@lifeready/core 1.0.1 → 1.0.2

package/src/lib/api/query-processor/common-processors.service.ts

@@ -1,148 +0,0 @@
-import { Injectable, NgZone } from '@angular/core';
-import { EncryptionService } from '../../cryptography/encryption.service';
-import { KeyGraphService } from '../../cryptography/key-graph.service';
-import { LrBadLogicException } from '../../_common/exceptions';
-import { RunOutsideAngular } from '../../_common/run-outside-angular';
-import { Connection } from '../types';
-
-export interface ProcessorOptions {
-  hasKeys: boolean;
-}
-
-export const DefaultProcessorOptions: ProcessorOptions = {
-  hasKeys: true,
-};
-
-// Sent to each processor for context information
-export interface ProcessorContext {
-  path: ReadonlyArray<string>;
-  // processor can set this to false if child fields should
-  // not be processed any further
-  processChildren: boolean;
-}
-
-export interface ProcessorCallbackParams<T = any> {
-  field: T;
-  context: ProcessorContext;
-  options: ProcessorOptions;
-}
-
-export type ProcessorCallback<T = any> = (
-  params: ProcessorCallbackParams<T>
-) => T | Promise<T>;
-
-interface ParseJsonProcessorOptions {
-  plainFieldName?: string;
-  jsonFieldSuffix?: string;
-}
-
-interface DecryptionProcessorOptions {
-  cipherFieldName?: string;
-  clearFieldSuffix?: string;
-  getKeyId?: (params: ProcessorCallbackParams) => Promise<string> | string;
-}
-
-export async function processConnection<Node>(
-  field: Connection<Node>,
-  processNode: (node: Node) => Node | Promise<Node>
-): Promise<Connection<Node>> {
-  return {
-    ...field,
-    edges: await Promise.all(
-      field.edges.map(async (edge) => ({
-        ...edge,
-        node: await processNode(edge.node),
-      }))
-    ),
-  };
-}
-
-@RunOutsideAngular({
-  ngZoneName: 'ngZone',
-})
-@Injectable({
-  providedIn: 'root',
-})
-export class CommonProcessorsService {
-  constructor(private ngZone: NgZone, private keyGraph: KeyGraphService) {}
-
-  series(processors: ProcessorCallback[]): ProcessorCallback {
-    return async ({ field, context, options }) => {
-      for (const processor of processors) {
-        field = await processor({ field, context, options });
-      }
-      return field;
-    };
-  }
-
-  makeJsonParseProcessor({
-    plainFieldName,
-    jsonFieldSuffix = 'Json',
-  }: ParseJsonProcessorOptions = {}): ProcessorCallback {
-    const jsonFieldName = plainFieldName + jsonFieldSuffix;
-
-    return ({ field }) => {
-      if (field[plainFieldName] == null || jsonFieldName in field) {
-        // if plainFieldName is undefined or null, then don't parse it.
-        // if you parse it, then JSON.parse(null) and JSON.parse("null") both return null, so
-        // you can't distinguish between the two.
-        // If clearFieldName already exists in node as a property, then we don't
-        // need to process it again, even if it's value can be undefined or null even.
-        return field;
-      }
-
-      try {
-        return {
-          ...field,
-          [jsonFieldName]: JSON.parse(field[plainFieldName]),
-        };
-      } catch (error) {
-        return field;
-      }
-    };
-  }
-
-  makeDecryptionProcessor({
-    cipherFieldName,
-    clearFieldSuffix = 'ClearJson',
-    getKeyId = null,
-  }: DecryptionProcessorOptions = {}): ProcessorCallback {
-    const clearFieldName = cipherFieldName + clearFieldSuffix;
-
-    return async (params) => {
-      const { field, context, options } = params;
-
-      // Can't decrypt anything if key graph is not returned
-      if (!options.hasKeys) {
-        return field;
-      }
-
-      const cipherField = field[cipherFieldName];
-
-      // cipherField can be empty string, null or undefined.
-      if (!cipherField || clearFieldName in field) {
-        return field;
-      }
-
-      const keyId = getKeyId
-        ? await getKeyId(params)
-        : field.keyId || field.key?.id;
-
-      if (!keyId) {
-        const keyIdName = getKeyId ? 'key-id' : 'keyId or key.id';
-        throw new LrBadLogicException(
-          `Query response does not contain ${keyIdName} field: ${context.path.join(
-            '.'
-          )}`
-        );
-      }
-
-      return this.keyGraph
-        .decryptFromString(keyId, cipherField)
-        .then((clear) => ({
-          ...field,
-          [clearFieldName]: clear,
-        }));
-    };
-  }
-}

package/src/lib/api/query-processor/query-processor.service.ts

@@ -1,240 +0,0 @@
-import { Injectable, NgZone } from '@angular/core';
-import { LrBadLogicException } from '../../_common/exceptions';
-import { mapValuesMayAsync, promiseAllMayAsync } from '../../_common/utils';
-import { KeyService } from '../../cryptography/key.service';
-import {
-  CommonProcessorsService,
-  // FieldContext,
-  ProcessorCallback,
-  ProcessorCallbackParams,
-  ProcessorContext,
-  ProcessorOptions,
-  DefaultProcessorOptions,
-} from './common-processors.service';
-import { TpPasswordResetService } from '../../trusted-parties/tp-password-reset.service';
-import { RunOutsideAngular } from '../../_common/run-outside-angular';
-import { TpPasswordResetProcessorService } from './tp-password-reset-processor.service';
-
-function extendPath(context: ProcessorContext, key: string): ProcessorContext {
-  return {
-    ...context,
-    path: [...context.path, key],
-  };
-}
-
-@RunOutsideAngular({
-  ngZoneName: 'ngZone',
-})
-@Injectable({
-  providedIn: 'root',
-})
-export class QueryProcessorService {
-  readonly TYPENAME = '__typename';
-  private processors: { [key: string]: ProcessorCallback } = {};
-
-  constructor(
-    private ngZone: NgZone,
-    private keyService: KeyService,
-    private common: CommonProcessorsService,
-    private tpprProcessor: TpPasswordResetProcessorService
-  ) {
-    this.registerProcessor(
-      'DirectoryNode',
-      common.series([
-        common.makeJsonParseProcessor({
-          plainFieldName: 'plainMeta',
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'cipherMeta',
-        }),
-      ])
-    );
-    this.registerProcessor(
-      'FileStateNode',
-      common.series([
-        common.makeJsonParseProcessor({
-          plainFieldName: 'plainMeta',
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'cipherMeta',
-        }),
-      ])
-    );
-    this.registerProcessor(
-      'ContactCardNode',
-      common.makeDecryptionProcessor({
-        cipherFieldName: 'cipherData',
-      })
-    );
-    this.registerProcessor(
-      'SharedContactCardNode',
-      common.series([
-        common.makeJsonParseProcessor({
-          plainFieldName: 'ownerPlainData',
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'ownerCipherData',
-          getKeyId: ({ field }) => {
-            return field.ownerKey.id;
-          },
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'receiverCipherData',
-          getKeyId: ({ field }) => {
-            return field.receiverKey.id;
-          },
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'sharedCipherData',
-          getKeyId: ({ field }) => field.sharedKey.id,
-        }),
-      ])
-    );
-    this.registerProcessor(
-      'TpPasswordResetNode',
-      this.tpprProcessor.makeTpPasswordResetNodeProcessor()
-    );
-    this.registerProcessor(
-      'SharedTpClaimApproverNode',
-      common.series([
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'sharedCipherApprovalData',
-          getKeyId: ({ field }) => field.sharedKey.id,
-        }),
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'sharedCipherPartialAssemblyKey',
-          getKeyId: ({ field }) => field.sharedKey.id,
-        }),
-      ])
-    );
-    this.registerProcessor(
-      'TpAssemblyAsApproverNode',
-      common.series([
-        common.makeDecryptionProcessor({
-          cipherFieldName: 'sharedCipherData',
-          getKeyId: ({ field }) => field.sharedKey.id,
-        }),
-      ])
-    );
-  }
-
-  async processQuery(
-    fields: { [key: string]: any },
-    options: ProcessorOptions
-  ) {
-    options = {
-      ...DefaultProcessorOptions,
-      ...options,
-    };
-
-    // The top level query does not have __typename
-    const ret = mapValuesMayAsync(fields, (field, key) =>
-      this.processField({
-        field,
-        context: {
-          path: [key],
-          processChildren: true,
-        },
-        options,
-      })
-    );
-    return ret;
-  }
-
-  // Either returns a Promise, or a value.
-  // The Promise<any> type is redundant but it shows that it can return a promise
-  // We are not using async on the function because we don't want auto promotion into a Promise, which
-  // always defer execution into the event loops. It is costly and unnecessary for objects
-  // with only native data types.
-  private async processField({
-    field,
-    context,
-    options,
-  }: ProcessorCallbackParams) {
-    if (field?.then) {
-      throw new LrBadLogicException(
-        'processField() should not receive thenable.'
-      );
-    }
-
-    if (field == null) {
-      return null;
-    }
-
-    const newParams: ProcessorCallbackParams = {
-      field,
-      context: {
-        ...context,
-        // Processors modifies this field to communicate back to the caller.
-        processChildren: true,
-      },
-      options,
-    };
-
-    // TODO allow registering processors by field name so we can process primitive fields as well.
-    // We have common fields like "created", "modified" that be processed based on name.
-    if (field[this.TYPENAME]) {
-      // It's a custom object type
-      const processor = this.processors[field[this.TYPENAME]];
-      if (processor) {
-        // Returns either a value or a promise.
-        field = processor(newParams);
-      }
-
-      const processChildren = (childField) => {
-        if (
-          context.processChildren &&
-          childField !== null &&
-          typeof childField === 'object'
-        ) {
-          return mapValuesMayAsync(childField, (x, key) =>
-            this.processField({
-              field: x,
-              context: extendPath(context, key),
-              options,
-            })
-          );
-        } else {
-          return childField;
-        }
-      };
-
-      // Keep processing all child fields
-      if (field.then) {
-        // Wait for field to resolve
-        field = field.then((resolvedField) => {
-          return processChildren(resolvedField);
-        });
-      } else {
-        // Field is already resolved
-        field = processChildren(field);
-      }
-    } else {
-      // Keep processing all child fields
-      if (context.processChildren) {
-        if (Array.isArray(field)) {
-          field = promiseAllMayAsync(
-            (field as Array<any>).map((x, i) =>
-              this.processField({
-                field: x,
-                context: extendPath(context, i.toString()),
-                options,
-              })
-            )
-          );
-        }
-      }
-    }
-
-    return field;
-  }
-
-  private registerProcessor(name: string, processor: ProcessorCallback) {
-    if (this.processors[name]) {
-      throw new LrBadLogicException(
-        `Processor for field ${name} already exists.`
-      );
-    }
-    this.processors[name] = processor;
-  }
-}

package/src/lib/api/query-processor/tp-password-reset-processor.service.ts

@@ -1,177 +0,0 @@
-import { Injectable, NgZone } from '@angular/core';
-import { KeyGraphService } from '../../cryptography/key-graph.service';
-import { RunOutsideAngular } from '../../_common/run-outside-angular';
-import {
-  ID,
-  SharedTpAssemblyNode,
-  TpAssemblyApproverNode,
-  TpAssemblyNode,
-  TpSubAssemblyNode,
-} from '../types';
-import {
-  processConnection,
-  ProcessorCallbackParams,
-} from './common-processors.service';
-import {
-  TpPasswordResetUserNode,
-  TpPasswordResetUserApprovalNode,
-  TpPasswordResetNode,
-} from '../types';
-import { Key } from '../../cryptography/cryptography.types';
-import { LrBadRequestException } from '../../_common/exceptions';
-
-@RunOutsideAngular({
-  ngZoneName: 'ngZone',
-})
-@Injectable({
-  providedIn: 'root',
-})
-export class TpPasswordResetProcessorService {
-  constructor(private ngZone: NgZone, private keyGraph: KeyGraphService) {}
-
-  async processTpPasswordResetUserNode(
-    node: TpPasswordResetUserNode
-  ): Promise<TpPasswordResetUserNode> {
-    const pxk = node.pxk?.id && (await this.keyGraph.getKey(node.pxk.id));
-
-    const ret = {
-      ...node,
-    };
-
-    if (pxk && node.approvals) {
-      ret.approvals = await Promise.all(
-        node.approvals.map((approval) =>
-          this.processTpPasswordResetUserApprovalNode(approval, pxk)
-        )
-      );
-    }
-
-    return ret;
-  }
-
-  private async processTpPasswordResetUserApprovalNode(
-    approval: TpPasswordResetUserApprovalNode,
-    pxk: Key
-  ) {
-    const ret = {
-      ...approval,
-    };
-
-    if (approval.receiverCipher) {
-      ret.receiverCipherClearJson = this.keyGraph.decryptFromString(
-        pxk,
-        approval.receiverCipher
-      );
-    }
-
-    if (approval.receiverCipherPartialAssemblyKey) {
-      ret.receiverCipherPartialAssemblyKeyClearJson = this.keyGraph.decryptFromString(
-        pxk,
-        approval.receiverCipherPartialAssemblyKey
-      );
-    }
-    return ret;
-  }
-
-  makeTpPasswordResetNodeProcessor() {
-    return async ({
-      field,
-    }: ProcessorCallbackParams): Promise<TpPasswordResetNode> => {
-      const ret = {
-        ...field,
-      };
-
-      if (field.assembly) {
-        if (field.applied == null) {
-          throw new LrBadRequestException(
-            'If you request for field "assembly" in the TpPasswordResetNode, then you must also request the "applied" field'
-          );
-        }
-
-        ret.assembly = await this.processTpAssemblyNode(
-          field.assembly,
-          field.applied
-        );
-      }
-
-      return ret;
-    };
-  }
-
-  private async processTpAssemblyNode(
-    assembly: TpAssemblyNode,
-    applied: boolean
-  ): Promise<TpAssemblyNode> {
-    // Subject key is encrypted user the master key. So if reset has been applied, then
-    // these keys are not available any more.
-    const {
-      subjectKey,
-      assemblyKey,
-      assemblyCipherData,
-      subAssemblies,
-    } = assembly;
-
-    const ret: TpAssemblyNode = {
-      ...assembly,
-      subAssemblies: await processConnection(subAssemblies, (node) =>
-        this.processTpSubAssemblyNode(node, subjectKey.id, applied)
-      ),
-    };
-
-    if (!applied) {
-      if (assemblyCipherData) {
-        ret.assemblyCipherDataClearJson = await this.keyGraph.decryptFromString(
-          assemblyKey.id,
-          assemblyCipherData
-        );
-      }
-    }
-
-    return ret;
-  }
-
-  private async processTpSubAssemblyNode(
-    subAssembly: TpSubAssemblyNode,
-    subjectKeyId: ID,
-    applied: boolean
-  ): Promise<TpSubAssemblyNode> {
-    const { subjectCipherData, approvers } = subAssembly;
-
-    // const ret: TpSubAssemblyNode = {
-    //   ...subAssembly,
-    //   approvers: {
-    //     ...approvers,
-    //     edges: await Promise.all(
-    //       approvers.edges.map(async (edge) => ({
-    //         ...edge,
-    //         node: await this.processTpAssemblyApproverNode(edge.node, applied),
-    //       }))
-    //     ),
-    //   },
-    // };
-    const ret: TpSubAssemblyNode = {
-      ...subAssembly,
-      approvers: await processConnection(approvers, (node) =>
-        this.processTpAssemblyApproverNode(node, applied)
-      ),
-    };
-
-    if (!applied) {
-      if (subjectCipherData) {
-        ret.subjectCipherDataClearJson = await this.keyGraph.decryptFromString(
-          subjectKeyId,
-          subjectCipherData
-        );
-      }
-    }
-
-    return ret;
-  }
-
-  private async processTpAssemblyApproverNode(
-    approver: TpAssemblyApproverNode,
-    applied: boolean
-  ) {
-    return approver;
-  }
-}

package/src/lib/api/shared-contact-card.service.ts

@@ -1,156 +0,0 @@
-import { Injectable } from '@angular/core';
-import gql from 'graphql-tag';
-import { Key } from '../cryptography/cryptography.types';
-import { EncryptionService } from '../cryptography/encryption.service';
-import { KeyGraphService } from '../cryptography/key-graph.service';
-import { KeyService } from '../cryptography/key.service';
-import { SharedTrustedPartyDetails } from '../trusted-parties/trusted-party.types';
-import { ContactCardName, TrustedPartyDetails } from '../users/profile.types';
-import { User } from '../users/user.types';
-import { KeyGraphField } from '../_common/queries.gql';
-import { LrApolloService } from './lr-apollo.service';
-
-export const SharedContactCardFields = `
-  id
-  owner {
-    id
-    username
-  }
-  ownerKey {
-    id
-  }
-  ownerCipherData
-  receiver {
-    id
-    username
-  }
-  receiverKey {
-    id
-  }
-  receiverCipherData
-  sharedKey {
-    id
-  }
-  sharedCipherData
-  sharedCipherDataSig
-  sharedCipherDataSigPxk {
-    id
-  }
-`;
-
-const UpdateOwnedContactCard = gql`
-mutation UpdateOwnedContactCard(
-  $input: UpdateOwnedContactCardInput!
-) {
-  updateOwnedContactCard(
-    input: $input
-  ) {
-    ownedContactCard {
-      ${SharedContactCardFields}
-    }
-  }
-}`;
-
-interface UpdateOwnedContactCard {
-  updateOwnedContactCard: {
-    ownedContactCard: SharedContactCard;
-  };
-}
-
-export interface SharedContactCard {
-  id: string;
-  owner: User;
-  ownerKey: Key;
-  ownerCipherData: string;
-  receiver: User;
-  receiverKey: Key;
-  receiverCipherData: string;
-  sharedKey: Key;
-  sharedCipherData: string;
-  // Decrypted
-  plainOwnerCipherDataJson: any;
-  plainReceiverCipherDataJson: any;
-  plainSharedCipherDataJson: any;
-}
-
-@Injectable({
-  providedIn: 'root',
-})
-export class SharedContactCardService {
-  constructor(
-    private keyService: KeyService,
-    private lrApollo: LrApolloService,
-    private keyGraph: KeyGraphService,
-    private encryptionService: EncryptionService
-  ) {}
-
-  async decryptSharedTrustedPartyDetails(
-    cc: SharedContactCard
-  ): Promise<SharedTrustedPartyDetails> {
-    const details = await this.decryptTrustedPartyDetails(cc);
-
-    return {
-      id: cc.id,
-      ownedKeyId: cc.ownerKey.id,
-      sharedKeyId: cc.sharedKey.id,
-      ...details,
-    };
-  }
-
-  async decryptTrustedPartyDetails(
-    cc: SharedContactCard
-  ): Promise<TrustedPartyDetails> {
-    if (cc && cc.sharedKey && cc.sharedCipherData) {
-      try {
-        return await this.encryptionService.decrypt(
-          await this.keyGraph.getJwkKey(cc.sharedKey.id),
-          cc.sharedCipherData
-        );
-      } catch (e) {
-        console.error('Cannot decrypt trusted party details', e);
-      }
-    }
-    return null;
-  }
-
-  async updateMySharedContactCard(
-    id: string,
-    ownedKeyId: string,
-    sharedKeyId: string,
-    contactCard: TrustedPartyDetails
-  ): Promise<void> {
-    const ownerKey = await this.keyGraph.getKey(ownedKeyId);
-    const sharedKey = await this.keyGraph.getKey(sharedKeyId);
-    const sigPxk = await this.keyService.getCurrentSigPxk();
-
-    const sharedCipherData = await this.encryptionService.encrypt(
-      sharedKey.jwk,
-      contactCard
-    );
-    const sharedCipherDataSig = JSON.stringify(
-      await this.encryptionService.sign(sigPxk.jwk, sharedCipherData)
-    );
-
-    const ownerPlainData = {
-      name: new ContactCardName(contactCard.name),
-    };
-    const ownerPlainDataSig = JSON.stringify(
-      await this.encryptionService.sign(sigPxk.jwk, ownerPlainData)
-    );
-
-    await this.lrApollo.mutate<UpdateOwnedContactCard>({
-      mutation: UpdateOwnedContactCard,
-      variables: {
-        input: {
-          id,
-          ownerCipherData: '',
-          ownerKeyId: ownerKey.id,
-          sharedCipherDataSig,
-          sharedKeyId: sharedKey.id,
-          sigPxkId: sigPxk.id,
-          ownerPlainDataSig,
-        },
-      },
-    });
-  }
-}