@agentunion/fastaun 0.4.4 → 0.4.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/_packed_docs/CHANGELOG.md +15 -0
- package/_packed_docs/sdk/01-/345/277/253/351/200/237/345/274/200/345/247/213.md +1 -1
- package/_packed_docs/sdk/05-E2EE/345/212/240/345/257/206/351/200/232/344/277/241.md +1 -1
- package/dist/aid-store.d.ts +1 -0
- package/dist/aid-store.js +26 -3
- package/dist/aid-store.js.map +1 -1
- package/dist/auth.d.ts +17 -32
- package/dist/auth.js +42 -295
- package/dist/auth.js.map +1 -1
- package/dist/client.d.ts +4 -3
- package/dist/client.js +77 -92
- package/dist/client.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/keystore/aid-db.d.ts +0 -4
- package/dist/keystore/aid-db.js +4 -95
- package/dist/keystore/aid-db.js.map +1 -1
- package/dist/keystore/file.d.ts +8 -3
- package/dist/keystore/file.js +103 -24
- package/dist/keystore/file.js.map +1 -1
- package/dist/keystore/index.d.ts +39 -36
- package/dist/keystore/index.js +3 -2
- package/dist/keystore/index.js.map +1 -1
- package/dist/register-flow.d.ts +49 -0
- package/dist/register-flow.js +366 -0
- package/dist/register-flow.js.map +1 -0
- package/dist/secret-store/file-store.js +6 -1
- package/dist/secret-store/file-store.js.map +1 -1
- package/dist/v2/session/keystore.d.ts +5 -0
- package/dist/v2/session/keystore.js +21 -3
- package/dist/v2/session/keystore.js.map +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/package.json +1 -1
- package/_packed_docs/0.4.0_/345/267/256/345/274/202/346/240/270/345/256/236/345/206/263/347/255/226/350/256/260/345/275/225.md +0 -302
- package/_packed_docs/AUN_SDK_0.4.0_/350/256/276/350/256/241/345/257/271/346/257/224/345/210/206/346/236/220.md +0 -194
- package/_packed_docs/AUN_SDK_/351/207/215/346/236/204/345/256/236/346/226/275/350/256/241/345/210/222.md +0 -596
- package/_packed_docs/AUN_SDK_/351/207/215/346/236/204/350/256/276/350/256/241/346/226/271/346/241/210_v3.md +0 -1698
- package/_packed_docs/python-sdk-v2-only-changelog.md +0 -189
package/dist/client.js
CHANGED
|
@@ -466,7 +466,7 @@ export class AUNClient {
|
|
|
466
466
|
/** 认证流程 */
|
|
467
467
|
_auth;
|
|
468
468
|
/** 密钥存储 */
|
|
469
|
-
|
|
469
|
+
_tokenStore;
|
|
470
470
|
/** 会话参数(重连用) */
|
|
471
471
|
_sessionParams = null;
|
|
472
472
|
/** 会话选项 */
|
|
@@ -588,29 +588,16 @@ export class AUNClient {
|
|
|
588
588
|
logger: this._clientLog,
|
|
589
589
|
});
|
|
590
590
|
this._discovery = new GatewayDiscovery({ verifySsl: this._configModel.verifySsl, logger: this._clientLog, net: dnsNet });
|
|
591
|
-
const
|
|
591
|
+
const tokenStore = new FileKeyStore(this._configModel.aunPath, {
|
|
592
592
|
logger: this._logger.for('aun_core.keystore'),
|
|
593
593
|
secretStoreLogger: this._logger.for('aun_core.secret-store'),
|
|
594
594
|
});
|
|
595
|
-
this.
|
|
596
|
-
// 启动时被动清理 registerAid 留下的孤儿临时目录(>10 分钟)
|
|
597
|
-
try {
|
|
598
|
-
const cleanup = keystore.cleanupPendingDirs;
|
|
599
|
-
if (typeof cleanup === 'function') {
|
|
600
|
-
const removed = cleanup.call(keystore, 600_000);
|
|
601
|
-
if (removed > 0) {
|
|
602
|
-
this._clientLog.info(`_pending cleanup removed=${removed}`);
|
|
603
|
-
}
|
|
604
|
-
}
|
|
605
|
-
}
|
|
606
|
-
catch (err) {
|
|
607
|
-
this._clientLog.warn(`_pending cleanup failed: ${err instanceof Error ? err.message : String(err)}`);
|
|
608
|
-
}
|
|
595
|
+
this._tokenStore = tokenStore;
|
|
609
596
|
this._slotId = inputAid?.slotId || 'default';
|
|
610
597
|
this._connectDeliveryMode = normalizeDeliveryModeConfig({ mode: 'fanout' });
|
|
611
598
|
this._defaultConnectDeliveryMode = { ...this._connectDeliveryMode };
|
|
612
599
|
this._auth = new AuthFlow({
|
|
613
|
-
|
|
600
|
+
tokenStore,
|
|
614
601
|
crypto: new CryptoProvider(),
|
|
615
602
|
aid: initAid,
|
|
616
603
|
deviceId: this._deviceId,
|
|
@@ -640,6 +627,7 @@ export class AUNClient {
|
|
|
640
627
|
public_key_der_b64: inputAid.publicKey,
|
|
641
628
|
cert: inputAid.certPem,
|
|
642
629
|
};
|
|
630
|
+
this._auth.setIdentity(this._identity);
|
|
643
631
|
this._state = 'standby';
|
|
644
632
|
}
|
|
645
633
|
}
|
|
@@ -729,12 +717,12 @@ export class AUNClient {
|
|
|
729
717
|
rawConfig.root_ca_path = aid.rootCaPath;
|
|
730
718
|
const nextConfig = configFromMap(rawConfig);
|
|
731
719
|
try {
|
|
732
|
-
const close = this.
|
|
720
|
+
const close = this._tokenStore.close;
|
|
733
721
|
if (typeof close === 'function')
|
|
734
|
-
close.call(this.
|
|
722
|
+
close.call(this._tokenStore);
|
|
735
723
|
}
|
|
736
724
|
catch {
|
|
737
|
-
// best-effort cleanup before switching
|
|
725
|
+
// best-effort cleanup before switching tokenStore roots
|
|
738
726
|
}
|
|
739
727
|
this._configModel = nextConfig;
|
|
740
728
|
this.config.aun_path = nextConfig.aunPath;
|
|
@@ -758,13 +746,13 @@ export class AUNClient {
|
|
|
758
746
|
logger: this._clientLog,
|
|
759
747
|
});
|
|
760
748
|
this._discovery = new GatewayDiscovery({ verifySsl: nextConfig.verifySsl, logger: this._clientLog, net: dnsNet });
|
|
761
|
-
const
|
|
749
|
+
const tokenStore = new FileKeyStore(nextConfig.aunPath, {
|
|
762
750
|
logger: this._logger.for('aun_core.keystore'),
|
|
763
751
|
secretStoreLogger: this._logger.for('aun_core.secret-store'),
|
|
764
752
|
});
|
|
765
|
-
this.
|
|
753
|
+
this._tokenStore = tokenStore;
|
|
766
754
|
this._auth = new AuthFlow({
|
|
767
|
-
|
|
755
|
+
tokenStore,
|
|
768
756
|
crypto: new CryptoProvider(),
|
|
769
757
|
aid: aid.aid,
|
|
770
758
|
deviceId: this._deviceId,
|
|
@@ -801,6 +789,8 @@ export class AUNClient {
|
|
|
801
789
|
public_key_der_b64: aid.publicKey,
|
|
802
790
|
cert: aid.certPem,
|
|
803
791
|
};
|
|
792
|
+
// 注入内存私钥到 AuthFlow,禁止 AuthFlow 内部再走 keystore 解密
|
|
793
|
+
this._auth.setIdentity(this._identity);
|
|
804
794
|
this._state = 'standby';
|
|
805
795
|
this._closing = false;
|
|
806
796
|
this._lastError = null;
|
|
@@ -874,10 +864,7 @@ export class AUNClient {
|
|
|
874
864
|
return `${agentMdHttpScheme(gatewayUrl)}://${agentMdAuthority(target, this._configModel.discoveryPort)}/agent.md`;
|
|
875
865
|
}
|
|
876
866
|
async _ensureAgentMdUploadToken(aid, gatewayUrl) {
|
|
877
|
-
let identity = this.
|
|
878
|
-
if (!identity && this._identity && String(this._identity.aid ?? '') === aid) {
|
|
879
|
-
identity = this._identity;
|
|
880
|
-
}
|
|
867
|
+
let identity = this._identity && String(this._identity.aid ?? '') === aid ? this._identity : null;
|
|
881
868
|
if (!identity) {
|
|
882
869
|
throw new StateError('no local identity found, register or load an AID first');
|
|
883
870
|
}
|
|
@@ -1061,7 +1048,7 @@ export class AUNClient {
|
|
|
1061
1048
|
let resolvedCert = String(certPem ?? '').trim();
|
|
1062
1049
|
if (!resolvedCert) {
|
|
1063
1050
|
try {
|
|
1064
|
-
resolvedCert = String(this.
|
|
1051
|
+
resolvedCert = String(this._tokenStore.loadCert(target) ?? '').trim();
|
|
1065
1052
|
}
|
|
1066
1053
|
catch {
|
|
1067
1054
|
resolvedCert = '';
|
|
@@ -1781,8 +1768,8 @@ export class AUNClient {
|
|
|
1781
1768
|
this._stopBackgroundTasks();
|
|
1782
1769
|
this._stopReconnect();
|
|
1783
1770
|
if (this.state === ConnectionState.NO_IDENTITY || this.state === ConnectionState.CLOSED) {
|
|
1784
|
-
const
|
|
1785
|
-
|
|
1771
|
+
const closableStore = this._tokenStore;
|
|
1772
|
+
closableStore.close?.();
|
|
1786
1773
|
this._state = 'closed';
|
|
1787
1774
|
this._logger.close();
|
|
1788
1775
|
this._resetSeqTrackingState();
|
|
@@ -1790,8 +1777,8 @@ export class AUNClient {
|
|
|
1790
1777
|
return;
|
|
1791
1778
|
}
|
|
1792
1779
|
await this._transport.close();
|
|
1793
|
-
const
|
|
1794
|
-
|
|
1780
|
+
const closableStore = this._tokenStore;
|
|
1781
|
+
closableStore.close?.();
|
|
1795
1782
|
this._state = 'closed';
|
|
1796
1783
|
this._logger.close();
|
|
1797
1784
|
await this._dispatcher.publish('state_change', { state: this._publicState(this._state) });
|
|
@@ -3369,8 +3356,8 @@ export class AUNClient {
|
|
|
3369
3356
|
const membershipSnapshot = String(d.membership_snapshot ?? '').trim();
|
|
3370
3357
|
const policySnapshot = String(d.policy_snapshot ?? '').trim();
|
|
3371
3358
|
// 1. 验证 prev_state_hash 连续性
|
|
3372
|
-
const loadFn = this.
|
|
3373
|
-
const localState = loadFn ? loadFn.call(this.
|
|
3359
|
+
const loadFn = this._tokenStore.loadGroupState;
|
|
3360
|
+
const localState = loadFn ? loadFn.call(this._tokenStore, groupId) : null;
|
|
3374
3361
|
if (localState && localState.state_hash && localState.state_hash !== prevStateHash) {
|
|
3375
3362
|
this._clientLog.warn(`state_hash chain discontinuous group=${groupId} local_sv=${localState.state_version} event_sv=${stateVersion}`);
|
|
3376
3363
|
// 回源同步
|
|
@@ -3396,9 +3383,9 @@ export class AUNClient {
|
|
|
3396
3383
|
return;
|
|
3397
3384
|
}
|
|
3398
3385
|
}
|
|
3399
|
-
const saveFn = this.
|
|
3386
|
+
const saveFn = this._tokenStore.saveGroupState;
|
|
3400
3387
|
if (saveFn) {
|
|
3401
|
-
saveFn.call(this.
|
|
3388
|
+
saveFn.call(this._tokenStore, groupId, sv, sHash, sEpoch, sMembersJson || membershipSnapshot, sPolicyJson || policySnapshot);
|
|
3402
3389
|
}
|
|
3403
3390
|
}
|
|
3404
3391
|
}
|
|
@@ -3419,9 +3406,9 @@ export class AUNClient {
|
|
|
3419
3406
|
return;
|
|
3420
3407
|
}
|
|
3421
3408
|
// 3. 更新本地存储
|
|
3422
|
-
const saveFn = this.
|
|
3409
|
+
const saveFn = this._tokenStore.saveGroupState;
|
|
3423
3410
|
if (saveFn) {
|
|
3424
|
-
saveFn.call(this.
|
|
3411
|
+
saveFn.call(this._tokenStore, groupId, stateVersion, stateHash, keyEpoch, membershipSnapshot, policySnapshot);
|
|
3425
3412
|
}
|
|
3426
3413
|
this._clientLog.debug(`_onGroupStateCommitted exit: elapsed=${Date.now() - tStart}ms group=${groupId}`);
|
|
3427
3414
|
}
|
|
@@ -3581,7 +3568,7 @@ export class AUNClient {
|
|
|
3581
3568
|
}
|
|
3582
3569
|
try {
|
|
3583
3570
|
// peer 证书只存版本目录,不覆盖 cert.pem
|
|
3584
|
-
this.
|
|
3571
|
+
this._tokenStore.saveCert(aid, certPem, certFingerprint, { makeActive: false });
|
|
3585
3572
|
}
|
|
3586
3573
|
catch (exc) {
|
|
3587
3574
|
this._clientLog.error(`failed to write cert to keystore (aid=${aid}, fp=${certFingerprint ?? ''}): ${formatCaughtError(exc)}`, exc instanceof Error ? exc : undefined);
|
|
@@ -3852,9 +3839,9 @@ export class AUNClient {
|
|
|
3852
3839
|
return;
|
|
3853
3840
|
try {
|
|
3854
3841
|
// 优先从 seq_tracker 表按行读取
|
|
3855
|
-
const loadAll = this.
|
|
3842
|
+
const loadAll = this._tokenStore.loadAllSeqs;
|
|
3856
3843
|
if (typeof loadAll === 'function') {
|
|
3857
|
-
let state = loadAll.call(this.
|
|
3844
|
+
let state = loadAll.call(this._tokenStore, this._aid, this._deviceId, this._slotId);
|
|
3858
3845
|
if (state && Object.keys(state).length > 0) {
|
|
3859
3846
|
state = this._migrateSeqStateGroupIds(state);
|
|
3860
3847
|
this._seqTracker.restoreState(state);
|
|
@@ -3862,9 +3849,9 @@ export class AUNClient {
|
|
|
3862
3849
|
}
|
|
3863
3850
|
}
|
|
3864
3851
|
// fallback: 从旧 instance_state JSON blob 恢复
|
|
3865
|
-
const loader = this.
|
|
3852
|
+
const loader = this._tokenStore.loadInstanceState;
|
|
3866
3853
|
if (typeof loader === 'function') {
|
|
3867
|
-
const instanceState = loader.call(this.
|
|
3854
|
+
const instanceState = loader.call(this._tokenStore, this._aid, this._deviceId, this._slotId);
|
|
3868
3855
|
if (instanceState && typeof instanceState.seq_tracker_state === 'object') {
|
|
3869
3856
|
let state = instanceState.seq_tracker_state;
|
|
3870
3857
|
state = this._migrateSeqStateGroupIds(state);
|
|
@@ -3915,20 +3902,20 @@ export class AUNClient {
|
|
|
3915
3902
|
}
|
|
3916
3903
|
this._clientLog.info(`SeqTracker group_id migration: ${Object.keys(renameMap).length} namespaces rewritten`);
|
|
3917
3904
|
// 落盘
|
|
3918
|
-
const saver = this.
|
|
3919
|
-
const deleter = this.
|
|
3905
|
+
const saver = this._tokenStore.saveSeq;
|
|
3906
|
+
const deleter = this._tokenStore.deleteSeq;
|
|
3920
3907
|
if (typeof saver === 'function' && this._aid) {
|
|
3921
3908
|
for (const [oldNs, newNs] of Object.entries(renameMap)) {
|
|
3922
3909
|
if (typeof deleter === 'function') {
|
|
3923
3910
|
try {
|
|
3924
|
-
deleter.call(this.
|
|
3911
|
+
deleter.call(this._tokenStore, this._aid, this._deviceId, this._slotId, oldNs);
|
|
3925
3912
|
}
|
|
3926
3913
|
catch (e) {
|
|
3927
3914
|
this._clientLog.debug(`delete old seq ns failed: ns=${oldNs} err=${formatCaughtError(e)}`);
|
|
3928
3915
|
}
|
|
3929
3916
|
}
|
|
3930
3917
|
try {
|
|
3931
|
-
saver.call(this.
|
|
3918
|
+
saver.call(this._tokenStore, this._aid, this._deviceId, this._slotId, newNs, newState[newNs]);
|
|
3932
3919
|
}
|
|
3933
3920
|
catch (e) {
|
|
3934
3921
|
this._clientLog.debug(`write new seq ns failed: ns=${newNs} err=${formatCaughtError(e)}`);
|
|
@@ -3976,17 +3963,17 @@ export class AUNClient {
|
|
|
3976
3963
|
return;
|
|
3977
3964
|
try {
|
|
3978
3965
|
// 优先按行写入 seq_tracker 表
|
|
3979
|
-
const saveFn = this.
|
|
3966
|
+
const saveFn = this._tokenStore.saveSeq;
|
|
3980
3967
|
if (typeof saveFn === 'function') {
|
|
3981
3968
|
for (const [ns, seq] of Object.entries(state)) {
|
|
3982
|
-
saveFn.call(this.
|
|
3969
|
+
saveFn.call(this._tokenStore, this._aid, this._deviceId, this._slotId, ns, seq);
|
|
3983
3970
|
}
|
|
3984
3971
|
return;
|
|
3985
3972
|
}
|
|
3986
3973
|
// fallback: 旧版 updateInstanceState JSON blob
|
|
3987
|
-
const updater = this.
|
|
3974
|
+
const updater = this._tokenStore.updateInstanceState;
|
|
3988
3975
|
if (typeof updater === 'function') {
|
|
3989
|
-
updater.call(this.
|
|
3976
|
+
updater.call(this._tokenStore, this._aid, this._deviceId, this._slotId, (metadata) => {
|
|
3990
3977
|
metadata.seq_tracker_state = state;
|
|
3991
3978
|
return metadata;
|
|
3992
3979
|
});
|
|
@@ -4009,13 +3996,13 @@ export class AUNClient {
|
|
|
4009
3996
|
return;
|
|
4010
3997
|
const seq = this._seqTracker.getContiguousSeq(ns);
|
|
4011
3998
|
try {
|
|
4012
|
-
if (seq > 0 && typeof this.
|
|
4013
|
-
this.
|
|
3999
|
+
if (seq > 0 && typeof this._tokenStore.saveSeq === 'function') {
|
|
4000
|
+
this._tokenStore.saveSeq(this._aid, this._deviceId, this._slotId, ns, seq);
|
|
4014
4001
|
return;
|
|
4015
4002
|
}
|
|
4016
|
-
const deleteSeq = this.
|
|
4003
|
+
const deleteSeq = this._tokenStore.deleteSeq;
|
|
4017
4004
|
if (seq <= 0 && typeof deleteSeq === 'function') {
|
|
4018
|
-
deleteSeq.call(this.
|
|
4005
|
+
deleteSeq.call(this._tokenStore, this._aid, this._deviceId, this._slotId, ns);
|
|
4019
4006
|
return;
|
|
4020
4007
|
}
|
|
4021
4008
|
if (seq > 0) {
|
|
@@ -4247,16 +4234,6 @@ export class AUNClient {
|
|
|
4247
4234
|
this._v2BootstrapCache.clear();
|
|
4248
4235
|
}
|
|
4249
4236
|
let identity = this._identity;
|
|
4250
|
-
if (!identity) {
|
|
4251
|
-
try {
|
|
4252
|
-
identity = this._keystore.loadIdentity(this._aid);
|
|
4253
|
-
if (identity)
|
|
4254
|
-
this._identity = identity;
|
|
4255
|
-
}
|
|
4256
|
-
catch {
|
|
4257
|
-
identity = null;
|
|
4258
|
-
}
|
|
4259
|
-
}
|
|
4260
4237
|
// 私钥由 AIDStore 管理,直接从 _currentAid 读取明文私钥
|
|
4261
4238
|
const currentAid = this._currentAid;
|
|
4262
4239
|
if (!currentAid?.privateKeyPem) {
|
|
@@ -4271,8 +4248,8 @@ export class AUNClient {
|
|
|
4271
4248
|
const aidPriv = _v2LeftPad32(_v2B64uToBytes(jwk.d));
|
|
4272
4249
|
const pubDer = crypto.createPublicKey(privateKey).export({ format: 'der', type: 'spki' });
|
|
4273
4250
|
const aidPubDer = new Uint8Array(pubDer);
|
|
4274
|
-
const storeProvider = this.
|
|
4275
|
-
const v2Store = storeProvider.getV2KeyStore?.call(this.
|
|
4251
|
+
const storeProvider = this._tokenStore;
|
|
4252
|
+
const v2Store = storeProvider.getV2KeyStore?.call(this._tokenStore, this._aid);
|
|
4276
4253
|
if (!v2Store) {
|
|
4277
4254
|
throw new StateError('V2 key store is unavailable for current keystore');
|
|
4278
4255
|
}
|
|
@@ -4282,6 +4259,28 @@ export class AUNClient {
|
|
|
4282
4259
|
this._clientLog.debug(`V2 session initialized aid=${this._aid} device=${this._deviceId}`);
|
|
4283
4260
|
// 群 state proposal 由服务端在 client.online 时定向通知。
|
|
4284
4261
|
}
|
|
4262
|
+
_currentV2KeyStore() {
|
|
4263
|
+
if (this._v2KeyStore)
|
|
4264
|
+
return this._v2KeyStore;
|
|
4265
|
+
if (!this._aid)
|
|
4266
|
+
throw new StateError('V2 key store requires a loaded AID');
|
|
4267
|
+
const storeProvider = this._tokenStore;
|
|
4268
|
+
const v2Store = storeProvider.getV2KeyStore?.call(this._tokenStore, this._aid);
|
|
4269
|
+
if (!v2Store) {
|
|
4270
|
+
throw new StateError('V2 key store is unavailable for current identity');
|
|
4271
|
+
}
|
|
4272
|
+
this._v2KeyStore = v2Store;
|
|
4273
|
+
return v2Store;
|
|
4274
|
+
}
|
|
4275
|
+
_saveGroupIdentityToV2(groupAid, identity) {
|
|
4276
|
+
const privateKeyPem = String(identity.private_key_pem ?? '').trim();
|
|
4277
|
+
const publicKeyDerB64 = String(identity.public_key_der_b64 ?? '').trim();
|
|
4278
|
+
if (!groupAid || !privateKeyPem || !publicKeyDerB64) {
|
|
4279
|
+
throw new StateError('group identity is incomplete');
|
|
4280
|
+
}
|
|
4281
|
+
const pubDer = new Uint8Array(Buffer.from(publicKeyDerB64, 'base64'));
|
|
4282
|
+
this._currentV2KeyStore().saveGroupIdentity(this._deviceId, groupAid, privateKeyPem, pubDer);
|
|
4283
|
+
}
|
|
4285
4284
|
async _v2TrustedIKPubDer(aid) {
|
|
4286
4285
|
const normalizedAid = String(aid ?? '').trim();
|
|
4287
4286
|
if (!normalizedAid)
|
|
@@ -6555,9 +6554,9 @@ export class AUNClient {
|
|
|
6555
6554
|
if (this._gatewayUrl)
|
|
6556
6555
|
return this._gatewayUrl;
|
|
6557
6556
|
try {
|
|
6558
|
-
const loadMetadata = this.
|
|
6557
|
+
const loadMetadata = this._tokenStore.loadMetadata;
|
|
6559
6558
|
const cachedGateway = typeof loadMetadata === 'function'
|
|
6560
|
-
? String(loadMetadata.call(this.
|
|
6559
|
+
? String(loadMetadata.call(this._tokenStore, resolvedAid)?.gateway_url ?? '').trim()
|
|
6561
6560
|
: '';
|
|
6562
6561
|
if (cachedGateway) {
|
|
6563
6562
|
this._gatewayUrl = cachedGateway;
|
|
@@ -6579,9 +6578,9 @@ export class AUNClient {
|
|
|
6579
6578
|
const gateway = await this._discovery.discover(url);
|
|
6580
6579
|
this._gatewayUrl = gateway;
|
|
6581
6580
|
try {
|
|
6582
|
-
const saveMetadata = this.
|
|
6581
|
+
const saveMetadata = this._tokenStore.saveMetadata;
|
|
6583
6582
|
if (typeof saveMetadata === 'function') {
|
|
6584
|
-
saveMetadata.call(this.
|
|
6583
|
+
saveMetadata.call(this._tokenStore, resolvedAid, { gateway_url: gateway, gateway_cached_at: Date.now() });
|
|
6585
6584
|
}
|
|
6586
6585
|
}
|
|
6587
6586
|
catch {
|
|
@@ -6627,9 +6626,8 @@ export class AUNClient {
|
|
|
6627
6626
|
}
|
|
6628
6627
|
/** 连接后同步身份信息 */
|
|
6629
6628
|
_syncIdentityAfterConnect(accessToken) {
|
|
6630
|
-
const identity = this.
|
|
6629
|
+
const identity = this._identity;
|
|
6631
6630
|
if (identity === null) {
|
|
6632
|
-
this._identity = null;
|
|
6633
6631
|
return;
|
|
6634
6632
|
}
|
|
6635
6633
|
identity.access_token = accessToken;
|
|
@@ -6640,9 +6638,7 @@ export class AUNClient {
|
|
|
6640
6638
|
const persistIdentity = this._auth._persistIdentity;
|
|
6641
6639
|
if (typeof persistIdentity === 'function') {
|
|
6642
6640
|
persistIdentity.call(this._auth, identity);
|
|
6643
|
-
return;
|
|
6644
6641
|
}
|
|
6645
|
-
this._keystore.saveIdentity(String(identity.aid), identity);
|
|
6646
6642
|
}
|
|
6647
6643
|
// ── 内部:参数处理 ────────────────────────────────────────
|
|
6648
6644
|
/** 规范化连接参数 */
|
|
@@ -6826,7 +6822,7 @@ export class AUNClient {
|
|
|
6826
6822
|
scheduleNext();
|
|
6827
6823
|
return;
|
|
6828
6824
|
}
|
|
6829
|
-
let identity = this._identity
|
|
6825
|
+
let identity = this._identity;
|
|
6830
6826
|
if (identity === null) {
|
|
6831
6827
|
scheduleNext();
|
|
6832
6828
|
return;
|
|
@@ -7175,8 +7171,7 @@ export class AUNClient {
|
|
|
7175
7171
|
}
|
|
7176
7172
|
// ── Named Group(命名群)高层 API ────────────────────────────
|
|
7177
7173
|
/**
|
|
7178
|
-
*
|
|
7179
|
-
* 服务端签发群 AID 证书,返回后将证书和私钥存入 keystore。
|
|
7174
|
+
* 创建命名群:群/P2P 私钥由 V2 数据库存储,不写入 AID 身份私钥存储。
|
|
7180
7175
|
*/
|
|
7181
7176
|
async createNamedGroup(groupName, opts = {}) {
|
|
7182
7177
|
const tStart = Date.now();
|
|
@@ -7196,15 +7191,10 @@ export class AUNClient {
|
|
|
7196
7191
|
const aidCert = result?.aid_cert;
|
|
7197
7192
|
const groupAid = String(groupInfo?.group_aid ?? '');
|
|
7198
7193
|
if (groupAid && aidCert) {
|
|
7199
|
-
this.
|
|
7200
|
-
private_key_pem: identity.private_key_pem,
|
|
7201
|
-
public_key: identity.public_key_der_b64,
|
|
7202
|
-
curve: 'P-256',
|
|
7203
|
-
type: 'group_identity',
|
|
7204
|
-
});
|
|
7194
|
+
this._saveGroupIdentityToV2(groupAid, identity);
|
|
7205
7195
|
const certPem = String(aidCert.cert ?? '');
|
|
7206
7196
|
if (certPem) {
|
|
7207
|
-
this.
|
|
7197
|
+
this._tokenStore.saveCert(groupAid, certPem);
|
|
7208
7198
|
}
|
|
7209
7199
|
}
|
|
7210
7200
|
this._clientLog.debug(`createNamedGroup exit: elapsed=${Date.now() - tStart}ms groupAid=${groupAid}`);
|
|
@@ -7235,15 +7225,10 @@ export class AUNClient {
|
|
|
7235
7225
|
const aidCert = result?.aid_cert;
|
|
7236
7226
|
const groupAid = String(groupInfo?.group_aid ?? '');
|
|
7237
7227
|
if (groupAid && aidCert) {
|
|
7238
|
-
this.
|
|
7239
|
-
private_key_pem: identity.private_key_pem,
|
|
7240
|
-
public_key: identity.public_key_der_b64,
|
|
7241
|
-
curve: 'P-256',
|
|
7242
|
-
type: 'group_identity',
|
|
7243
|
-
});
|
|
7228
|
+
this._saveGroupIdentityToV2(groupAid, identity);
|
|
7244
7229
|
const certPem = String(aidCert.cert ?? '');
|
|
7245
7230
|
if (certPem) {
|
|
7246
|
-
this.
|
|
7231
|
+
this._tokenStore.saveCert(groupAid, certPem);
|
|
7247
7232
|
}
|
|
7248
7233
|
}
|
|
7249
7234
|
this._clientLog.debug(`bindGroupAid exit: elapsed=${Date.now() - tStart}ms groupAid=${groupAid}`);
|