@bsv/sdk 1.3.27 → 1.3.29

package/src/auth/SessionManager.ts

@@ -1,55 +1,112 @@
 import { PeerSession } from './types.js'
 
 /**
- * Manages sessions for peers, allowing sessions to be added, retrieved, updated, and removed
- * by relevant identifiers (sessionNonce and peerIdentityKey).
+ * Manages sessions for peers, allowing multiple concurrent sessions
+ * per identity key. Primary lookup is always by `sessionNonce`.
  */
 export class SessionManager {
-  private readonly identifierToSession: Map<string, PeerSession>
+  /**
+   * Maps sessionNonce -> PeerSession
+   */
+  private readonly sessionNonceToSession: Map<string, PeerSession>
+
+  /**
+   * Maps identityKey -> Set of sessionNonces
+   */
+  private readonly identityKeyToNonces: Map<string, Set<string>>
 
   constructor () {
-    this.identifierToSession = new Map<string, PeerSession>()
+    this.sessionNonceToSession = new Map<string, PeerSession>()
+    this.identityKeyToNonces = new Map<string, Set<string>>()
   }
 
   /**
-   * Adds a session to the manager, associating it with relevant identifiers for retrieval.
+   * Adds a session to the manager, associating it with its sessionNonce,
+   * and also with its peerIdentityKey (if any).
+   *
+   * This does NOT overwrite existing sessions for the same peerIdentityKey,
+   * allowing multiple concurrent sessions for the same peer.
    *
    * @param {PeerSession} session - The peer session to add.
    */
   addSession (session: PeerSession): void {
-    if ((session.sessionNonce === null || session.sessionNonce === undefined || session.sessionNonce === '') &&
-      (session.peerIdentityKey === null || session.peerIdentityKey === undefined || session.peerIdentityKey === '')) {
+    if (typeof session.sessionNonce !== 'string') {
       throw new Error(
-        'Invalid session: at least one of sessionNonce or peerIdentityKey is required.'
+        'Invalid session: sessionNonce is required to add a session.'
       )
     }
 
-    if (session.sessionNonce !== null && session.sessionNonce !== undefined && session.sessionNonce !== '') {
-      this.identifierToSession.set(session.sessionNonce, session)
-    }
-    if (session.peerIdentityKey !== null && session.peerIdentityKey !== undefined && session.peerIdentityKey !== '') {
-      this.identifierToSession.set(session.peerIdentityKey, session)
+    // Use the sessionNonce as the primary key
+    this.sessionNonceToSession.set(session.sessionNonce, session)
+
+    // Also track it by identity key if present
+    if (typeof session.peerIdentityKey === 'string') {
+      let nonces = this.identityKeyToNonces.get(session.peerIdentityKey)
+      if (nonces == null) {
+        nonces = new Set<string>()
+        this.identityKeyToNonces.set(session.peerIdentityKey, nonces)
+      }
+      nonces.add(session.sessionNonce)
     }
   }
 
   /**
-   * Updates a session in the manager, ensuring that all identifiers are correctly associated.
+   * Updates a session in the manager (primarily by re-adding it),
+   * ensuring we record the latest data (e.g., isAuthenticated, lastUpdate, etc.).
    *
    * @param {PeerSession} session - The peer session to update.
    */
   updateSession (session: PeerSession): void {
+    // Remove the old references (if any) and re-add
     this.removeSession(session)
     this.addSession(session)
   }
 
   /**
-   * Retrieves a session based on a given identifier.
+   * Retrieves a session based on a given identifier, which can be:
+   *  - A sessionNonce, or
+   *  - A peerIdentityKey.
+   *
+   * If it is a `sessionNonce`, returns that exact session.
+   * If it is a `peerIdentityKey`, returns the "best" (e.g. most recently updated,
+   * authenticated) session associated with that peer, if any.
    *
    * @param {string} identifier - The identifier for the session (sessionNonce or peerIdentityKey).
    * @returns {PeerSession | undefined} - The matching peer session, or undefined if not found.
    */
   getSession (identifier: string): PeerSession | undefined {
-    return this.identifierToSession.get(identifier)
+    // Check if this identifier is directly a sessionNonce
+    const direct = this.sessionNonceToSession.get(identifier)
+    if (direct != null) {
+      return direct
+    }
+
+    // Otherwise, interpret the identifier as an identity key
+    const nonces = this.identityKeyToNonces.get(identifier)
+    if ((nonces == null) || nonces.size === 0) {
+      return undefined
+    }
+
+    // Pick the "best" session. One sensible approach:
+    // - Choose an authenticated session if available
+    // - Among them, pick the most recently updated
+    let best: PeerSession | undefined
+    for (const nonce of nonces) {
+      const s = this.sessionNonceToSession.get(nonce)
+      if (s == null) continue
+      // We can prefer authenticated sessions
+      if (best == null) {
+        best = s
+      } else {
+        // If we want the "most recently updated" AND isAuthenticated
+        if ((s.lastUpdate ?? 0) > (best.lastUpdate ?? 0)) {
+          best = s
+        }
+      }
+    }
+    // Optionally, you could also filter out isAuthenticated===false if you only want
+    // an authenticated session. But for our usage, let's return the latest any session.
+    return best
   }
 
   /**
@@ -58,21 +115,31 @@ export class SessionManager {
    * @param {PeerSession} session - The peer session to remove.
    */
   removeSession (session: PeerSession): void {
-    if (session.sessionNonce !== null && session.sessionNonce !== undefined && session.sessionNonce !== '') {
-      this.identifierToSession.delete(session.sessionNonce)
+    if (typeof session.sessionNonce === 'string') {
+      this.sessionNonceToSession.delete(session.sessionNonce)
     }
-    if (session.peerIdentityKey !== null && session.peerIdentityKey !== undefined && session.peerIdentityKey !== '') {
-      this.identifierToSession.delete(session.peerIdentityKey)
+    if (typeof session.peerIdentityKey === 'string') {
+      const nonces = this.identityKeyToNonces.get(session.peerIdentityKey)
+      if (nonces != null) {
+        nonces.delete(session.sessionNonce ?? '')
+        if (nonces.size === 0) {
+          this.identityKeyToNonces.delete(session.peerIdentityKey)
+        }
+      }
     }
   }
 
   /**
-   * Checks if a session exists based on a given identifier.
+   * Checks if a session exists for a given identifier (either sessionNonce or identityKey).
    *
    * @param {string} identifier - The identifier to check.
    * @returns {boolean} - True if the session exists, false otherwise.
    */
   hasSession (identifier: string): boolean {
-    return this.identifierToSession.has(identifier)
+    const direct = this.sessionNonceToSession.has(identifier)
+    if (direct) return true
+    // if not directly a nonce, interpret as identityKey
+    const nonces = this.identityKeyToNonces.get(identifier)
+    return !(nonces == null) && nonces.size > 0
   }
 }

package/src/auth/__tests/Peer.test.ts

@@ -232,6 +232,72 @@ describe('Peer class mutual authentication and certificate exchange', () => {
     expect(certificatesReceivedByBob).toEqual([])
   }, 15000)
 
+  it('Alice talks to Bob across two devices, Bob can respond across both sessions', async () => {
+    const transportA1 = new LocalTransport()
+    const transportA2 = new LocalTransport()
+    const transportB = new LocalTransport()
+    transportA1.connect(transportB)
+    const aliceKey = PrivateKey.fromRandom()
+    const walletA1 = new CompletedProtoWallet(aliceKey)
+    const walletA2 = new CompletedProtoWallet(aliceKey)
+    const walletB = new CompletedProtoWallet(PrivateKey.fromRandom())
+    const aliceFirstDevice = new Peer(
+      walletA1,
+      transportA1
+    )
+    const aliceOtherDevice = new Peer(
+      walletA2,
+      transportA2
+    )
+    const bob = new Peer(
+      walletB,
+      transportB
+    )
+    const alice1MessageHandler = jest.fn()
+    const alice2MessageHandler = jest.fn()
+    const bobMessageHandler = jest.fn()
+
+    const bobReceivedGeneralMessage = new Promise<void>((resolve) => {
+      bob.listenForGeneralMessages((senderPublicKey, payload) => {
+        (async () => {
+          console.log('Bob 1 received message:', Utils.toUTF8(payload))
+          await bob.toPeer(Utils.toArray('Hello Alice!'), senderPublicKey)
+          resolve()
+          bobMessageHandler(senderPublicKey, payload)
+        })().catch(e => console.log(e))
+      })
+    })
+    let aliceReceivedGeneralMessageOnFirstDevice = new Promise<void>((resolve) => {
+      aliceFirstDevice.listenForGeneralMessages((senderPublicKey, payload) => {
+        (async () => {
+          console.log('Alice 1 received message:', Utils.toUTF8(payload))
+          resolve()
+          alice1MessageHandler(senderPublicKey, payload)
+        })().catch(e => console.log(e))
+      })
+    })
+    const aliceReceivedGeneralMessageOnOtherDevice = new Promise<void>((resolve) => {
+      aliceOtherDevice.listenForGeneralMessages((senderPublicKey, payload) => {
+        (async () => {
+          console.log('Alice 2 received message:', Utils.toUTF8(payload))
+          resolve()
+          alice2MessageHandler(senderPublicKey, payload)
+        })().catch(e => console.log(e))
+      })
+    })
+
+    await aliceFirstDevice.toPeer(Utils.toArray('Hello Bob!'))
+    await bobReceivedGeneralMessage
+    await aliceReceivedGeneralMessageOnFirstDevice
+    transportA2.connect(transportB)
+    await aliceOtherDevice.toPeer(Utils.toArray('Hello Bob from my other device!'))
+    await aliceReceivedGeneralMessageOnOtherDevice
+    transportA1.connect(transportB)
+    await aliceFirstDevice.toPeer(Utils.toArray('Back on my first device now, Bob! Can you still hear me?'))
+    await new Promise(resolve => setTimeout(resolve, 2000))
+    expect(alice1MessageHandler.mock.calls.length).toEqual(2)
+  }, 30000)
+
   it('Bob requests certificates from Alice, Alice does not request any from Bob', async () => {
     const alicePubKey = (await walletA.getPublicKey({ identityKey: true }))
       .publicKey

package/src/auth/__tests/SessionManager.test.ts

@@ -10,7 +10,8 @@ describe('SessionManager', () => {
     validSession = {
       isAuthenticated: false,
       sessionNonce: 'testSessionNonce',
-      peerIdentityKey: 'testPeerIdentityKey'
+      peerIdentityKey: 'testPeerIdentityKey',
+      lastUpdate: 1
     }
   })
 
@@ -39,7 +40,7 @@ describe('SessionManager', () => {
       }
 
       expect(() => sessionManager.addSession(invalidSession)).toThrow(
-        'Invalid session: at least one of sessionNonce or peerIdentityKey is required.'
+        'Invalid session: sessionNonce is required to add a session.'
       )
     })
 

package/src/auth/clients/AuthFetch.ts

@@ -405,7 +405,7 @@ export class AuthFetch {
     }
 
     const derivationPrefix = originalResponse.headers.get('x-bsv-payment-derivation-prefix')
-    if (!derivationPrefix) {
+    if (typeof derivationPrefix !== 'string' || derivationPrefix.length < 1) {
       throw new Error('Missing x-bsv-payment-derivation-prefix response header.')
     }
 
@@ -426,8 +426,12 @@ export class AuthFetch {
       outputs: [{
         satoshis: satoshisRequired,
         lockingScript,
+        customInstructions: JSON.stringify({ derivationPrefix, derivationSuffix, payee: serverIdentityKey }),
         outputDescription: 'HTTP request payment'
-      }]
+      }],
+      options: {
+        randomizeOutputs: false
+      }
     })
 
     // Attach the payment to the request headers

package/src/auth/types.ts

@@ -38,4 +38,5 @@ export interface PeerSession {
   sessionNonce?: string
   peerNonce?: string
   peerIdentityKey?: string
+  lastUpdate: number
 }