npm - @dxos/client-services - Versions diffs - 0.6.13 → 0.6.14-main.7bd9c89 - Mend

@dxos/client-services 0.6.13 → 0.6.14-main.7bd9c89

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/src/packlets/identity/identity.test.ts CHANGED Viewed

@@ -2,8 +2,9 @@
 // Copyright 2022 DXOS.org
 //
-import expect from 'expect';
+import { onTestFinished, describe, expect, test } from 'vitest';
+import { Event } from '@dxos/async';
 import { Context } from '@dxos/context';
 import { CredentialGenerator, verifyCredential } from '@dxos/credentials';
 import {
@@ -15,7 +16,9 @@ import {
   SpaceProtocol,
   valueEncoding,
 } from '@dxos/echo-pipeline';
+import { type EdgeConnection, type MessageListener } from '@dxos/edge-client';
 import { FeedFactory, FeedStore } from '@dxos/feed-store';
+import { type FeedWrapper } from '@dxos/feed-store';
 import { Keyring } from '@dxos/keyring';
 import { type PublicKey } from '@dxos/keys';
 import { MemorySignalManager, MemorySignalManagerContext } from '@dxos/messaging';
@@ -24,7 +27,6 @@ import { type FeedMessage } from '@dxos/protocols/proto/dxos/echo/feed';
 import { AdmittedFeed } from '@dxos/protocols/proto/dxos/halo/credentials';
 import { createStorage, StorageType } from '@dxos/random-access-storage';
 import { BlobStore } from '@dxos/teleport-extension-object-sync';
-import { afterTest, describe, test } from '@dxos/test';
 import { Identity } from './identity';
@@ -42,16 +44,108 @@ const createStores = () => {
 describe('identity/identity', () => {
   test('create', async () => {
+    const setup = await setupIdentity();
+    await writeGenesisCredential(setup);
+    // Wait for identity to be ready.
+    await setup.identity.ready();
+    const identitySigner = setup.identity.getIdentityCredentialSigner();
+    const credential = await identitySigner.createCredential({
+      subject: setup.identityKey,
+      assertion: {
+        '@type': 'dxos.halo.credentials.IdentityProfile',
+        profile: {
+          displayName: 'Alice',
+        },
+      },
+    });
+    expect(credential.issuer).toEqual(setup.identityKey);
+    expect(await verifyCredential(credential)).toEqual({ kind: 'pass' });
+  });
+  test('two devices', async () => {
+    const signalContext = new MemorySignalManagerContext();
+    const owner = await setupIdentity({ signalContext });
+    await writeGenesisCredential(owner);
+    await owner.identity.ready();
+    const secondDevice = (
+      await setupIdentity({
+        signalContext,
+        spaceKey: owner.spaceKey,
+        identityKey: owner.identityKey,
+        genesisFeedKey: owner.controlFeed.key,
+      })
+    ).identity;
+    //
+    // Second device admission
+    //
+    {
+      const signer = owner.identity.getIdentityCredentialSigner();
+      void owner.identity.controlPipeline.writer.write({
+        credential: {
+          credential: await signer.createCredential({
+            subject: secondDevice.deviceKey,
+            assertion: {
+              '@type': 'dxos.halo.credentials.AuthorizedDevice',
+              identityKey: owner.identityKey,
+              deviceKey: secondDevice.deviceKey,
+            },
+          }),
+        },
+      });
+      await secondDevice.ready();
+    }
+    expect(Array.from(owner.identity.authorizedDeviceKeys.keys())).toEqual([owner.deviceKey, secondDevice.deviceKey]);
+    expect(Array.from(secondDevice.authorizedDeviceKeys.keys())).toEqual([owner.deviceKey, secondDevice.deviceKey]);
+  });
+  test('edge feed replicator', async () => {
+    let replicationStarted = false;
+    const connectedEvent = new Event();
+    const setup = await setupIdentity({
+      edgeConnection: {
+        connected: connectedEvent,
+        open: async () => {},
+        close: async () => {},
+        addListener: (_: MessageListener): (() => void) => {
+          return () => {};
+        },
+        send: async (_) => {
+          replicationStarted = true;
+        },
+      } as EdgeConnection,
+    });
+    await writeGenesisCredential(setup);
+    connectedEvent.emit();
+    await expect.poll(() => replicationStarted).toBeTruthy();
+  });
+  const setupIdentity = async (args?: {
+    signalContext?: MemorySignalManagerContext;
+    spaceKey?: PublicKey;
+    identityKey?: PublicKey;
+    genesisFeedKey?: PublicKey;
+    edgeConnection?: EdgeConnection;
+  }): Promise<TestIdentitySetup> => {
     const { storage, metadataStore, blobStore } = createStores();
     const keyring = new Keyring();
-    const identityKey = await keyring.createKey();
     const deviceKey = await keyring.createKey();
-    const spaceKey = await keyring.createKey();
+    const identityKey = args?.identityKey ?? (await keyring.createKey());
+    const spaceKey = args?.spaceKey ?? (await keyring.createKey());
     const feedStore = new FeedStore<FeedMessage>({
       factory: new FeedFactory<FeedMessage>({
-        root: storage.createDirectory('feeds'),
+        root: storage.createDirectory(),
         signer: keyring,
         hypercore: {
           valueEncoding,
@@ -77,8 +171,9 @@ describe('identity/identity', () => {
       },
       blobStore,
       networkManager: new SwarmNetworkManager({
-        signalManager: new MemorySignalManager(new MemorySignalManagerContext()),
+        signalManager: new MemorySignalManager(args?.signalContext ?? new MemorySignalManagerContext()),
         transportFactory: MemoryTransportFactory,
+        peerInfo: { identityKey: identityKey.toHex(), peerKey: deviceKey.toHex() },
       }),
     });
@@ -87,7 +182,7 @@ describe('identity/identity', () => {
       id: await createIdFromSpaceKey(spaceKey),
       spaceKey,
       protocol,
-      genesisFeed: controlFeed,
+      genesisFeed: args?.genesisFeedKey ? await feedStore.openFeed(args.genesisFeedKey) : controlFeed,
       feedProvider: (feedKey) => feedStore.openFeed(feedKey),
       memberKey: identityKey,
       metadataStore,
@@ -103,242 +198,38 @@ describe('identity/identity', () => {
       identityKey,
       deviceKey,
       space,
+      edgeFeatures: args?.edgeConnection && { feedReplicator: true },
+      edgeConnection: args?.edgeConnection,
     });
     await identity.open(new Context());
-    afterTest(() => identity.close(new Context()));
-    //
-    // Identity genesis
-    //
-    {
-      const generator = new CredentialGenerator(keyring, identityKey, deviceKey);
-      const credentials = [
-        ...(await generator.createSpaceGenesis(spaceKey, controlFeed.key)),
-        await generator.createDeviceAuthorization(deviceKey),
-        await generator.createFeedAdmission(spaceKey, dataFeed.key, AdmittedFeed.Designation.DATA),
-      ];
-      for (const credential of credentials) {
-        await identity.controlPipeline.writer.write({
-          credential: { credential },
-        });
-      }
-    }
-    // Wait for identity to be ready.
-    await identity.ready();
-    const identitySigner = identity.getIdentityCredentialSigner();
-    const credential = await identitySigner.createCredential({
-      subject: identityKey,
-      assertion: {
-        '@type': 'dxos.halo.credentials.IdentityProfile',
-        profile: {
-          displayName: 'Alice',
-        },
-      },
-    });
-    expect(credential.issuer).toEqual(identityKey);
-    expect(await verifyCredential(credential)).toEqual({ kind: 'pass' });
-  });
-  test('two devices', async () => {
-    const signalContext = new MemorySignalManagerContext();
-    let spaceKey: PublicKey;
-    let identityKey: PublicKey;
-    let genesisFeedKey: PublicKey;
-    let identity1: Identity;
-    let identity2: Identity;
-    //
-    // First device
-    //
-    {
-      const { storage, metadataStore, blobStore } = createStores();
-      const keyring = new Keyring();
-      identityKey = await keyring.createKey();
-      const deviceKey = await keyring.createKey();
-      spaceKey = await keyring.createKey();
-      const feedStore = new FeedStore<FeedMessage>({
-        factory: new FeedFactory<FeedMessage>({
-          root: storage.createDirectory(),
-          signer: keyring,
-          hypercore: {
-            valueEncoding,
-          },
-        }),
-      });
-      const createFeed = async () => {
-        const feedKey = await keyring.createKey();
-        return feedStore.openFeed(feedKey, { writable: true });
-      };
-      const controlFeed = await createFeed();
-      genesisFeedKey = controlFeed.key;
-      const dataFeed = await createFeed();
-      const protocol = new SpaceProtocol({
-        topic: spaceKey,
-        swarmIdentity: {
-          peerKey: deviceKey,
-          identityKey,
-          credentialProvider: MOCK_AUTH_PROVIDER, // createHaloAuthProvider(createCredentialSignerWithKey(keyring, device_key)),
-          credentialAuthenticator: MOCK_AUTH_VERIFIER, // createHaloAuthVerifier(() => identity.authorizedDeviceKeys),
-        },
-        blobStore,
-        networkManager: new SwarmNetworkManager({
-          signalManager: new MemorySignalManager(signalContext),
-          transportFactory: MemoryTransportFactory,
-        }),
-      });
-      await metadataStore.setIdentityRecord({ haloSpace: { key: spaceKey }, identityKey, deviceKey });
-      const space = new Space({
-        id: await createIdFromSpaceKey(spaceKey),
-        spaceKey,
-        protocol,
-        genesisFeed: controlFeed,
-        feedProvider: (feedKey) => feedStore.openFeed(feedKey),
-        memberKey: identityKey,
-        metadataStore,
-        onDelegatedInvitationStatusChange: async () => {},
-        onMemberRolesChanged: async () => {},
-      });
-      await space.setControlFeed(controlFeed);
-      await space.setDataFeed(dataFeed);
-      const identity = (identity1 = new Identity({
-        signer: keyring,
-        identityKey,
-        deviceKey,
-        space,
-      }));
-      await identity.open(new Context());
-      afterTest(() => identity.close(new Context()));
-      //
-      // Identity genesis
-      //
-      {
-        const generator = new CredentialGenerator(keyring, identityKey, deviceKey);
-        const credentials = [
-          ...(await generator.createSpaceGenesis(spaceKey, controlFeed.key)),
-          await generator.createDeviceAuthorization(deviceKey),
-          await generator.createFeedAdmission(spaceKey, dataFeed.key, AdmittedFeed.Designation.DATA),
-        ];
-        for (const credential of credentials) {
-          await identity.controlPipeline.writer.write({
-            credential: { credential },
-          });
-        }
-      }
-      // Wait for identity to be ready.
-      await identity.ready();
-    }
-    //
-    // Second device
-    //
-    {
-      const { storage, metadataStore, blobStore } = createStores();
-      const keyring = new Keyring();
-      const deviceKey = await keyring.createKey();
-      const feedStore = new FeedStore<FeedMessage>({
-        factory: new FeedFactory<FeedMessage>({
-          root: storage.createDirectory(),
-          signer: keyring,
-          hypercore: {
-            valueEncoding,
-          },
-        }),
-      });
-      const createFeed = async () => {
-        const feedKey = await keyring.createKey();
-        return feedStore.openFeed(feedKey, { writable: true });
-      };
-      const controlFeed = await createFeed();
-      const dataFeed = await createFeed();
-      const protocol = new SpaceProtocol({
-        topic: spaceKey,
-        swarmIdentity: {
-          peerKey: deviceKey,
-          identityKey,
-          credentialProvider: MOCK_AUTH_PROVIDER, // createHaloAuthProvider(createCredentialSignerWithKey(keyring, device_key)),
-          credentialAuthenticator: MOCK_AUTH_VERIFIER, // createHaloAuthVerifier(() => identity.authorizedDeviceKeys),
-        },
-        blobStore,
-        networkManager: new SwarmNetworkManager({
-          signalManager: new MemorySignalManager(signalContext),
-          transportFactory: MemoryTransportFactory,
-        }),
-      });
+    await identity.joinNetwork();
+    onTestFinished(() => identity.close(new Context()));
+    return { identity, identityKey, keyring, deviceKey, controlFeed, spaceKey, dataFeed };
+  };
-      await metadataStore.setIdentityRecord({
-        haloSpace: { key: spaceKey },
-        identityKey: identity1.identityKey,
-        deviceKey,
-      });
-      const space = new Space({
-        id: await createIdFromSpaceKey(spaceKey),
-        spaceKey,
-        protocol,
-        genesisFeed: await feedStore.openFeed(genesisFeedKey),
-        feedProvider: (feedKey) => feedStore.openFeed(feedKey),
-        memberKey: identityKey,
-        metadataStore,
-        onDelegatedInvitationStatusChange: async () => {},
-        onMemberRolesChanged: async () => {},
+  const writeGenesisCredential = async (setup: TestIdentitySetup) => {
+    const generator = new CredentialGenerator(setup.keyring, setup.identityKey, setup.deviceKey);
+    const credentials = [
+      ...(await generator.createSpaceGenesis(setup.spaceKey, setup.controlFeed.key)),
+      await generator.createDeviceAuthorization(setup.deviceKey),
+      await generator.createFeedAdmission(setup.spaceKey, setup.dataFeed.key, AdmittedFeed.Designation.DATA),
+    ];
+    for (const credential of credentials) {
+      await setup.identity.controlPipeline.writer.write({
+        credential: { credential },
       });
-      await space.setControlFeed(controlFeed);
-      await space.setDataFeed(dataFeed);
-      const identity = (identity2 = new Identity({
-        signer: keyring,
-        identityKey: identity1.identityKey,
-        deviceKey,
-        space,
-      }));
-      await identity.open(new Context());
-      afterTest(() => identity.close(new Context()));
     }
-    //
-    // Second device admission
-    //
-    {
-      const signer = identity1.getIdentityCredentialSigner();
-      void identity1.controlPipeline.writer.write({
-        credential: {
-          credential: await signer.createCredential({
-            subject: identity2.deviceKey,
-            assertion: {
-              '@type': 'dxos.halo.credentials.AuthorizedDevice',
-              identityKey: identity1.identityKey,
-              deviceKey: identity2.deviceKey,
-            },
-          }),
-        },
-      });
-      await identity2.ready();
-    }
-    expect(Array.from(identity1.authorizedDeviceKeys.keys())).toEqual([identity1.deviceKey, identity2.deviceKey]);
-    expect(Array.from(identity2.authorizedDeviceKeys.keys())).toEqual([identity1.deviceKey, identity2.deviceKey]);
-  });
+  };
 });
+type TestIdentitySetup = {
+  identity: Identity;
+  keyring: Keyring;
+  identityKey: PublicKey;
+  deviceKey: PublicKey;
+  spaceKey: PublicKey;
+  controlFeed: FeedWrapper<FeedMessage>;
+  dataFeed: FeedWrapper<FeedMessage>;
+};

package/src/packlets/identity/identity.ts CHANGED Viewed

@@ -14,15 +14,18 @@ import {
 } from '@dxos/credentials';
 import { type Signer } from '@dxos/crypto';
 import { type Space } from '@dxos/echo-pipeline';
-import { writeMessages } from '@dxos/feed-store';
+import { type EdgeConnection } from '@dxos/edge-client';
+import { writeMessages, type FeedWrapper } from '@dxos/feed-store';
 import { invariant } from '@dxos/invariant';
 import { PublicKey, type SpaceId } from '@dxos/keys';
 import { log } from '@dxos/log';
+import { type Runtime } from '@dxos/protocols/proto/dxos/config';
 import { type FeedMessage } from '@dxos/protocols/proto/dxos/echo/feed';
 import {
   AdmittedFeed,
   type DeviceProfileDocument,
   type ProfileDocument,
+  type Credential,
 } from '@dxos/protocols/proto/dxos/halo/credentials';
 import { type DeviceAdmissionRequest } from '@dxos/protocols/proto/dxos/halo/invitations';
 import { type Presence } from '@dxos/teleport-extension-gossip';
@@ -32,6 +35,7 @@ import { type ComplexMap, ComplexSet } from '@dxos/util';
 import { TrustedKeySetAuthVerifier } from './authenticator';
 import { DefaultSpaceStateMachine } from './default-space-state-machine';
+import { EdgeFeedReplicator } from '../spaces';
 export type IdentityParams = {
   identityKey: PublicKey;
@@ -39,6 +43,9 @@ export type IdentityParams = {
   signer: Signer;
   space: Space;
   presence?: Presence;
+  edgeConnection?: EdgeConnection;
+  edgeFeatures?: Runtime.Client.EdgeFeatures;
 };
 /**
@@ -52,6 +59,8 @@ export class Identity {
   private readonly _deviceStateMachine: DeviceStateMachine;
   private readonly _profileStateMachine: ProfileStateMachine;
   private readonly _defaultSpaceStateMachine: DefaultSpaceStateMachine;
+  private readonly _edgeFeedReplicator?: EdgeFeedReplicator = undefined;
   public readonly authVerifier: TrustedKeySetAuthVerifier;
   public readonly identityKey: PublicKey;
@@ -59,15 +68,15 @@ export class Identity {
   public readonly stateUpdate = new Event();
-  constructor({ space, signer, identityKey, deviceKey, presence }: IdentityParams) {
-    this.space = space;
-    this._signer = signer;
-    this._presence = presence;
+  constructor(params: IdentityParams) {
+    this.space = params.space;
+    this._signer = params.signer;
+    this._presence = params.presence;
-    this.identityKey = identityKey;
-    this.deviceKey = deviceKey;
+    this.identityKey = params.identityKey;
+    this.deviceKey = params.deviceKey;
-    log.trace('dxos.halo.device', { deviceKey });
+    log.trace('dxos.halo.device', { deviceKey: params.deviceKey });
     this._deviceStateMachine = new DeviceStateMachine({
       identityKey: this.identityKey,
@@ -88,6 +97,10 @@ export class Identity {
       update: this.stateUpdate,
       authTimeout: AUTH_TIMEOUT,
     });
+    if (params.edgeConnection && params.edgeFeatures?.feedReplicator) {
+      this._edgeFeedReplicator = new EdgeFeedReplicator({ messenger: params.edgeConnection, spaceId: this.space.id });
+    }
   }
   // TODO(burdon): Expose state object?
@@ -105,9 +118,17 @@ export class Identity {
     await this.space.spaceState.addCredentialProcessor(this._deviceStateMachine);
     await this.space.spaceState.addCredentialProcessor(this._profileStateMachine);
     await this.space.spaceState.addCredentialProcessor(this._defaultSpaceStateMachine);
+    if (this._edgeFeedReplicator) {
+      this.space.protocol.feedAdded.append(this._onFeedAdded);
+    }
     await this.space.open(ctx);
   }
+  public async joinNetwork() {
+    await this.space.startProtocol();
+    await this._edgeFeedReplicator?.open();
+  }
   @trace.span()
   async close(ctx: Context) {
     await this._presence?.close();
@@ -115,6 +136,13 @@ export class Identity {
     await this.space.spaceState.removeCredentialProcessor(this._defaultSpaceStateMachine);
     await this.space.spaceState.removeCredentialProcessor(this._profileStateMachine);
     await this.space.spaceState.removeCredentialProcessor(this._deviceStateMachine);
+    if (this._edgeFeedReplicator) {
+      this.space.protocol.feedAdded.remove(this._onFeedAdded);
+    }
+    await this._edgeFeedReplicator?.close();
     await this.space.close();
   }
@@ -135,6 +163,10 @@ export class Identity {
     return this.space.controlPipeline;
   }
+  get haloSpaceId() {
+    return this.space.id;
+  }
   get haloSpaceKey() {
     return this.space.key;
   }
@@ -151,6 +183,10 @@ export class Identity {
     return this._presence;
   }
+  get signer() {
+    return this._signer;
+  }
   /**
    * Issues credentials as identity.
    * Requires identity to be ready.
@@ -180,7 +216,7 @@ export class Identity {
     await this.controlPipeline.state.waitUntilTimeframe(new Timeframe([[receipt.feedKey, receipt.seq]]));
   }
-  async admitDevice({ deviceKey, controlFeedKey, dataFeedKey }: DeviceAdmissionRequest) {
+  async admitDevice({ deviceKey, controlFeedKey, dataFeedKey }: DeviceAdmissionRequest): Promise<Credential> {
     log('Admitting device:', {
       identityKey: this.identityKey,
       hostDevice: this.deviceKey,
@@ -189,17 +225,18 @@ export class Identity {
       dataFeedKey,
     });
     const signer = this.getIdentityCredentialSigner();
+    const deviceCredential = await signer.createCredential({
+      subject: deviceKey,
+      assertion: {
+        '@type': 'dxos.halo.credentials.AuthorizedDevice',
+        identityKey: this.identityKey,
+        deviceKey,
+      },
+    });
     await writeMessages(
       this.controlPipeline.writer,
       [
-        await signer.createCredential({
-          subject: deviceKey,
-          assertion: {
-            '@type': 'dxos.halo.credentials.AuthorizedDevice',
-            identityKey: this.identityKey,
-            deviceKey,
-          },
-        }),
+        deviceCredential,
         await signer.createCredential({
           subject: controlFeedKey,
           assertion: {
@@ -222,5 +259,11 @@ export class Identity {
         }),
       ].map((credential): FeedMessage.Payload => ({ credential: { credential } })),
     );
+    return deviceCredential;
   }
+  private _onFeedAdded = async (feed: FeedWrapper<any>) => {
+    await this._edgeFeedReplicator!.addFeed(feed);
+  };
 }

package/src/packlets/invitations/device-invitation-protocol.test.ts CHANGED Viewed

@@ -2,19 +2,20 @@
 // Copyright 2022 DXOS.org
 //
-import { expect } from 'chai';
+import { describe, expect, test, onTestFinished } from 'vitest';
 import { asyncChain } from '@dxos/async';
 import { Context } from '@dxos/context';
 import { AlreadyJoinedError } from '@dxos/protocols';
 import { Invitation } from '@dxos/protocols/proto/dxos/client/services';
-import { describe, test, afterTest } from '@dxos/test';
 import { type ServiceContext } from '../services';
 import { createPeers, createServiceContext, performInvitation } from '../testing';
 const closeAfterTest = async (peer: ServiceContext) => {
-  afterTest(() => peer.close());
+  onTestFinished(async () => {
+    await peer.close();
+  });
   return peer;
 };
@@ -22,7 +23,9 @@ describe('services/device', () => {
   test('creates identity', async () => {
     const peer = await createServiceContext();
     await peer.open(new Context());
-    afterTest(() => peer.close());
+    onTestFinished(async () => {
+      await peer.close();
+    });
     const identity = await peer.createIdentity();
     expect(identity).not.to.be.undefined;

package/src/packlets/invitations/device-invitation-protocol.ts CHANGED Viewed

@@ -2,6 +2,7 @@
 // Copyright 2023 DXOS.org
 //
+import { getCredentialAssertion } from '@dxos/credentials';
 import { invariant } from '@dxos/invariant';
 import { type Keyring } from '@dxos/keyring';
 import { type PublicKey } from '@dxos/keys';
@@ -49,7 +50,8 @@ export class DeviceInvitationProtocol implements InvitationProtocol {
   async admit(_: Invitation, request: AdmissionRequest): Promise<AdmissionResponse> {
     invariant(request.device);
     const identity = this._getIdentity();
-    await identity.admitDevice(request.device);
+    const credential = await identity.admitDevice(request.device);
+    invariant(getCredentialAssertion(credential)['@type'] === 'dxos.halo.credentials.AuthorizedDevice');
     return {
       device: {
@@ -57,6 +59,7 @@ export class DeviceInvitationProtocol implements InvitationProtocol {
         haloSpaceKey: identity.haloSpaceKey,
         genesisFeedKey: identity.haloGenesisFeedKey,
         controlTimeframe: identity.controlPipeline.state.timeframe,
+        credential,
       },
     };
   }
@@ -109,6 +112,7 @@ export class DeviceInvitationProtocol implements InvitationProtocol {
       dataFeedKey,
       controlTimeframe,
       deviceProfile: profile,
+      authorizedDeviceCredential: response.device.credential,
     });
     return { identityKey };