@lifeready/core 1.0.0 → 1.0.1

package/src/lib/api/contact-card.service.spec.ts

@@ -0,0 +1,249 @@
+import { TestBed } from '@angular/core/testing';
+import { environment } from 'projects/lr-auth-app/src/environments/environment';
+import {
+  loginTestUser,
+  logoutUser,
+} from '../auth/life-ready-auth.service.spec';
+import {
+  lrConfigureTestingModule,
+  lrExpectAsyncThrow,
+  lrit,
+} from '../_common/tests';
+import {
+  ContactCardService,
+  CreateContactCardInput,
+} from './contact-card.service';
+
+const TIMEOUT = 1000 * 60 * 10;
+
+describe('ContactCardService', () => {
+  let ccService: ContactCardService;
+
+  beforeEach(async () => {
+    lrConfigureTestingModule();
+    ccService = TestBed.inject(ContactCardService);
+  }, TIMEOUT);
+
+  lrit(
+    'should create single contact card',
+    async () => {
+      if (!environment.test) {
+        return;
+      }
+
+      const {
+        username: username1,
+        password: password1,
+      } = environment.test.users[0];
+      let res;
+      let cc1;
+
+      // ------------------------------------------------------
+      // Test User 1
+      // ------------------------------------------------------
+      await loginTestUser(username1, password1);
+
+      // Clear contact cards
+      await Promise.all(
+        (await ccService.getContactCardList()).map(async (cc) => {
+          res = await ccService.deleteContactCard(cc.id);
+          expect(res).toBeTruthy();
+        })
+      );
+
+      const card1: CreateContactCardInput = {
+        plainCipherDataJson: { secret: 1 },
+        publicDataJson: '',
+        publicSearchableJson: '',
+        plainDataJson: { name: { name: 'name 1' } },
+      };
+
+      res = await ccService.createContactCard(card1);
+      cc1 = await ccService.getContactCard(res.id);
+      expect(cc1.id).toEqual(res.id);
+      expect(cc1.plainCipherDataJson).toEqual(card1.plainCipherDataJson);
+      expect(cc1.publicDataJson).toEqual(card1.publicDataJson);
+      expect(cc1.publicSearchableJson).toEqual(card1.publicSearchableJson);
+    },
+    TIMEOUT
+  );
+
+  lrit(
+    'should create contact cards',
+    async () => {
+      if (!environment.test) {
+        return;
+      }
+
+      const {
+        username: username1,
+        password: password1,
+      } = environment.test.users[0];
+      const {
+        username: username2,
+        password: password2,
+      } = environment.test.users[1];
+      const {
+        username: username3,
+        password: password3,
+      } = environment.test.users[2];
+
+      let res;
+      let cc1;
+      let cc2;
+      let cc3;
+
+      const publicSearchableFilter = {
+        filter: [{ contains: { b: { c: 2 } } }],
+      };
+
+      // ------------------------------------------------------
+      // Signed out
+      // ------------------------------------------------------
+      await logoutUser();
+
+      (await lrExpectAsyncThrow(ccService.getContactCardList())).toBeTruthy();
+      (
+        await lrExpectAsyncThrow(
+          ccService.searchContactCard(publicSearchableFilter)
+        )
+      ).toBeTruthy();
+
+      // ------------------------------------------------------
+      // Test User 1
+      // ------------------------------------------------------
+      await loginTestUser(username1, password1);
+
+      // Clear contact cards
+      await Promise.all(
+        (await ccService.getContactCardList()).map(async (cc) => {
+          res = await ccService.deleteContactCard(cc.id);
+          expect(res).toBeTruthy();
+        })
+      );
+
+      const card1: CreateContactCardInput = {
+        plainCipherDataJson: { secret: 1 },
+        publicDataJson: { public: 1 },
+        publicSearchableJson: { publicSearchable: 1 },
+        plainDataJson: { name: { name: 'name 1' } },
+      };
+
+      const card2: CreateContactCardInput = {
+        plainCipherDataJson: { secret: 2 },
+        publicDataJson: { public: 2 },
+        publicSearchableJson: { publicSearchable: 2 },
+        plainDataJson: { name: { name: 'name 2' } },
+      };
+
+      const card2Updated: CreateContactCardInput = {
+        plainCipherDataJson: { secret: 22 },
+        publicDataJson: { public: 22 },
+        publicSearchableJson: { publicSearchable: 22 },
+        plainDataJson: { name: { name: 'name 22' } },
+      };
+
+      const card3: CreateContactCardInput = {
+        plainCipherDataJson: { secret: 3 },
+        publicDataJson: { public: 3 },
+        publicSearchableJson: { publicSearchable: 3 },
+        plainDataJson: { name: { name: 'name 3' } },
+      };
+
+      // Create contact card 1
+      res = await ccService.createContactCard(card1);
+      cc1 = await ccService.getContactCard(res.id);
+      expect(cc1.id).toEqual(res.id);
+      expect(cc1.plainCipherDataJson).toEqual(card1.plainCipherDataJson);
+      expect(cc1.publicDataJson).toEqual(card1.publicDataJson);
+      expect(cc1.publicSearchableJson).toEqual(card1.publicSearchableJson);
+
+      // Create contact card 2
+      res = await ccService.createContactCard(card2);
+      cc2 = await ccService.getContactCard(res.id);
+
+      // List
+      res = await ccService.getContactCardList();
+      expect(res.length).toBe(2);
+
+      // Update
+      res = await ccService.updateContactCard({
+        id: cc2.id,
+        ...card2Updated,
+      });
+
+      const cc2Updated = await ccService.getContactCard(cc2.id);
+      expect(cc2Updated.id).toEqual(cc2.id);
+      expect(cc2Updated.plainCipherDataJson).toEqual(
+        card2Updated.plainCipherDataJson
+      );
+      expect(cc2Updated.publicDataJson).toEqual(card2Updated.publicDataJson);
+      expect(cc2Updated.publicSearchableJson).toEqual(
+        card2Updated.publicSearchableJson
+      );
+      // Expecting keys to remain unchanged.
+      expect(cc2Updated.key.id).toEqual(cc2.key.id);
+
+      // Create contact card 3
+      cc3 = await ccService.createContactCard(card3);
+      res = await ccService.getContactCardList();
+      expect(res.length).toEqual(3);
+      res = await ccService.deleteContactCard(cc3.id);
+      res = await ccService.getContactCardList();
+      expect(res.length).toEqual(2);
+
+      // ------------------------------------------------------
+      // Signed out
+      // ------------------------------------------------------
+      await logoutUser();
+      (await lrExpectAsyncThrow(ccService.getContactCard(cc1.id))).toBeTruthy(
+        'Query should only available to logged in users'
+      );
+
+      // ------------------------------------------------------
+      // Test User 2
+      // ------------------------------------------------------
+      await loginTestUser(username2, password2);
+
+      (
+        await lrExpectAsyncThrow(ccService.deleteContactCard(cc1.id))
+      ).toBeTruthy('Should not be able to delete another user\'s contact card.');
+      (
+        await lrExpectAsyncThrow(
+          ccService.updateContactCard({
+            id: cc2.id,
+            ...card2,
+          })
+        )
+      ).toBeTruthy('Should not be able to update another user\'s contact card.');
+
+      // Should be able to search by public searchable
+      res = await ccService.searchContactCard({
+        filter: [
+          {
+            contains: {
+              ...card1.publicSearchableJson,
+            },
+          },
+        ],
+      });
+
+      expect(res.length).toBe(1);
+      expect(res[0].id).toBe(cc1.id);
+
+      // Should not be able to search by public data
+      res = await ccService.searchContactCard({
+        filter: [
+          {
+            contains: {
+              ...card1.publicDataJson,
+            },
+          },
+        ],
+      });
+
+      expect(res.length).toBe(0);
+    },
+    TIMEOUT
+  );
+});

package/src/lib/api/contact-card.service.ts

@@ -0,0 +1,228 @@
+import { Injectable } from '@angular/core';
+import { HasKeyGraph, Key } from '../cryptography/cryptography.types';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { HasEdges } from '../_common/types';
+import { LrApolloService } from './lr-apollo.service';
+import {
+  SearchContactCardQuery,
+  ContactCardListQuery,
+  ContactCardQuery,
+  CreateContactCardMutation,
+  UpdateContactCardMutation,
+  DeleteContactCardMutation,
+} from './contact-card.gql';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { MainContactCardPlainFields } from '../users/profile.types';
+import { KeyMetaService } from '../cryptography/key-meta.service';
+
+interface ContactCardQuery extends HasKeyGraph {
+  contactCard: ContactCard;
+}
+
+interface SearchContactCardQuery extends HasKeyGraph {
+  searchContactCards: HasEdges<ContactCard>;
+}
+
+interface ContactCardListQuery extends HasKeyGraph {
+  contactCards: HasEdges<ContactCard>;
+}
+
+export class ContactCard {
+  id: string;
+  key: Key;
+  sigPxk: Key;
+  publicData: string;
+  publicDataSig: string;
+  publicSearchable: string;
+  publicSearchableSig: string;
+  plainData: string;
+  plainDataSig: string;
+  cipherData: string;
+  // Parse/decrypted versions of the above.
+  publicDataJson: any;
+  publicSearchableJson: any;
+  plainCipherDataJson: any;
+  plainDataJson: any;
+}
+
+export interface CreateContactCardInput {
+  publicDataJson: any;
+  publicSearchableJson: any;
+  plainCipherDataJson: any;
+  plainDataJson: MainContactCardPlainFields;
+}
+
+export interface UpdateContactCardInput extends CreateContactCardInput {
+  id: string;
+}
+
+@Injectable({
+  providedIn: 'root',
+})
+export class ContactCardService {
+  constructor(
+    private keyFactory: KeyFactoryService,
+    private keyService: KeyService,
+    private lrApollo: LrApolloService,
+    private keyGraph: KeyGraphService,
+    private encryptionService: EncryptionService,
+    private keyMetaService: KeyMetaService
+  ) {}
+
+  async decryptContactCard(cc: ContactCard): Promise<ContactCard> {
+    const ret = {
+      ...cc,
+      publicDataJson: JSON.parse(cc.publicData),
+      publicSearchableJson: JSON.parse(cc.publicSearchable),
+    };
+
+    if (cc.key) {
+      const key = await this.keyGraph.getJwkKey(cc.key.id);
+      // TODO: verify signature
+      ret.plainCipherDataJson = await this.encryptionService.decrypt(
+        key,
+        cc.cipherData
+      );
+    }
+
+    return ret;
+  }
+
+  async decryptContactCardEdges(
+    hasEdges: HasEdges<ContactCard>
+  ): Promise<ContactCard[]> {
+    return Promise.all(
+      hasEdges.edges.map(async (edge: any) => {
+        const cc = edge.node as ContactCard;
+        return await this.decryptContactCard(cc);
+      })
+    );
+  }
+
+  // { "filter": [{ "contains": { "a": true } }] }
+  async searchContactCard(publicSearchable: object): Promise<ContactCard[]> {
+    const data = await this.lrApollo.query<SearchContactCardQuery>({
+      query: SearchContactCardQuery,
+      variables: {
+        publicSearchable: JSON.stringify(publicSearchable),
+      },
+    });
+
+    return await this.decryptContactCardEdges(data.searchContactCards);
+  }
+
+  async getContactCardList(): Promise<ContactCard[]> {
+    const data = await this.lrApollo.query<ContactCardListQuery>({
+      query: ContactCardListQuery,
+    });
+
+    return await this.decryptContactCardEdges(data.contactCards);
+  }
+
+  async getContactCard(id: string): Promise<ContactCard> {
+    const data = await this.lrApollo.query<ContactCardQuery>({
+      query: ContactCardQuery,
+      variables: {
+        id,
+      },
+    });
+
+    return await this.decryptContactCard(data.contactCard);
+  }
+
+  private async prepareContactCardInput(
+    input: CreateContactCardInput
+  ): Promise<any> {
+    const sigPxk = await this.keyService.getCurrentSigPxk();
+    const publicDataSig = JSON.stringify(
+      await this.encryptionService.sign(sigPxk.jwk, input.publicDataJson)
+    );
+    const publicSearchableSig = JSON.stringify(
+      await this.encryptionService.sign(sigPxk.jwk, input.publicSearchableJson)
+    );
+    const plainDataSig = JSON.stringify(
+      await this.encryptionService.sign(sigPxk.jwk, input.plainDataJson)
+    );
+
+    return {
+      sigPxkId: sigPxk.id,
+      publicDataSig,
+      publicSearchableSig,
+      plainDataSig,
+    };
+  }
+
+  async createContactCard(input: CreateContactCardInput): Promise<ContactCard> {
+    // Get encryption key
+    const rootKey = await this.keyService.getCurrentRootKey();
+    const key = await this.keyFactory.createKey();
+    const wrappedKey = await this.keyGraph.encryptToString(
+      rootKey.jwk,
+      key.toJSON(true)
+    );
+    const cipherData = await this.keyGraph.encryptToString(
+      key,
+      input.plainCipherDataJson
+    );
+
+    const params = await this.prepareContactCardInput(input);
+
+    const data = await this.lrApollo.mutate<{
+      createContactCard: { contactCard: ContactCard };
+    }>({
+      mutation: CreateContactCardMutation,
+      variables: {
+        input: {
+          ...params,
+          wrappingKeyId: rootKey.id,
+          wrappedKey,
+          cipherData,
+        },
+      },
+    });
+
+    return data.createContactCard.contactCard;
+  }
+
+  async updateContactCard(input: UpdateContactCardInput): Promise<ContactCard> {
+    // Get encryption key
+    const cc = await this.getContactCard(input.id);
+    const key = await this.keyGraph.getJwkKey(cc.key.id);
+    const cipherData = await this.keyGraph.encryptToString(
+      key,
+      input.plainCipherDataJson
+    );
+
+    const params = await this.prepareContactCardInput(input);
+
+    const data = await this.lrApollo.mutate<{
+      updateContactCard: { contactCard: ContactCard };
+    }>({
+      mutation: UpdateContactCardMutation,
+      variables: {
+        input: {
+          ...params,
+          id: input.id,
+          cipherData,
+        },
+      },
+    });
+
+    return data.updateContactCard.contactCard;
+  }
+
+  async deleteContactCard(id: string): Promise<string> {
+    const data = await this.lrApollo.mutate<any>({
+      mutation: DeleteContactCardMutation,
+      variables: {
+        input: {
+          id,
+        },
+      },
+    });
+
+    return data.deleteContactCard.id;
+  }
+}

package/src/lib/api/contact-card2.gql.ts

@@ -0,0 +1,93 @@
+import { Connection, ContactCardNode, ID } from './types';
+import { gqlTyped } from '../_common/ast';
+
+export const ContactCardFragment = gqlTyped<ContactCardNode>`
+  fragment ContactCardFragment on ContactCardNode {
+    id
+    publicData
+    publicSearchable
+    cipherData
+    key {
+        id
+    }
+  }
+`;
+
+export interface CreateContactCardMutation {
+  createContactCard: {
+    contactCard: {
+      id: ID;
+    };
+  };
+}
+export const CreateContactCardMutation = gqlTyped<CreateContactCardMutation>`
+  mutation CreateContactCardMutation(
+    $input: CreateContactCardInput!
+  ) {
+    createContactCard(input: $input) {
+      contactCard {
+        id
+      }
+    }
+  }
+`;
+
+export interface UpdateContactCardMutation {
+  updateContactCard: {
+    contactCard: {
+      id: ID;
+    };
+  };
+}
+export const UpdateContactCardMutation = gqlTyped<UpdateContactCardMutation>`
+  mutation UpdateContactCardMutation($input: UpdateContactCardInput!) {
+    updateContactCard(input: $input) {
+      contactCard {
+        id
+      }
+    }
+  }
+`;
+
+export interface DeleteContactCardMutation {
+  deleteContactCard: {
+    deleteContactCard: {
+      id: ID;
+    };
+  };
+}
+export const DeleteContactCardMutation = gqlTyped<DeleteContactCardMutation>`
+  mutation DeleteContactCardMutation($input: DeleteContactCardInput!) {
+    deleteContactCard(input: $input) {
+      id
+    }
+  }
+`;
+
+export interface ContactCardsQuery {
+  contactCards: Connection<ContactCardNode>;
+}
+export const ContactCardsQuery = gqlTyped<ContactCardsQuery>`
+  query ContactCardsQuery {
+    contactCards(orderBy: "created") {
+      edges {
+        node {
+          ...ContactCardFragment
+        }
+      }
+    }
+  }
+  ${ContactCardFragment}
+`;
+
+export interface ContactCardQuery {
+  contactCard: ContactCardNode;
+}
+export const ContactCardQuery = gqlTyped<ContactCardQuery>`
+  query ContactCardQuery($id: LrRelayIdInput!) {
+    contactCard(id: $id) {
+      ...ContactCardFragment
+    }
+  }
+  ${ContactCardFragment}
+`;