javascript-solid-server 0.0.100 → 0.0.101

package/src/webledger.js

@@ -0,0 +1,162 @@
+/**
+ * Web Ledger — spec-compliant balance tracking
+ *
+ * Implements the Web Ledgers specification (https://webledgers.org/)
+ * for mapping URIs to numerical balances. Default unit: satoshi.
+ *
+ * JSON-LD context: https://w3id.org/webledgers
+ *
+ * @module webledger
+ */
+
+import * as storage from './storage/filesystem.js';
+
+const DEFAULT_PATH = '/.well-known/webledgers/webledgers.json';
+const CONTEXT = 'https://w3id.org/webledgers';
+
+/**
+ * Create an empty spec-compliant ledger
+ * @param {object} options
+ * @param {string} options.name - Ledger name
+ * @param {string} options.description - Ledger description
+ * @param {string} options.id - Ledger URI identifier
+ * @param {string} options.defaultCurrency - Default currency (default 'satoshi')
+ * @returns {object} Empty WebLedger object
+ */
+export function createLedger(options = {}) {
+  const now = Math.floor(Date.now() / 1000);
+  return {
+    '@context': CONTEXT,
+    type: 'WebLedger',
+    ...(options.id && { id: options.id }),
+    name: options.name ?? 'Pod Credits',
+    description: options.description ?? 'Paid API balance ledger',
+    defaultCurrency: options.defaultCurrency ?? 'satoshi',
+    created: now,
+    updated: now,
+    entries: []
+  };
+}
+
+/**
+ * Read a webledger from storage
+ * @param {string} ledgerPath - URL path to ledger file
+ * @returns {Promise<object>} WebLedger object
+ */
+export async function readLedger(ledgerPath = DEFAULT_PATH) {
+  const buf = await storage.read(ledgerPath);
+  if (!buf) {
+    return createLedger();
+  }
+  try {
+    const ledger = JSON.parse(buf.toString('utf8'));
+    // Migrate legacy format: add missing spec fields
+    if (!ledger['@context']) ledger['@context'] = CONTEXT;
+    if (!ledger.type) ledger.type = 'WebLedger';
+    if (!ledger.defaultCurrency) ledger.defaultCurrency = 'satoshi';
+    if (!ledger.created) ledger.created = Math.floor(Date.now() / 1000);
+    if (!ledger.entries) ledger.entries = [];
+    return ledger;
+  } catch {
+    return createLedger();
+  }
+}
+
+/**
+ * Write a webledger to storage (updates the `updated` timestamp)
+ * @param {object} ledger - WebLedger object
+ * @param {string} ledgerPath - URL path to ledger file
+ * @returns {Promise<boolean>}
+ */
+export async function writeLedger(ledger, ledgerPath = DEFAULT_PATH) {
+  ledger.updated = Math.floor(Date.now() / 1000);
+  return storage.write(ledgerPath, JSON.stringify(ledger, null, 2));
+}
+
+/**
+ * Get balance for a URI
+ * @param {object} ledger - WebLedger object
+ * @param {string} uri - Agent URI (e.g. did:nostr:...)
+ * @returns {number} Balance as integer
+ */
+export function getBalance(ledger, uri) {
+  const entry = ledger.entries.find(e => e.url === uri);
+  if (!entry) return 0;
+  // Handle both simple string and array amount formats
+  if (Array.isArray(entry.amount)) {
+    const sat = entry.amount.find(a => a.currency === 'satoshi' || a.currency === 'sat');
+    return sat ? parseInt(sat.value, 10) || 0 : 0;
+  }
+  return parseInt(entry.amount, 10) || 0;
+}
+
+/**
+ * Set balance for a URI
+ * @param {object} ledger - WebLedger object
+ * @param {string} uri - Agent URI
+ * @param {number} amount - New balance
+ */
+export function setBalance(ledger, uri, amount) {
+  const entry = ledger.entries.find(e => e.url === uri);
+  if (entry) {
+    entry.amount = String(amount);
+  } else {
+    ledger.entries.push({ type: 'Entry', url: uri, amount: String(amount) });
+  }
+}
+
+/**
+ * Credit (add to) a balance
+ * @param {object} ledger - WebLedger object
+ * @param {string} uri - Agent URI
+ * @param {number} amount - Amount to add
+ * @returns {number} New balance
+ */
+export function credit(ledger, uri, amount) {
+  const current = getBalance(ledger, uri);
+  const newBalance = current + amount;
+  setBalance(ledger, uri, newBalance);
+  return newBalance;
+}
+
+/**
+ * Debit (subtract from) a balance
+ * @param {object} ledger - WebLedger object
+ * @param {string} uri - Agent URI
+ * @param {number} amount - Amount to subtract
+ * @returns {{success: boolean, balance: number}} Result
+ */
+export function debit(ledger, uri, amount) {
+  const current = getBalance(ledger, uri);
+  if (current < amount) {
+    return { success: false, balance: current };
+  }
+  const newBalance = current - amount;
+  setBalance(ledger, uri, newBalance);
+  return { success: true, balance: newBalance };
+}
+
+/**
+ * List all entries with non-zero balances
+ * @param {object} ledger - WebLedger object
+ * @returns {Array<{url: string, amount: number}>}
+ */
+export function listBalances(ledger) {
+  return ledger.entries
+    .map(e => ({ url: e.url, amount: getBalance(ledger, e.url) }))
+    .filter(e => e.amount > 0);
+}
+
+/**
+ * Remove entries with zero balance
+ * @param {object} ledger - WebLedger object
+ */
+export function compact(ledger) {
+  ledger.entries = ledger.entries.filter(e => {
+    const bal = getBalance(ledger, e.url);
+    return bal > 0;
+  });
+}
+
+// Re-export the default path for consumers
+export { DEFAULT_PATH as LEDGER_PATH };

package/test/helpers.js

@@ -24,7 +24,7 @@ export async function startTestServer(options = {}) {
   // Clean up any existing test data
   await fs.emptyDir(TEST_DATA_DIR);
 
-  server = createServer({ logger: false, ...options });
+  server = createServer({ logger: false, forceCloseConnections: true, ...options });
   // Use port 0 to let OS assign available port
   await server.listen({ port: 0, host: '127.0.0.1' });
 
@@ -39,7 +39,6 @@ export async function startTestServer(options = {}) {
  */
 export async function stopTestServer() {
   if (server) {
-    // Force close all connections to avoid hanging
     await server.close();
     server = null;
   }

package/test/idp.test.js

@@ -8,28 +8,42 @@ import { createServer } from '../src/server.js';
 import fs from 'fs-extra';
 import path from 'path';
 
-const TEST_PORT = 3099;
 const TEST_HOST = 'localhost';
-const BASE_URL = `http://${TEST_HOST}:${TEST_PORT}`;
-const DATA_DIR = './test-data-idp';
+import { createServer as createNetServer } from 'net';
+
+/** Get an available port by briefly binding to port 0 */
+async function getAvailablePort() {
+  return new Promise((resolve, reject) => {
+    const srv = createNetServer();
+    srv.on('error', (err) => reject(err));
+    srv.listen(0, TEST_HOST, () => {
+      const port = srv.address().port;
+      srv.close(() => resolve(port));
+    });
+  });
+}
 
 describe('Identity Provider', () => {
   let server;
+  let baseUrl;
+  const DATA_DIR = './test-data-idp';
 
   before(async () => {
-    // Clean up any existing test data
     await fs.remove(DATA_DIR);
     await fs.ensureDir(DATA_DIR);
 
-    // Create server with IdP enabled
+    const port = await getAvailablePort();
+    baseUrl = `http://${TEST_HOST}:${port}`;
+
     server = createServer({
       logger: false,
       root: DATA_DIR,
       idp: true,
-      idpIssuer: BASE_URL,
+      idpIssuer: baseUrl,
+      forceCloseConnections: true,
     });
 
-    await server.listen({ port: TEST_PORT, host: TEST_HOST });
+    await server.listen({ port, host: TEST_HOST });
   });
 
   after(async () => {
@@ -39,19 +53,19 @@ describe('Identity Provider', () => {
 
   describe('OIDC Discovery', () => {
     it('should serve /.well-known/openid-configuration', async () => {
-      const res = await fetch(`${BASE_URL}/.well-known/openid-configuration`);
+      const res = await fetch(`${baseUrl}/.well-known/openid-configuration`);
       assert.strictEqual(res.status, 200);
 
       const config = await res.json();
       // Issuer has trailing slash for CTH compatibility
-      assert.strictEqual(config.issuer, BASE_URL + '/');
+      assert.strictEqual(config.issuer, baseUrl + '/');
       assert.ok(config.authorization_endpoint);
       assert.ok(config.token_endpoint);
       assert.ok(config.jwks_uri);
     });
 
     it('should include required Solid-OIDC endpoints', async () => {
-      const res = await fetch(`${BASE_URL}/.well-known/openid-configuration`);
+      const res = await fetch(`${baseUrl}/.well-known/openid-configuration`);
       const config = await res.json();
 
       assert.ok(config.registration_endpoint, 'should have registration endpoint');
@@ -60,7 +74,7 @@ describe('Identity Provider', () => {
     });
 
     it('should serve /.well-known/jwks.json', async () => {
-      const res = await fetch(`${BASE_URL}/.well-known/jwks.json`);
+      const res = await fetch(`${baseUrl}/.well-known/jwks.json`);
       assert.strictEqual(res.status, 200);
 
       const jwks = await res.json();
@@ -73,7 +87,7 @@ describe('Identity Provider', () => {
 
   describe('Pod Creation with IdP', () => {
     it('should require email when IdP is enabled', async () => {
-      const res = await fetch(`${BASE_URL}/.pods`, {
+      const res = await fetch(`${baseUrl}/.pods`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({ name: 'noemail' }),
@@ -85,7 +99,7 @@ describe('Identity Provider', () => {
     });
 
     it('should require password when IdP is enabled', async () => {
-      const res = await fetch(`${BASE_URL}/.pods`, {
+      const res = await fetch(`${baseUrl}/.pods`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({ name: 'nopass', email: 'test@example.com' }),
@@ -98,7 +112,7 @@ describe('Identity Provider', () => {
 
     it('should create pod with account', async () => {
       const uniqueId = Date.now();
-      const res = await fetch(`${BASE_URL}/.pods`, {
+      const res = await fetch(`${baseUrl}/.pods`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -125,7 +139,7 @@ describe('Identity Provider', () => {
       const duplicateEmail = `duplicate${uniqueId}@example.com`;
 
       // First user
-      await fetch(`${BASE_URL}/.pods`, {
+      await fetch(`${baseUrl}/.pods`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -136,7 +150,7 @@ describe('Identity Provider', () => {
       });
 
       // Second user with same email
-      const res = await fetch(`${BASE_URL}/.pods`, {
+      const res = await fetch(`${baseUrl}/.pods`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -154,15 +168,10 @@ describe('Identity Provider', () => {
 
   describe('Login Interaction', () => {
     it('should respond to authorization endpoint', async () => {
-      // Start an authorization flow
-      // Various responses are acceptable - 302/303 (redirect), 400 (bad request), 404 (no route)
-      // This just verifies the server handles the request
-      const res = await fetch(`${BASE_URL}/idp/auth?client_id=test&redirect_uri=http://localhost&response_type=code&scope=openid`, {
+      const res = await fetch(`${baseUrl}/idp/auth?client_id=test&redirect_uri=http://localhost&response_type=code&scope=openid`, {
         redirect: 'manual',
       });
 
-      // oidc-provider mounted via middie may return different status codes
-      // The important thing is it doesn't crash and returns a valid HTTP response
       assert.ok(res.status >= 200 && res.status < 600, `got valid HTTP status ${res.status}`);
     });
   });
@@ -170,20 +179,25 @@ describe('Identity Provider', () => {
 
 describe('Identity Provider - Accounts', () => {
   let server;
+  let accountsUrl;
   const ACCOUNTS_DATA_DIR = './test-data-idp-accounts';
 
   before(async () => {
     await fs.remove(ACCOUNTS_DATA_DIR);
     await fs.ensureDir(ACCOUNTS_DATA_DIR);
 
+    const port = await getAvailablePort();
+    accountsUrl = `http://${TEST_HOST}:${port}`;
+
     server = createServer({
       logger: false,
       root: ACCOUNTS_DATA_DIR,
       idp: true,
-      idpIssuer: `http://${TEST_HOST}:${TEST_PORT + 1}`,
+      idpIssuer: accountsUrl,
+      forceCloseConnections: true,
     });
 
-    await server.listen({ port: TEST_PORT + 1, host: TEST_HOST });
+    await server.listen({ port, host: TEST_HOST });
   });
 
   after(async () => {
@@ -195,7 +209,7 @@ describe('Identity Provider - Accounts', () => {
     const uniqueName = `stored${Date.now()}`;
     const uniqueEmail = `stored${Date.now()}@example.com`;
 
-    const res = await fetch(`http://${TEST_HOST}:${TEST_PORT + 1}/.pods`, {
+    const res = await fetch(`${accountsUrl}/.pods`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({
@@ -221,7 +235,7 @@ describe('Identity Provider - Accounts', () => {
     const uniqueName = `hashed${Date.now()}`;
     const uniqueEmail = `hashed${Date.now()}@example.com`;
 
-    const res = await fetch(`http://${TEST_HOST}:${TEST_PORT + 1}/.pods`, {
+    const res = await fetch(`${accountsUrl}/.pods`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({
@@ -248,24 +262,26 @@ describe('Identity Provider - Accounts', () => {
 
 describe('Identity Provider - Credentials Endpoint', () => {
   let server;
-  // Use same data dir as other tests (DATA_ROOT is cached at module load)
+  let credsUrl;
   const CREDS_DATA_DIR = './data';
-  const CREDS_PORT = 3101;
-  const CREDS_URL = `http://${TEST_HOST}:${CREDS_PORT}`;
 
   before(async () => {
     await fs.emptyDir(CREDS_DATA_DIR);
 
+    const port = await getAvailablePort();
+    credsUrl = `http://${TEST_HOST}:${port}`;
+
     server = createServer({
       logger: false,
       idp: true,
-      idpIssuer: CREDS_URL,
+      idpIssuer: credsUrl,
+      forceCloseConnections: true,
     });
 
-    await server.listen({ port: CREDS_PORT, host: TEST_HOST });
+    await server.listen({ port, host: TEST_HOST });
 
     // Create a test user
-    const res = await fetch(`${CREDS_URL}/.pods`, {
+    const res = await fetch(`${credsUrl}/.pods`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
       body: JSON.stringify({
@@ -286,7 +302,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
 
   describe('GET /idp/credentials', () => {
     it('should return endpoint info', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`);
+      const res = await fetch(`${credsUrl}/idp/credentials`);
       assert.strictEqual(res.status, 200);
 
       const info = await res.json();
@@ -299,7 +315,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
 
   describe('POST /idp/credentials', () => {
     it('should return 400 for missing credentials', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({}),
@@ -311,7 +327,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
     });
 
     it('should return 401 for wrong password', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -326,7 +342,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
     });
 
     it('should return 401 for unknown email', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -339,7 +355,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
     });
 
     it('should return access token for valid credentials', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -358,7 +374,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
     });
 
     it('should return JWT token with webid claim', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -382,7 +398,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
     });
 
     it('should work with form-encoded body', async () => {
-      const res = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const res = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
         body: 'email=credtest%40example.com&password=testpassword123',
@@ -395,7 +411,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
 
     it('should allow using token to access protected resource', async () => {
       // Get access token
-      const tokenRes = await fetch(`${CREDS_URL}/idp/credentials`, {
+      const tokenRes = await fetch(`${credsUrl}/idp/credentials`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({
@@ -407,7 +423,7 @@ describe('Identity Provider - Credentials Endpoint', () => {
       const { access_token } = await tokenRes.json();
 
       // Try to access private resource
-      const res = await fetch(`${CREDS_URL}/credtest/private/`, {
+      const res = await fetch(`${credsUrl}/credtest/private/`, {
         headers: { 'Authorization': `Bearer ${access_token}` },
       });
 

package/test/{live-reload.test.js → live-reload.standalone.js}

@@ -255,6 +255,7 @@ async function runTests() {
     console.log('Test 2 result: PASSED');
 
     console.log('\n=== All tests passed ===');
+    process.exit(0);
   } catch (err) {
     console.error('\n=== Test FAILED ===');
     console.error(err.message);