode/constant');
+const urlFriendly = require('@blocklet/meta/lib/url-friendly').default;
 const { getMultipleLangParams } = require('./util');
 
 const WILDCARD_DOMAIN_REGEX = /^\*.(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]/;
@@ -27,7 +28,8 @@ const ruleSchema = {
       .messages({
         zh: { 'string.empty': 'URL 前缀不能为空', 'string.max': 'URL 前缀的最大长度是 150' },
         en: { 'string.empty': 'URL prefix cannot be empty', 'string.max': 'The maximum length of URL prefix is 150' },
-      }),
+      })
+      .custom((value) => urlFriendly(value)),
     groupPathPrefix: Joi.string().trim().min(1).max(150), // path prefix of interface of root blocklet
     header: Joi.any(), // TODO: header does not take effect
   }),

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.8.66-beta-7f4224af",
+  "version": "1.8.66",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,33 +19,33 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/auth": "1.8.66-beta-7f4224af",
-    "@abtnode/certificate-manager": "1.8.66-beta-7f4224af",
-    "@abtnode/constant": "1.8.66-beta-7f4224af",
-    "@abtnode/cron": "1.8.66-beta-7f4224af",
-    "@abtnode/db": "1.8.66-beta-7f4224af",
-    "@abtnode/logger": "1.8.66-beta-7f4224af",
-    "@abtnode/queue": "1.8.66-beta-7f4224af",
-    "@abtnode/rbac": "1.8.66-beta-7f4224af",
-    "@abtnode/router-provider": "1.8.66-beta-7f4224af",
-    "@abtnode/static-server": "1.8.66-beta-7f4224af",
-    "@abtnode/timemachine": "1.8.66-beta-7f4224af",
-    "@abtnode/util": "1.8.66-beta-7f4224af",
-    "@arcblock/did": "1.18.47",
+    "@abtnode/auth": "1.8.66",
+    "@abtnode/certificate-manager": "1.8.66",
+    "@abtnode/constant": "1.8.66",
+    "@abtnode/cron": "1.8.66",
+    "@abtnode/db": "1.8.66",
+    "@abtnode/logger": "1.8.66",
+    "@abtnode/queue": "1.8.66",
+    "@abtnode/rbac": "1.8.66",
+    "@abtnode/router-provider": "1.8.66",
+    "@abtnode/static-server": "1.8.66",
+    "@abtnode/timemachine": "1.8.66",
+    "@abtnode/util": "1.8.66",
+    "@arcblock/did": "1.18.42",
     "@arcblock/did-motif": "^1.1.10",
-    "@arcblock/did-util": "1.18.47",
-    "@arcblock/event-hub": "1.18.47",
-    "@arcblock/jwt": "^1.18.47",
+    "@arcblock/did-util": "1.18.42",
+    "@arcblock/event-hub": "1.18.42",
+    "@arcblock/jwt": "^1.18.42",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/vc": "1.18.47",
-    "@blocklet/constant": "1.8.66-beta-7f4224af",
-    "@blocklet/meta": "1.8.66-beta-7f4224af",
-    "@blocklet/sdk": "1.8.66-beta-7f4224af",
-    "@did-space/client": "^0.1.73",
+    "@arcblock/vc": "1.18.42",
+    "@blocklet/constant": "1.8.66",
+    "@blocklet/meta": "1.8.66",
+    "@blocklet/sdk": "1.8.66",
+    "@did-space/client": "^0.1.66",
     "@fidm/x509": "^1.2.1",
-    "@ocap/mcrypto": "1.18.47",
-    "@ocap/util": "1.18.47",
-    "@ocap/wallet": "1.18.47",
+    "@ocap/mcrypto": "1.18.42",
+    "@ocap/util": "1.18.42",
+    "@ocap/wallet": "1.18.42",
     "@slack/webhook": "^5.0.4",
     "archiver": "^5.3.1",
     "axios": "^0.27.2",
@@ -90,5 +90,5 @@
     "express": "^4.18.2",
     "jest": "^27.5.1"
   },
-  "gitHead": "72d418f63ecb76b1d5d62edbcc5f336cb62bf308"
+  "gitHead": "282247fd0ce6702e1d6920e90e2b3be0408cf879"
 }