npm - @awiki/cli - Versions diffs - 0.0.1-beta.2 - Mend

@awiki/cli 0.0.1-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (119) hide show

package/.github/workflows/release.yml +44 -0
package/.goreleaser.yml +44 -0
package/AGENTS.md +60 -0
package/CLAUDE.md +192 -0
package/README.md +2 -0
package/docs/architecture/awiki-command-v2.md +955 -0
package/docs/architecture/awiki-skill-architecture.md +475 -0
package/docs/architecture/awiki-v2-architecture.md +1063 -0
package/docs/architecture//345/217/202/350/200/203/346/226/207/346/241/243/cli-init.md +1008 -0
package/docs/architecture//345/217/202/350/200/203/346/226/207/346/241/243/output-format.md +407 -0
package/docs/architecture//345/217/202/350/200/203/346/226/207/346/241/243/overall-init.md +741 -0
package/docs/harness/review-spec.md +474 -0
package/docs/installation.md +372 -0
package/docs/plan/awiki-v2-implementation-plan.md +903 -0
package/docs/plan/phase-0/adr-index.md +56 -0
package/docs/plan/phase-0/audit-findings.md +251 -0
package/docs/plan/phase-0/capability-mapping.md +108 -0
package/docs/plan/phase-0/implementation-constraints.md +363 -0
package/docs/publish.md +169 -0
package/go.mod +29 -0
package/go.sum +73 -0
package/internal/anpsdk/registry.go +63 -0
package/internal/authsdk/session.go +351 -0
package/internal/buildinfo/buildinfo.go +34 -0
package/internal/cli/app.go +136 -0
package/internal/cli/app_test.go +88 -0
package/internal/cli/debug.go +104 -0
package/internal/cli/group.go +263 -0
package/internal/cli/id.go +473 -0
package/internal/cli/init.go +134 -0
package/internal/cli/msg.go +228 -0
package/internal/cli/page.go +267 -0
package/internal/cli/root.go +499 -0
package/internal/cli/runtime.go +232 -0
package/internal/cli/upgrade.go +60 -0
package/internal/cmdmeta/catalog.go +203 -0
package/internal/cmdmeta/catalog_test.go +21 -0
package/internal/config/config.go +399 -0
package/internal/config/config_test.go +104 -0
package/internal/config/write.go +37 -0
package/internal/content/service.go +314 -0
package/internal/content/service_test.go +165 -0
package/internal/content/types.go +44 -0
package/internal/docs/topics.go +110 -0
package/internal/doctor/doctor.go +306 -0
package/internal/identity/client.go +267 -0
package/internal/identity/did.go +85 -0
package/internal/identity/did_test.go +50 -0
package/internal/identity/layout.go +206 -0
package/internal/identity/legacy.go +378 -0
package/internal/identity/public.go +70 -0
package/internal/identity/public_test.go +73 -0
package/internal/identity/readiness.go +74 -0
package/internal/identity/service.go +826 -0
package/internal/identity/store.go +385 -0
package/internal/identity/store_test.go +180 -0
package/internal/identity/types.go +204 -0
package/internal/message/auth.go +167 -0
package/internal/message/group_service.go +838 -0
package/internal/message/group_wire.go +350 -0
package/internal/message/group_wire_test.go +67 -0
package/internal/message/helpers.go +61 -0
package/internal/message/http_client.go +334 -0
package/internal/message/proof.go +156 -0
package/internal/message/proof_test.go +61 -0
package/internal/message/service.go +696 -0
package/internal/message/service_test.go +97 -0
package/internal/message/types.go +155 -0
package/internal/message/wire.go +100 -0
package/internal/message/wire_test.go +49 -0
package/internal/message/ws_proxy_client.go +151 -0
package/internal/output/output.go +350 -0
package/internal/output/output_test.go +48 -0
package/internal/runtime/config.go +117 -0
package/internal/runtime/config_test.go +46 -0
package/internal/runtime/listener/files.go +65 -0
package/internal/runtime/listener/manager.go +142 -0
package/internal/runtime/listener/server.go +983 -0
package/internal/runtime/listener/server_test.go +319 -0
package/internal/runtime/listener/sysproc_unix.go +17 -0
package/internal/runtime/listener/sysproc_windows.go +13 -0
package/internal/runtime/listener/types.go +21 -0
package/internal/runtime/listener/wsclient.go +299 -0
package/internal/runtime/listener/wsclient_test.go +41 -0
package/internal/store/dao.go +632 -0
package/internal/store/dao_test.go +87 -0
package/internal/store/helpers.go +197 -0
package/internal/store/import.go +499 -0
package/internal/store/import_test.go +103 -0
package/internal/store/open.go +71 -0
package/internal/store/query.go +151 -0
package/internal/store/schema.go +277 -0
package/internal/store/schema_test.go +56 -0
package/internal/store/types.go +177 -0
package/internal/update/update.go +368 -0
package/package.json +17 -0
package/scripts/install.js +171 -0
package/scripts/release/release-prerelease.sh +86 -0
package/scripts/release/tag-release.sh +66 -0
package/scripts/release/withdraw-release.sh +78 -0
package/scripts/run.js +69 -0
package/skills/README.md +32 -0
package/skills/awiki-bundle/SKILL.md +76 -0
package/skills/awiki-debug/SKILL.md +80 -0
package/skills/awiki-group/SKILL.md +111 -0
package/skills/awiki-id/SKILL.md +123 -0
package/skills/awiki-msg/SKILL.md +131 -0
package/skills/awiki-page/SKILL.md +93 -0
package/skills/awiki-people/SKILL.md +66 -0
package/skills/awiki-runtime/SKILL.md +137 -0
package/skills/awiki-shared/SKILL.md +124 -0
package/skills/awiki-workflow-discovery/SKILL.md +93 -0
package/skills/awiki-workflow-onboarding/SKILL.md +119 -0
package/skills/manifests/skills.yaml +260 -0
package/skills/templates/bundle-skill-template.md +42 -0
package/skills/templates/debug-skill-template.md +44 -0
package/skills/templates/domain-skill-template.md +56 -0
package/skills/templates/shared-skill-template.md +46 -0
package/skills/templates/workflow-skill-template.md +46 -0

package/internal/doctor/doctor.go ADDED Viewed

@@ -0,0 +1,306 @@
+package doctor
+import (
+	"context"
+	"errors"
+	"os"
+	"path/filepath"
+	"strings"
+	"github.com/agentconnect/awiki-cli/internal/buildinfo"
+	"github.com/agentconnect/awiki-cli/internal/config"
+	"github.com/agentconnect/awiki-cli/internal/identity"
+	"github.com/agentconnect/awiki-cli/internal/store"
+)
+type Check struct {
+	Name    string         `json:"name"`
+	Status  string         `json:"status"`
+	Summary string         `json:"summary"`
+	Details map[string]any `json:"details,omitempty"`
+}
+type Report struct {
+	Checks  []Check `json:"checks"`
+	Summary string  `json:"summary"`
+	Counts  Counts  `json:"counts"`
+}
+type Counts struct {
+	OK    int `json:"ok"`
+	Warn  int `json:"warn"`
+	Error int `json:"error"`
+	Info  int `json:"info"`
+}
+func Run(resolved *config.Resolved) Report {
+	checks := []Check{
+		buildCheck(resolved),
+		configFileCheck(resolved),
+		envCheck(resolved),
+		runtimeCheck(resolved),
+		identityStoreCheck(resolved),
+		sqliteCheck(resolved),
+		legacyCheck(resolved),
+	}
+	counts := Counts{}
+	for _, check := range checks {
+		switch check.Status {
+		case "ok":
+			counts.OK++
+		case "warn":
+			counts.Warn++
+		case "error":
+			counts.Error++
+		default:
+			counts.Info++
+		}
+	}
+	summary := "Doctor completed successfully"
+	if counts.Error > 0 {
+		summary = "Doctor found blocking issues"
+	} else if counts.Warn > 0 {
+		summary = "Doctor found warnings"
+	}
+	return Report{Checks: checks, Summary: summary, Counts: counts}
+}
+func buildCheck(resolved *config.Resolved) Check {
+	info := buildinfo.Current()
+	status := "ok"
+	summary := "Pure-Go build target is aligned"
+	if strings.EqualFold(info.CGOEnabled, "1") || strings.EqualFold(info.CGOEnabled, "true") {
+		status = "warn"
+		summary = "Build metadata indicates CGO was enabled"
+	}
+	return Check{
+		Name:    "build",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"go_version":  info.GoVersion,
+			"goos":        info.GOOS,
+			"goarch":      info.GOARCH,
+			"compiler":    info.Compiler,
+			"cgo_enabled": info.CGOEnabled,
+		},
+	}
+}
+func configFileCheck(resolved *config.Resolved) Check {
+	status := "warn"
+	summary := "No config file found yet"
+	if resolved.ConfigExists {
+		status = "ok"
+		summary = "Config file loaded"
+	}
+	if resolved.ConfigError != "" {
+		status = "error"
+		summary = "Config file exists but failed to parse"
+	}
+	return Check{
+		Name:    "config_file",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"path":   resolved.Paths.ConfigFile,
+			"exists": resolved.ConfigExists,
+			"error":  resolved.ConfigError,
+		},
+	}
+}
+func envCheck(resolved *config.Resolved) Check {
+	status := "info"
+	summary := "No environment overrides detected"
+	aliasHits := 0
+	legacyHits := 0
+	for _, hit := range resolved.EnvHits {
+		if hit.Tier == "draft_alias_env" {
+			aliasHits++
+		}
+		if hit.Tier == "legacy_env" {
+			legacyHits++
+		}
+	}
+	if len(resolved.EnvHits) > 0 {
+		status = "ok"
+		summary = "Environment overrides detected"
+	}
+	if aliasHits > 0 || legacyHits > 0 {
+		status = "warn"
+		summary = "Compatibility environment variables are in use"
+	}
+	return Check{
+		Name:    "environment",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"hits": resolved.EnvHits,
+		},
+	}
+}
+func runtimeCheck(resolved *config.Resolved) Check {
+	status := "ok"
+	summary := "Runtime mode resolved"
+	if strings.TrimSpace(resolved.RuntimeMode) == "websocket" {
+		summary = "Runtime mode is websocket"
+	} else {
+		summary = "Runtime mode is http"
+	}
+	return Check{
+		Name:    "runtime",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"mode":        resolved.RuntimeMode,
+			"socket_path": resolved.RuntimeSocketPath,
+		},
+	}
+}
+func identityStoreCheck(resolved *config.Resolved) Check {
+	manager := identity.NewManager(resolved.Paths)
+	indexPath := filepath.Join(resolved.Paths.IdentityDir, identity.IndexFileName)
+	identityDirExists := pathExists(resolved.Paths.IdentityDir)
+	indexExists := pathExists(indexPath)
+	status := "warn"
+	summary := "Identity store has not been initialized"
+	if identityDirExists || indexExists {
+		status = "ok"
+		summary = "Identity store path resolved"
+	}
+	index, indexErr := manager.LoadIndex()
+	if indexErr != nil {
+		status = "error"
+		summary = "Identity index exists but failed to parse"
+	}
+	current, currentErr := manager.Current()
+	if currentErr != nil && !errors.Is(currentErr, identity.ErrNoDefaultIdentity) && len(index.Credentials) > 0 {
+		status = "error"
+		summary = "Identity index is missing a valid default identity"
+	} else if current != nil && !current.UserState.ReadyForMessaging {
+		status = "warn"
+		summary = "Default identity is local-only and cannot be used for messaging yet"
+	}
+	return Check{
+		Name:    "identity_store",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"identity_dir":     resolved.Paths.IdentityDir,
+			"dir_exists":       identityDirExists,
+			"index_path":       indexPath,
+			"index_exists":     indexExists,
+			"index_entries":    len(index.Credentials),
+			"default_identity": current,
+			"user_state":       defaultIdentityUserState(current),
+			"index_error":      errorText(indexErr),
+		},
+	}
+}
+func defaultIdentityUserState(current *identity.IdentitySummary) any {
+	if current == nil {
+		return nil
+	}
+	return current.UserState
+}
+func sqliteCheck(resolved *config.Resolved) Check {
+	databaseExists := pathExists(resolved.Paths.DatabaseFile)
+	status := "info"
+	summary := "SQLite target path resolved"
+	if databaseExists {
+		status = "ok"
+		summary = "SQLite database file already exists"
+	}
+	schemaVersion := 0
+	schemaError := ""
+	if databaseExists {
+		db, err := store.OpenReadOnly(resolved.Paths.DatabaseFile)
+		if err != nil {
+			status = "error"
+			summary = "SQLite database file exists but cannot be opened"
+			schemaError = err.Error()
+		} else {
+			defer db.Close()
+			version, err := store.CurrentSchemaVersion(db)
+			if err != nil {
+				status = "error"
+				summary = "SQLite database is readable but schema version could not be inspected"
+				schemaError = err.Error()
+			} else {
+				schemaVersion = version
+				if version != store.SchemaVersion {
+					status = "warn"
+					summary = "SQLite database exists but schema version is not current"
+				}
+			}
+		}
+	}
+	return Check{
+		Name:    "sqlite",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"database_file":         resolved.Paths.DatabaseFile,
+			"exists":                databaseExists,
+			"parent_dir":            filepath.Dir(resolved.Paths.DatabaseFile),
+			"schema_version":        schemaVersion,
+			"target_schema_version": store.SchemaVersion,
+			"schema_error":          schemaError,
+		},
+	}
+}
+func legacyCheck(resolved *config.Resolved) Check {
+	manager := identity.NewManager(resolved.Paths)
+	scan, scanErr := manager.ScanLegacy()
+	credentialsExists := pathExists(resolved.Paths.LegacyCredentialsDir)
+	dataExists := pathExists(resolved.Paths.LegacyDataDir)
+	legacyDB, dbErr := store.ScanLegacyDatabase(context.Background(), resolved.Paths)
+	status := "info"
+	summary := "No legacy v1 paths detected"
+	if scanErr != nil {
+		status = "error"
+		summary = "Legacy credential scan failed"
+	} else if scan != nil && scan.HasLegacy {
+		status = "warn"
+		summary = "Legacy awiki-agent-id-message credential layout detected"
+	} else if (legacyDB != nil && legacyDB.Exists) || credentialsExists || dataExists {
+		status = "warn"
+		summary = "Legacy awiki-agent-id-message paths detected"
+	}
+	return Check{
+		Name:    "legacy_paths",
+		Status:  status,
+		Summary: summary,
+		Details: map[string]any{
+			"legacy_credentials_dir": resolved.Paths.LegacyCredentialsDir,
+			"credentials_exists":     credentialsExists,
+			"legacy_data_dir":        resolved.Paths.LegacyDataDir,
+			"data_exists":            dataExists,
+			"legacy_scan":            scan,
+			"scan_error":             errorText(scanErr),
+			"legacy_database":        legacyDB,
+			"legacy_database_error":  errorText(dbErr),
+		},
+	}
+}
+func pathExists(path string) bool {
+	if strings.TrimSpace(path) == "" {
+		return false
+	}
+	_, err := os.Stat(path)
+	return err == nil
+}
+func errorText(err error) string {
+	if err == nil {
+		return ""
+	}
+	return err.Error()
+}

package/internal/identity/client.go ADDED Viewed

@@ -0,0 +1,267 @@
+package identity
+import (
+	"bytes"
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strings"
+	"github.com/agentconnect/awiki-cli/internal/authsdk"
+	appconfig "github.com/agentconnect/awiki-cli/internal/config"
+)
+const (
+	didAuthRPCEndpoint    = "/user-service/did-auth/rpc"
+	handleRPCEndpoint     = "/user-service/handle/rpc"
+	didProfileRPCEndpoint = "/user-service/did/profile/rpc"
+	emailSendEndpoint       = "/user-service/auth/email-send"
+	emailStatusEndpoint     = "/user-service/auth/email-status"
+	phoneBindSendEndpoint   = "/user-service/auth/phone-bind-send"
+	phoneBindVerifyEndpoint = "/user-service/auth/phone-bind-verify"
+)
+type ServiceError struct {
+	StatusCode int
+	RPCCode    int
+	Message    string
+	Data       any
+}
+func (e *ServiceError) Error() string {
+	if e == nil {
+		return ""
+	}
+	switch {
+	case e.RPCCode != 0:
+		return fmt.Sprintf("service rpc error %d: %s", e.RPCCode, e.Message)
+	case e.StatusCode != 0:
+		return fmt.Sprintf("service http error %d: %s", e.StatusCode, e.Message)
+	default:
+		return e.Message
+	}
+}
+type rpcResponse struct {
+	Result json.RawMessage `json:"result"`
+	Error  *struct {
+		Code    int    `json:"code"`
+		Message string `json:"message"`
+		Data    any    `json:"data,omitempty"`
+	} `json:"error,omitempty"`
+}
+type RemoteClient struct {
+	baseURL string
+	client  *http.Client
+}
+func NewRemoteClient(resolved *appconfig.Resolved) (*RemoteClient, error) {
+	if resolved == nil {
+		return nil, fmt.Errorf("%w: resolved config is required", ErrInvalidInput)
+	}
+	httpClient, err := newHTTPClient(resolved.CABundle)
+	if err != nil {
+		return nil, err
+	}
+	return &RemoteClient{
+		baseURL: strings.TrimRight(resolved.UserServiceURL, "/"),
+		client:  httpClient,
+	}, nil
+}
+func (c *RemoteClient) Client() *http.Client {
+	if c == nil {
+		return nil
+	}
+	return c.client
+}
+func newHTTPClient(caBundle string) (*http.Client, error) {
+	transport := &http.Transport{}
+	if strings.TrimSpace(caBundle) != "" {
+		rootCAs, err := x509.SystemCertPool()
+		if err != nil || rootCAs == nil {
+			rootCAs = x509.NewCertPool()
+		}
+		bundle, err := os.ReadFile(filepath.Clean(caBundle))
+		if err != nil {
+			return nil, fmt.Errorf("read ca bundle: %w", err)
+		}
+		if ok := rootCAs.AppendCertsFromPEM(bundle); !ok {
+			return nil, fmt.Errorf("invalid ca bundle: %s", caBundle)
+		}
+		transport.TLSClientConfig = &tls.Config{RootCAs: rootCAs, MinVersion: tls.VersionTLS12}
+	}
+	return &http.Client{Transport: transport}, nil
+}
+func (c *RemoteClient) rpcCall(ctx context.Context, endpoint string, method string, params any, bearer string, out any) error {
+	payload := map[string]any{
+		"jsonrpc": "2.0",
+		"method":  method,
+		"params":  params,
+		"id":      "req-1",
+	}
+	body, err := json.Marshal(payload)
+	if err != nil {
+		return err
+	}
+	request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.baseURL+endpoint, bytes.NewReader(body))
+	if err != nil {
+		return err
+	}
+	request.Header.Set("Content-Type", "application/json")
+	if bearer != "" {
+		request.Header.Set("Authorization", "Bearer "+bearer)
+	}
+	response, err := c.client.Do(request)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+	raw, err := io.ReadAll(response.Body)
+	if err != nil {
+		return err
+	}
+	if response.StatusCode >= 400 {
+		return &ServiceError{
+			StatusCode: response.StatusCode,
+			Message:    strings.TrimSpace(string(raw)),
+		}
+	}
+	var decoded rpcResponse
+	if err := json.Unmarshal(raw, &decoded); err != nil {
+		return fmt.Errorf("parse rpc response: %w", err)
+	}
+	if decoded.Error != nil {
+		return &ServiceError{
+			RPCCode: decoded.Error.Code,
+			Message: decoded.Error.Message,
+			Data:    decoded.Error.Data,
+		}
+	}
+	if out == nil {
+		return nil
+	}
+	return json.Unmarshal(decoded.Result, out)
+}
+func (c *RemoteClient) RPCCall(ctx context.Context, endpoint string, method string, params any, bearer string, out any) error {
+	return c.rpcCall(ctx, endpoint, method, params, bearer, out)
+}
+func (c *RemoteClient) AuthenticatedRPCCall(ctx context.Context, endpoint string, method string, params any, auth *authsdk.Session, out any) error {
+	return c.authenticatedRPCCall(ctx, endpoint, method, params, auth, out)
+}
+func (c *RemoteClient) restPost(ctx context.Context, endpoint string, requestPayload any, bearer string, out any) error {
+	body, err := json.Marshal(requestPayload)
+	if err != nil {
+		return err
+	}
+	request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.baseURL+endpoint, bytes.NewReader(body))
+	if err != nil {
+		return err
+	}
+	request.Header.Set("Content-Type", "application/json")
+	if bearer != "" {
+		request.Header.Set("Authorization", "Bearer "+bearer)
+	}
+	response, err := c.client.Do(request)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+	raw, err := io.ReadAll(response.Body)
+	if err != nil {
+		return err
+	}
+	if response.StatusCode >= 400 {
+		return &ServiceError{
+			StatusCode: response.StatusCode,
+			Message:    strings.TrimSpace(string(raw)),
+		}
+	}
+	if out == nil {
+		return nil
+	}
+	return json.Unmarshal(raw, out)
+}
+func (c *RemoteClient) RestPost(ctx context.Context, endpoint string, requestPayload any, bearer string, out any) error {
+	return c.restPost(ctx, endpoint, requestPayload, bearer, out)
+}
+func (c *RemoteClient) AuthenticatedRestPost(ctx context.Context, endpoint string, requestPayload any, auth *authsdk.Session, out any) error {
+	body, err := json.Marshal(requestPayload)
+	if err != nil {
+		return err
+	}
+	requestURL := c.baseURL + endpoint
+	if err := auth.DoJSON(ctx, c.client, http.MethodPost, requestURL, requestPayload, out); err != nil {
+		var httpErr *authsdk.HTTPError
+		if errors.As(err, &httpErr) {
+			return &ServiceError{StatusCode: httpErr.StatusCode, Message: httpErr.Message}
+		}
+		return err
+	}
+	_ = body
+	return nil
+}
+func (c *RemoteClient) restGet(ctx context.Context, endpoint string, query url.Values, out any) error {
+	target := c.baseURL + endpoint
+	if len(query) > 0 {
+		target += "?" + query.Encode()
+	}
+	request, err := http.NewRequestWithContext(ctx, http.MethodGet, target, nil)
+	if err != nil {
+		return err
+	}
+	response, err := c.client.Do(request)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+	raw, err := io.ReadAll(response.Body)
+	if err != nil {
+		return err
+	}
+	if response.StatusCode >= 400 {
+		return &ServiceError{
+			StatusCode: response.StatusCode,
+			Message:    strings.TrimSpace(string(raw)),
+		}
+	}
+	return json.Unmarshal(raw, out)
+}
+func (c *RemoteClient) RestGet(ctx context.Context, endpoint string, query url.Values, out any) error {
+	return c.restGet(ctx, endpoint, query, out)
+}
+func (c *RemoteClient) authenticatedRPCCall(ctx context.Context, endpoint string, method string, params any, auth *authsdk.Session, out any) error {
+	requestURL := c.baseURL + endpoint
+	if err := auth.DoJSONRPC(ctx, c.client, requestURL, http.MethodPost, method, params, out); err != nil {
+		var rpcErr *authsdk.RPCError
+		if errors.As(err, &rpcErr) {
+			return &ServiceError{RPCCode: rpcErr.Code, Message: rpcErr.Message, Data: rpcErr.Data}
+		}
+		var httpErr *authsdk.HTTPError
+		if errors.As(err, &httpErr) {
+			return &ServiceError{StatusCode: httpErr.StatusCode, Message: httpErr.Message}
+		}
+		return err
+	}
+	return nil
+}

package/internal/identity/did.go ADDED Viewed

@@ -0,0 +1,85 @@
+package identity
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"fmt"
+	"strings"
+	"github.com/agentconnect/awiki-cli/internal/anpsdk"
+)
+func GenerateIdentity(options GenerateOptions) (*GeneratedIdentity, error) {
+	hostname := strings.TrimSpace(options.Hostname)
+	if hostname == "" {
+		return nil, fmt.Errorf("%w: hostname is required", ErrInvalidInput)
+	}
+	pathSegments := clonePathPrefix(options.PathPrefix)
+	if len(pathSegments) == 0 {
+		pathSegments = []string{"user"}
+	}
+	proofDomain := strings.TrimSpace(options.ProofDomain)
+	if proofDomain == "" {
+		proofDomain = hostname
+	}
+	bundle, err := anpsdk.CreateDidWBADocumentWithKeyBinding(hostname, anpsdk.DidDocumentOptions{
+		PathSegments: pathSegments,
+		Domain:       proofDomain,
+		Challenge:    randomHex(16),
+	})
+	if err != nil {
+		return nil, fmt.Errorf("generate did document: %w", err)
+	}
+	did := stringValue(bundle.DidDocument["id"], "")
+	if did == "" {
+		return nil, fmt.Errorf("generated did document is missing id")
+	}
+	key1, ok := bundle.Keys["key-1"]
+	if !ok {
+		return nil, fmt.Errorf("generated did document is missing key-1")
+	}
+	generated := &GeneratedIdentity{
+		DID:            did,
+		UniqueID:       didSuffix(did),
+		DIDDocument:    bundle.DidDocument,
+		Key1PrivatePEM: key1.PrivateKeyPEM,
+		Key1PublicPEM:  key1.PublicKeyPEM,
+	}
+	if key2, ok := bundle.Keys["key-2"]; ok {
+		generated.E2EESigningPrivatePEM = key2.PrivateKeyPEM
+	}
+	if key3, ok := bundle.Keys["key-3"]; ok {
+		generated.E2EEAgreementPrivatePEM = key3.PrivateKeyPEM
+	}
+	return generated, nil
+}
+func didSuffix(did string) string {
+	index := strings.LastIndex(did, ":")
+	if index == -1 || index == len(did)-1 {
+		return did
+	}
+	return did[index+1:]
+}
+func clonePathPrefix(pathPrefix []string) []string {
+	cloned := make([]string, 0, len(pathPrefix))
+	for _, segment := range pathPrefix {
+		trimmed := strings.TrimSpace(segment)
+		if trimmed != "" {
+			cloned = append(cloned, trimmed)
+		}
+	}
+	return cloned
+}
+func randomHex(numBytes int) string {
+	buffer := make([]byte, numBytes)
+	if _, err := rand.Read(buffer); err != nil {
+		return ""
+	}
+	return hex.EncodeToString(buffer)
+}

package/internal/identity/did_test.go ADDED Viewed

@@ -0,0 +1,50 @@
+package identity
+import (
+	"testing"
+	anp "github.com/agent-network-protocol/anp/golang"
+	anpauth "github.com/agent-network-protocol/anp/golang/authentication"
+	anpproof "github.com/agent-network-protocol/anp/golang/proof"
+)
+func TestGenerateIdentity(t *testing.T) {
+	t.Parallel()
+	generated, err := GenerateIdentity(GenerateOptions{
+		Hostname:    "awiki.ai",
+		PathPrefix:  []string{"user"},
+		ProofDomain: "awiki.ai",
+	})
+	if err != nil {
+		t.Fatalf("GenerateIdentity() error = %v", err)
+	}
+	if generated.DID == "" || generated.UniqueID == "" {
+		t.Fatalf("generated identity is missing did/unique_id: %+v", generated)
+	}
+	if generated.DIDDocument == nil {
+		t.Fatal("generated identity is missing did_document")
+	}
+	if got := stringValue(generated.DIDDocument["id"], ""); got != generated.DID {
+		t.Fatalf("did document id mismatch: got %q want %q", got, generated.DID)
+	}
+	if !anpauth.ValidateDIDDocumentBinding(generated.DIDDocument, true) {
+		t.Fatal("generated did document failed did:wba binding validation")
+	}
+	publicKey, err := anp.PublicKeyFromPEM(generated.Key1PublicPEM)
+	if err != nil {
+		t.Fatalf("PublicKeyFromPEM() error = %v", err)
+	}
+	if !anpproof.VerifyW3CProof(generated.DIDDocument, publicKey, anpproof.VerificationOptions{
+		ExpectedPurpose: "assertionMethod",
+		ExpectedDomain:  "awiki.ai",
+	}) {
+		t.Fatal("generated did proof verification failed")
+	}
+	if generated.E2EESigningPrivatePEM == "" {
+		t.Fatal("generated identity is missing e2ee signing private key")
+	}
+	if generated.E2EEAgreementPrivatePEM == "" {
+		t.Fatal("generated identity is missing e2ee agreement private key")
+	}
+}