npm - @dxos/echo-db - Versions diffs - 2.33.1-dev.83d113fe → 2.33.1-dev.d6c55789 - Mend

@dxos/echo-db 2.33.1-dev.83d113fe → 2.33.1-dev.d6c55789

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/src/invitations/halo-recovery-initiator.ts CHANGED Viewed

@@ -7,7 +7,6 @@ import debug from 'debug';
 import { waitForEvent } from '@dxos/async';
 import {
-  Authenticator,
   ClaimResponse,
   Keyring,
   KeyType,
@@ -17,7 +16,8 @@ import {
   createGreetingClaimMessage,
   SecretProvider,
   SecretValidator,
-  SignedMessage
+  SignedMessage,
+  codec
 } from '@dxos/credentials';
 import { keyToBuffer, keyToString, PublicKey, randomBytes, verify } from '@dxos/crypto';
 import { raise } from '@dxos/debug';
@@ -144,7 +144,7 @@ export class HaloRecoveryInitiator {
   // The secretProvider should provide an `Auth` message signed directly by the Identity key.
   createSecretProvider (): SecretProvider {
-    return async (info: any) => Buffer.from(Authenticator.encodePayload(
+    return async (info: any) => Buffer.from(codec.encode(
       /* The signed portion of the Auth message includes the ID and authNonce provided
        * by "info". These values will be validated on the other end.
        */
@@ -182,7 +182,7 @@ export class HaloRecoveryInitiator {
       });
       const secretValidator: SecretValidator = async (invitation, secret) => {
-        const { payload: authMessage } = Authenticator.decodePayload(secret);
+        const { payload: authMessage } = codec.decode(secret);
         return keyring.verify(<unknown>authMessage as SignedMessage) &&
           authMessage.signed.payload.partyKey.equals(invitation.id) &&

package/src/invitations/offline-invitation-claimer.ts CHANGED Viewed

@@ -7,7 +7,6 @@ import debug from 'debug';
 import { waitForEvent } from '@dxos/async';
 import {
-  Authenticator,
   ClaimResponse,
   Keyring,
   KeyType,
@@ -18,7 +17,8 @@ import {
   SecretInfo,
   SecretProvider,
   SecretValidator,
-  SignedMessage
+  SignedMessage,
+  codec
 } from '@dxos/credentials';
 import { keyToBuffer, keyToString, PublicKey, randomBytes } from '@dxos/crypto';
 import { raise } from '@dxos/debug';
@@ -156,7 +156,7 @@ export class OfflineInvitationClaimer {
       });
       const secretValidator: SecretValidator = async (invitation, secret) => {
-        const { payload: authMessage } = Authenticator.decodePayload(secret);
+        const { payload: authMessage } = codec.decode(secret);
         return keyring.verify(<unknown>authMessage as SignedMessage) &&
           authMessage.signed.payload.partyKey.equals(invitation.id) &&
@@ -172,7 +172,7 @@ export class OfflineInvitationClaimer {
   // The secretProvider should provide an `Auth` message signed directly by the Identity key.
   static createSecretProvider (identity: Identity): SecretProvider {
     return async (info?: SecretInfo) => {
-      return Buffer.from(Authenticator.encodePayload(
+      return Buffer.from(codec.encode(
         /* The signed portion of the Auth message includes the ID and authNonce provided
          * by the `info` object. These values will be validated on the other end.
          */

package/src/parties/authenticator.ts ADDED Viewed

@@ -0,0 +1,31 @@
+//
+// Copyright 2022 DXOS.org
+//
+import debug from 'debug';
+import { Authenticator, createEnvelopeMessage, PartyAuthenticator } from '@dxos/credentials';
+import { IdentityProvider } from '../halo';
+import { PartyProcessor } from '../pipeline';
+const log = debug('dxos:echo-db:authenticator');
+export function createAuthenticator (partyProcessor: PartyProcessor, identityProvider: IdentityProvider): Authenticator {
+  return new PartyAuthenticator(partyProcessor.state, async auth => {
+    if (auth.feedAdmit && auth.feedKey && !partyProcessor.isFeedAdmitted(auth.feedKey)) {
+      const deviceKeyChain = identityProvider().deviceKeyChain ?? identityProvider().deviceKey;
+      if (!deviceKeyChain) {
+        log('Not device key chain available to admit new member feed');
+        return;
+      }
+      await partyProcessor.writeHaloMessage(createEnvelopeMessage(
+        identityProvider().keyring,
+        partyProcessor.partyKey,
+        auth.feedAdmit,
+        [deviceKeyChain]
+      ));
+    }
+  });
+}

package/src/parties/party-factory.ts CHANGED Viewed

@@ -205,12 +205,7 @@ export class PartyFactory {
     const initiator = new GreetingInitiator(
       this._networkManager,
       identity,
-      invitationDescriptor,
-      async partyKey => {
-        const feedProvider = this._createFeedProvider(partyKey);
-        const feed = await feedProvider.createOrOpenWritableFeed();
-        return feed.key;
-      }
+      invitationDescriptor
     );
     await initiator.connect();

package/src/parties/party-internal.ts CHANGED Viewed

@@ -5,7 +5,7 @@
 import assert from 'assert';
 import { synchronized, Event } from '@dxos/async';
-import { KeyHint, createAuthMessage, Authenticator } from '@dxos/credentials';
+import { KeyHint, createAuthMessage, createFeedAdmitMessage, codec } from '@dxos/credentials';
 import { PublicKey } from '@dxos/crypto';
 import { failUndefined, raise, timed } from '@dxos/debug';
 import { PartyKey, PartySnapshot, Timeframe, FeedKey } from '@dxos/echo-protocol';
@@ -19,6 +19,7 @@ import { ActivationOptions, PartyPreferences, IdentityProvider } from '../halo';
 import { InvitationManager } from '../invitations';
 import { CredentialsProvider, PartyFeedProvider, PartyProtocolFactory } from '../pipeline';
 import { SnapshotStore } from '../snapshots';
+import { createAuthenticator } from './authenticator';
 import { PartyCore, PartyOptions } from './party-core';
 import { CONTACT_DEBOUNCE_INTERVAL } from './party-manager';
@@ -178,7 +179,7 @@ export class PartyInternal {
       this._identityProvider,
       this._createCredentialsProvider(this._partyCore.key, writeFeed.key),
       this._invitationManager,
-      this._partyCore.processor.authenticator,
+      createAuthenticator(this._partyCore.processor, this._identityProvider),
       this._partyCore.processor.getActiveFeedSet()
     );
@@ -274,12 +275,20 @@ export class PartyInternal {
     return {
       get: () => {
         const identity = this._identityProvider();
-        return Buffer.from(Authenticator.encodePayload(createAuthMessage(
+        const signingKey = identity.deviceKeyChain ?? identity.deviceKey ?? raise(new IdentityNotInitializedError());
+        return Buffer.from(codec.encode(createAuthMessage(
           identity.signer,
           partyKey,
           identity.identityKey ?? raise(new IdentityNotInitializedError()),
-          identity.deviceKeyChain ?? identity.deviceKey ?? raise(new IdentityNotInitializedError()),
-          identity.keyring.getKey(feedKey)
+          signingKey,
+          identity.keyring.getKey(feedKey),
+          undefined,
+          createFeedAdmitMessage(
+            identity.signer,
+            partyKey,
+            feedKey,
+            [identity.keyring.getKey(feedKey) ?? failUndefined(), signingKey]
+          )
         )));
       }
     };

package/src/pipeline/party-processor.ts CHANGED Viewed

@@ -7,11 +7,9 @@ import debug from 'debug';
 import { Event } from '@dxos/async';
 import {
-  Authenticator,
   KeyHint,
   KeyRecord,
   PartyState,
-  PartyAuthenticator,
   Message as HaloMessage,
   IdentityEventType,
   PartyEventType
@@ -32,7 +30,6 @@ export interface FeedSetProvider {
  */
 export class PartyProcessor {
   private readonly _state: PartyState;
-  private readonly _authenticator: Authenticator;
   private _outboundHaloStream: FeedWriter<HaloMessage> | undefined;
@@ -49,21 +46,14 @@ export class PartyProcessor {
     private readonly _partyKey: PartyKey
   ) {
     this._state = new PartyState(this._partyKey);
-    this._authenticator = new PartyAuthenticator(this._state);
-    /* TODO(telackey): `@dxos/credentials` was only half converted to TS. In its current state, the KeyRecord type
-     * is not exported, and the PartyStateMachine being used is not properly understood as an EventEmitter by TS.
-     * Casting to 'any' is a workaround for the compiler, but the fix is fully to convert @dxos/credentials to TS.
-     */
-    const state = this._state as any;
     // TODO(marik-d): Use `Event.wrap` here.
-    state.on(PartyEventType.ADMIT_FEED, (keyRecord: any) => {
+    this._state.on(PartyEventType.ADMIT_FEED, (keyRecord: any) => {
       log(`Feed key admitted ${keyRecord.publicKey.toHex()}`);
       this._feedAdded.emit(keyRecord.publicKey);
     });
-    state.on(PartyEventType.ADMIT_KEY, (keyRecord: KeyRecord) => this.keyOrInfoAdded.emit(keyRecord.publicKey));
-    state.on(IdentityEventType.UPDATE_IDENTITY, (publicKey: PublicKey) => this.keyOrInfoAdded.emit(publicKey));
+    this._state.on(PartyEventType.ADMIT_KEY, (keyRecord: KeyRecord) => this.keyOrInfoAdded.emit(keyRecord.publicKey));
+    this._state.on(IdentityEventType.UPDATE_IDENTITY, (publicKey: PublicKey) => this.keyOrInfoAdded.emit(publicKey));
   }
   get partyKey () {
@@ -90,8 +80,8 @@ export class PartyProcessor {
     return this._state.credentialMessages.size === 0;
   }
-  get authenticator () {
-    return this._authenticator;
+  get state () {
+    return this._state;
   }
   isFeedAdmitted (feedKey: FeedKey) {