@dxos/client-services 0.4.10-main.c42bfdb → 0.4.10-main.c75170d

package/src/packlets/indexing/util.ts

@@ -7,7 +7,7 @@ import { type DocHandle } from '@dxos/automerge/automerge-repo';
 import { warnAfterTimeout } from '@dxos/debug';
 import { type AutomergeHost } from '@dxos/echo-pipeline';
 import { type ObjectSnapshot } from '@dxos/indexing';
-import { idCodec } from '@dxos/protocols';
+import { type ObjectPointerEncoded, idCodec } from '@dxos/protocols';
 
 /**
  * Factory for `loadDocuments` iterator.
@@ -18,7 +18,7 @@ export const createSelectedDocumentsIterator = (automergeHost: AutomergeHost) =>
    * @param ids
    */
   // TODO(mykola): Unload automerge handles after usage.
-  async function* loadDocuments(ids: string[]) {
+  async function* loadDocuments(ids: ObjectPointerEncoded[]) {
     for (const id of ids) {
       const { documentId, objectId } = idCodec.decode(id);
       const handle = automergeHost.repo.find(documentId as any);

package/src/packlets/invitations/index.ts

@@ -7,3 +7,4 @@ export * from './invitation-protocol';
 export * from './invitations-handler';
 export * from './invitations-service';
 export * from './space-invitation-protocol';
+export * from './invitations-manager';

package/src/packlets/invitations/invitation-extension.ts

@@ -4,6 +4,7 @@
 
 import { Trigger } from '@dxos/async';
 import { cancelWithContext, Context } from '@dxos/context';
+import { randomBytes, verify } from '@dxos/crypto';
 import { invariant } from '@dxos/invariant';
 import { PublicKey } from '@dxos/keys';
 import { log } from '@dxos/log';
@@ -51,6 +52,8 @@ export class InvitationHostExtension extends RpcExtension<
   private _remoteOptions?: Options;
   private _remoteOptionsTrigger = new Trigger();
 
+  private _challenge?: Buffer = undefined;
+
   public invitation?: Invitation = undefined;
 
   public guestProfile?: ProfileDocument = undefined;
@@ -113,13 +116,17 @@ export class InvitationHostExtension extends RpcExtension<
 
           this._callbacks.onStateUpdate({ ...this.invitation, state: Invitation.State.READY_FOR_AUTHENTICATION });
 
+          this._challenge =
+            this.invitation.authMethod === Invitation.AuthMethod.KNOWN_PUBLIC_KEY ? randomBytes(32) : undefined;
+
           log.trace('dxos.sdk.invitation-handler.host.introduce', trace.end({ id: traceId }));
           return {
             authMethod: this.invitation.authMethod,
+            challenge: this._challenge,
           };
         },
 
-        authenticate: async ({ authCode: code }) => {
+        authenticate: async ({ authCode: code, signedChallenge }) => {
           const traceId = PublicKey.random().toHex();
           log.trace('dxos.sdk.invitation-handler.host.authenticate', trace.begin({ id: traceId }));
           log('received authentication request', { authCode: code });
@@ -145,6 +152,26 @@ export class InvitationHostExtension extends RpcExtension<
               break;
             }
 
+            case Invitation.AuthMethod.KNOWN_PUBLIC_KEY: {
+              if (!this.invitation.guestKeypair) {
+                status = AuthenticationResponse.Status.INTERNAL_ERROR;
+                break;
+              }
+              const isSignatureValid =
+                this._challenge &&
+                verify(
+                  this._challenge,
+                  Buffer.from(signedChallenge ?? []),
+                  this.invitation.guestKeypair.publicKey.asBuffer(),
+                );
+              if (isSignatureValid) {
+                this.authenticationPassed = true;
+              } else {
+                status = AuthenticationResponse.Status.INVALID_SIGNATURE;
+              }
+              break;
+            }
+
             default: {
               log.error('invalid authentication method', { authMethod: this.invitation.authMethod });
               status = AuthenticationResponse.Status.INTERNAL_ERROR;

package/src/packlets/invitations/invitations-handler.ts

@@ -11,6 +11,7 @@ import {
 } from '@dxos/client-protocol';
 import { Context } from '@dxos/context';
 import { generatePasscode } from '@dxos/credentials';
+import { createKeyPair, sign } from '@dxos/crypto';
 import { invariant } from '@dxos/invariant';
 import { PublicKey } from '@dxos/keys';
 import { log } from '@dxos/log';
@@ -21,9 +22,9 @@ import {
   type SwarmConnection,
 } from '@dxos/network-manager';
 import { InvalidInvitationExtensionRoleError, trace } from '@dxos/protocols';
-import { Invitation } from '@dxos/protocols/proto/dxos/client/services';
+import { type AdmissionKeypair, Invitation } from '@dxos/protocols/proto/dxos/client/services';
 import { type DeviceProfileDocument } from '@dxos/protocols/proto/dxos/halo/credentials';
-import { AuthenticationResponse } from '@dxos/protocols/proto/dxos/halo/invitations';
+import { AuthenticationResponse, type IntroductionResponse } from '@dxos/protocols/proto/dxos/halo/invitations';
 
 import {
   InvitationGuestExtension,
@@ -74,9 +75,11 @@ export class InvitationsHandler {
       state = Invitation.State.INIT,
       timeout = INVITATION_TIMEOUT,
       swarmKey = PublicKey.random(),
-      persistent = true,
+      persistent = options?.authMethod !== Invitation.AuthMethod.KNOWN_PUBLIC_KEY, // default no not storing keypairs
       created = new Date(),
-      lifetime = 86400, // 1 day
+      guestKeypair = undefined,
+      lifetime = 86400, // 1 day,
+      multiUse = false,
     } = options ?? {};
     const authCode =
       options?.authCode ??
@@ -91,9 +94,12 @@ export class InvitationsHandler {
       swarmKey,
       authCode,
       timeout,
-      persistent,
+      persistent: persistent && type !== Invitation.Type.DELEGATED, // delegated invitations are persisted in control feed
+      guestKeypair:
+        guestKeypair ?? (authMethod === Invitation.AuthMethod.KNOWN_PUBLIC_KEY ? createAdmissionKeypair() : undefined),
       created,
       lifetime,
+      multiUse,
       ...protocol.getInvitationContext(),
     };
 
@@ -162,7 +168,7 @@ export class InvitationsHandler {
               }
               log.trace('dxos.sdk.invitations-handler.host.onOpen', trace.error({ id: traceId, error: err }));
             } finally {
-              if (type !== Invitation.Type.MULTIUSE) {
+              if (!multiUse) {
                 // Wait for graceful close before disposing.
                 await swarmConnection.close();
                 await ctx.dispose();
@@ -187,7 +193,7 @@ export class InvitationsHandler {
       return extension;
     };
 
-    if (invitation.lifetime && invitation.created && invitation.lifetime !== 0) {
+    if (invitation.lifetime && invitation.created) {
       if (invitation.created.getTime() + invitation.lifetime * 1000 < Date.now()) {
         log.warn('invitation has already expired');
       } else {
@@ -245,7 +251,6 @@ export class InvitationsHandler {
     const { timeout = INVITATION_TIMEOUT } = invitation;
     invariant(protocol);
 
-    // TODO(nf): duplicate check in InvitationsService
     if (deviceProfile) {
       invariant(invitation.kind === Invitation.Kind.DEVICE, 'deviceProfile provided for non-device invitation');
     }
@@ -317,26 +322,13 @@ export class InvitationsHandler {
 
               // 2. Get authentication code.
               if (isAuthenticationRequired(invitation)) {
-                for (let attempt = 1; attempt <= MAX_OTP_ATTEMPTS; attempt++) {
-                  log('guest waiting for authentication code...');
-                  setState({ state: Invitation.State.READY_FOR_AUTHENTICATION });
-                  const authCode = await authenticated.wait({ timeout });
-
-                  log('sending authentication request');
-                  setState({ state: Invitation.State.AUTHENTICATING });
-                  const response = await extension.rpc.InvitationHostService.authenticate({ authCode });
-                  if (response.status === undefined || response.status === AuthenticationResponse.Status.OK) {
+                switch (invitation.authMethod) {
+                  case Invitation.AuthMethod.SHARED_SECRET:
+                    await this._handleGuestOtpAuth(extension, setState, authenticated, { timeout });
+                    break;
+                  case Invitation.AuthMethod.KNOWN_PUBLIC_KEY:
+                    await this._handleGuestKpkAuth(extension, setState, invitation, introductionResponse);
                     break;
-                  }
-
-                  if (response.status === AuthenticationResponse.Status.INVALID_OTP) {
-                    if (attempt === MAX_OTP_ATTEMPTS) {
-                      throw new Error(`Maximum retry attempts: ${MAX_OTP_ATTEMPTS}`);
-                    } else {
-                      log('retrying invalid code', { attempt });
-                      authenticated.reset();
-                    }
-                  }
                 }
               }
 
@@ -423,13 +415,61 @@ export class InvitationsHandler {
 
     return observable;
   }
+
+  private async _handleGuestOtpAuth(
+    extension: InvitationGuestExtension,
+    setState: (newState: Partial<Invitation>) => void,
+    authenticated: Trigger<string>,
+    options: { timeout: number },
+  ) {
+    for (let attempt = 1; attempt <= MAX_OTP_ATTEMPTS; attempt++) {
+      log('guest waiting for authentication code...');
+      setState({ state: Invitation.State.READY_FOR_AUTHENTICATION });
+      const authCode = await authenticated.wait(options);
+
+      log('sending authentication request');
+      setState({ state: Invitation.State.AUTHENTICATING });
+      const response = await extension.rpc.InvitationHostService.authenticate({ authCode });
+      if (response.status === undefined || response.status === AuthenticationResponse.Status.OK) {
+        break;
+      }
+
+      if (response.status === AuthenticationResponse.Status.INVALID_OTP) {
+        if (attempt === MAX_OTP_ATTEMPTS) {
+          throw new Error(`Maximum retry attempts: ${MAX_OTP_ATTEMPTS}`);
+        } else {
+          log('retrying invalid code', { attempt });
+          authenticated.reset();
+        }
+      }
+    }
+  }
+
+  private async _handleGuestKpkAuth(
+    extension: InvitationGuestExtension,
+    setState: (newState: Partial<Invitation>) => void,
+    invitation: Invitation,
+    introductionResponse: IntroductionResponse,
+  ) {
+    if (invitation.guestKeypair?.privateKey == null) {
+      throw new Error('keypair missing in the invitation');
+    }
+    if (introductionResponse.challenge == null) {
+      throw new Error('challenge missing in the introduction');
+    }
+    log('sending authentication request');
+    setState({ state: Invitation.State.AUTHENTICATING });
+    const signature = sign(Buffer.from(introductionResponse.challenge), invitation.guestKeypair.privateKey);
+    const response = await extension.rpc.InvitationHostService.authenticate({
+      signedChallenge: signature,
+    });
+    if (response.status !== AuthenticationResponse.Status.OK) {
+      throw new Error(`Authentication failed with code: ${response.status}`);
+    }
+  }
 }
 
-export const invitationExpired = (invitation: Invitation) => {
-  return (
-    invitation.created &&
-    invitation.lifetime &&
-    invitation.lifetime !== 0 &&
-    invitation.created.getTime() + invitation.lifetime * 1000 < Date.now()
-  );
+export const createAdmissionKeypair = (): AdmissionKeypair => {
+  const keypair = createKeyPair();
+  return { publicKey: PublicKey.from(keypair.publicKey), privateKey: keypair.secretKey };
 };

package/src/packlets/invitations/invitations-manager.ts

@@ -0,0 +1,197 @@
+//
+// Copyright 2024 DXOS.org
+//
+
+import { Event } from '@dxos/async';
+import type { AuthenticatingInvitation, CancellableInvitation } from '@dxos/client-protocol';
+import { type Context } from '@dxos/context';
+import { hasInvitationExpired, type MetadataStore } from '@dxos/echo-pipeline';
+import { invariant } from '@dxos/invariant';
+import { log } from '@dxos/log';
+import {
+  type AcceptInvitationRequest,
+  type Invitation,
+  type AuthenticationRequest,
+} from '@dxos/protocols/proto/dxos/client/services';
+
+import type { InvitationProtocol } from './invitation-protocol';
+import type { InvitationsHandler } from './invitations-handler';
+
+/**
+ * Entry point for creating and accepting invitations, keeps track of existing invitation set and
+ * emits events when the set changes.
+ */
+export class InvitationsManager {
+  private readonly _createInvitations = new Map<string, CancellableInvitation>();
+  private readonly _acceptInvitations = new Map<string, AuthenticatingInvitation>();
+
+  public readonly invitationCreated = new Event<Invitation>();
+  public readonly invitationAccepted = new Event<Invitation>();
+  public readonly removedCreated = new Event<Invitation>();
+  public readonly removedAccepted = new Event<Invitation>();
+  public readonly saved = new Event<Invitation>();
+
+  private readonly _persistentInvitationsLoadedEvent = new Event();
+  private _persistentInvitationsLoaded = false;
+
+  constructor(
+    private readonly _invitationsHandler: InvitationsHandler,
+    private readonly _getHandler: (invitation: Invitation) => InvitationProtocol,
+    private readonly _metadataStore: MetadataStore,
+  ) {}
+
+  createInvitation(options: Invitation): CancellableInvitation {
+    const existingInvitation = this._createInvitations.get(options.invitationId);
+    if (existingInvitation) {
+      return existingInvitation;
+    }
+
+    const handler = this._getHandler(options);
+    const invitation = this._invitationsHandler.createInvitation(handler, options);
+    this._createInvitations.set(invitation.get().invitationId, invitation);
+    this.invitationCreated.emit(invitation.get());
+
+    const saveInvitationTask = invitation.get().persistent
+      ? this._safePersistInBackground(invitation)
+      : Promise.resolve();
+
+    // onComplete is called on cancel, expiration, or redemption of a single-use invitation
+    this._onInvitationComplete(invitation, async () => {
+      this._createInvitations.delete(invitation.get().invitationId);
+      this.removedCreated.emit(invitation.get());
+      if (invitation.get().persistent) {
+        await saveInvitationTask;
+        await this._safeDeleteInvitation(invitation.get());
+      }
+    });
+
+    return invitation;
+  }
+
+  async loadPersistentInvitations(): Promise<{ invitations: Invitation[] }> {
+    if (this._persistentInvitationsLoaded) {
+      const invitations = this.getCreatedInvitations().filter((i) => i.persistent);
+      return { invitations };
+    }
+    try {
+      const persistentInvitations = this._metadataStore.getInvitations();
+      // get saved persistent invitations, filter and remove from storage those that have expired.
+      const freshInvitations = persistentInvitations.filter((invitation) => !hasInvitationExpired(invitation));
+
+      const cInvitations = freshInvitations.map((persistentInvitation) => {
+        invariant(!this._createInvitations.get(persistentInvitation.invitationId), 'invitation already exists');
+        return this.createInvitation({ ...persistentInvitation, persistent: false }).get();
+      });
+
+      return { invitations: cInvitations };
+    } catch (err) {
+      log.catch(err);
+      return { invitations: [] };
+    } finally {
+      this._persistentInvitationsLoadedEvent.emit();
+      this._persistentInvitationsLoaded = true;
+    }
+  }
+
+  acceptInvitation(request: AcceptInvitationRequest): AuthenticatingInvitation {
+    const options = request.invitation;
+    const existingInvitation = this._acceptInvitations.get(options.invitationId);
+    if (existingInvitation) {
+      return existingInvitation;
+    }
+
+    const handler = this._getHandler(options);
+    const invitation = this._invitationsHandler.acceptInvitation(handler, options, request.deviceProfile);
+    this._acceptInvitations.set(invitation.get().invitationId, invitation);
+    this.invitationAccepted.emit(invitation.get());
+
+    this._onInvitationComplete(invitation, () => {
+      this._acceptInvitations.delete(invitation.get().invitationId);
+      this.removedAccepted.emit(invitation.get());
+    });
+
+    return invitation;
+  }
+
+  async authenticate({ invitationId, authCode }: AuthenticationRequest): Promise<void> {
+    log('authenticating...');
+    invariant(invitationId);
+    const observable = this._acceptInvitations.get(invitationId);
+    if (!observable) {
+      log.warn('invalid invitation', { invitationId });
+    } else {
+      await observable.authenticate(authCode);
+    }
+  }
+
+  async cancelInvitation({ invitationId }: { invitationId: string }): Promise<void> {
+    log('cancelInvitation...', { invitationId });
+    invariant(invitationId);
+    const created = this._createInvitations.get(invitationId);
+    if (created) {
+      // remove from storage before modifying in-memory state, higher chance of failing
+      if (created.get().persistent) {
+        await this._metadataStore.removeInvitation(invitationId);
+      }
+      await created.cancel();
+      this._createInvitations.delete(invitationId);
+      this.removedCreated.emit(created.get());
+      return;
+    }
+
+    const accepted = this._acceptInvitations.get(invitationId);
+    if (accepted) {
+      await accepted.cancel();
+      this._acceptInvitations.delete(invitationId);
+      this.removedAccepted.emit(accepted.get());
+    }
+  }
+
+  getCreatedInvitations(): Invitation[] {
+    return [...this._createInvitations.values()].map((i) => i.get());
+  }
+
+  getAcceptedInvitations(): Invitation[] {
+    return [...this._acceptInvitations.values()].map((i) => i.get());
+  }
+
+  onPersistentInvitationsLoaded(ctx: Context, callback: () => void) {
+    if (this._persistentInvitationsLoaded) {
+      callback();
+    } else {
+      this._persistentInvitationsLoadedEvent.once(ctx, () => callback());
+    }
+  }
+
+  private _safePersistInBackground(invitation: CancellableInvitation): Promise<void> {
+    return new Promise((resolve) => {
+      setTimeout(async () => {
+        try {
+          await this._metadataStore.addInvitation(invitation.get());
+          this.saved.emit(invitation.get());
+        } catch (err: any) {
+          log.catch(err);
+          await invitation.cancel();
+        } finally {
+          resolve();
+        }
+      });
+    });
+  }
+
+  private async _safeDeleteInvitation(invitation: Invitation): Promise<void> {
+    try {
+      await this._metadataStore.removeInvitation(invitation.invitationId);
+    } catch (err) {
+      log.catch(err);
+    }
+  }
+
+  private _onInvitationComplete(invitation: CancellableInvitation, callback: () => void) {
+    invitation.subscribe(
+      () => {},
+      () => {},
+      callback,
+    );
+  }
+}