vestauth 0.4.0 → 0.4.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vestauth",
-  "version": "0.4.0",
+  "version": "0.4.3",
   "description": "auth for agents–from the creator of dotenvx",
   "keywords": [
     "vestauth"

package/src/cli/actions/agent/init.js

@@ -2,11 +2,11 @@ const { logger } = require('./../../../shared/logger')
 
 const agent = require('./../../../lib/agent')
 
-function init () {
+async function init () {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
 
-  const output = agent.init()
+  const output = await agent.init()
 
   let space = 0
   if (options.prettyPrint) {

package/src/lib/api/postAgentRegister.js

@@ -1,5 +1,6 @@
 const { http } = require('../helpers/http')
 const buildApiError = require('../helpers/buildApiError')
+const agentHeaders = require('../helpers/agentHeaders')
 
 class PostAgentRegister {
   constructor (hostname, publicJwk) {
@@ -11,11 +12,13 @@ class PostAgentRegister {
     const url = `${this.hostname}/api/agent/register`
     const publicJwk = this.publicJwk
 
+    const httpMethod = 'POST'
+    const headers = await agentHeaders(httpMethod, url)
+    headers['Content-Type'] = 'application/json'
+
     const resp = await http(url, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json'
-      },
+      method: httpMethod,
+      headers,
       body: JSON.stringify({
         public_jwk: publicJwk
       })

package/src/lib/helpers/agentHeaders.js

@@ -1,13 +1,8 @@
 const headers = require('./headers')
-const dotenvx = require('@dotenvx/dotenvx')
+const identity = require('./identity')
 
 async function agentHeaders (httpMethod, uri, tag = 'vestauth', nonce = null) {
-  let publicKey = null
-  let privateKey = null
-  try { publicKey = dotenvx.get('AGENT_PUBLIC_KEY', { strict: true }) } catch (_e) {}
-  try { privateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (_e) {}
-
-  if (!publicKey && !privateKey) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
+  const { privateKey } = identity()
 
   return await headers(httpMethod, uri, privateKey, tag, nonce)
 }

package/src/lib/helpers/agentInit.js

@@ -1,4 +1,5 @@
 const dotenvx = require('@dotenvx/dotenvx')
+const identity = require('./identity')
 const keypair = require('./keypair')
 const touch = require('./touch')
 const PostAgentRegister = require('../api/postAgentRegister')
@@ -7,9 +8,7 @@ async function agentInit () {
   const envPath = '.env'
 
   // keypair
-  let currentPrivateKey = null
-  try { currentPrivateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (e) {}
-
+  const currentPrivateKey = identity(false).privateKey
   const kp = keypair(currentPrivateKey, 'agent')
 
   touch(envPath)
@@ -19,8 +18,7 @@ async function agentInit () {
   dotenvx.set('AGENT_PRIVATE_KEY', JSON.stringify(kp.privateKey), { path: envPath, plain: true, quiet: true })
 
   // register agent with api
-  const postAgentRegister = new PostAgentRegister(null, kp.publicKey)
-  await postAgentRegister.run()
+  await new PostAgentRegister(null, kp.publicKey).run()
 
   return {
     AGENT_PUBLIC_KEY: kp.publicKey,

package/src/lib/helpers/env.js

@@ -0,0 +1,11 @@
+const dotenvx = require('@dotenvx/dotenvx')
+
+function env (key) {
+  try {
+    return dotenvx.get(key, { strict: true })
+  } catch {
+    return null
+  }
+}
+
+module.exports = env

package/src/lib/helpers/identity.js

@@ -0,0 +1,15 @@
+const env = require('./env')
+
+function identity (raiseError = true) {
+  const publicKey = env('AGENT_PUBLIC_KEY')
+  const privateKey = env('AGENT_PRIVATE_KEY')
+
+  if (raiseError && !(publicKey || !privateKey)) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
+
+  return {
+    publicKey,
+    privateKey
+  }
+}
+
+module.exports = identity

package/src/lib/helpers/providerVerify.js

@@ -4,7 +4,6 @@ const parseSignatureInputHeader = require('./parseSignatureInputHeader')
 const stripDictionaryKey = require('./stripDictionaryKey')
 const authorityMessage = require('./authorityMessage')
 const edPublicKeyObject = require('./edPublicKeyObject')
-const epoch = require('./epoch')
 
 function providerVerify (httpMetod, uri, signatureHeader, signatureInputHeader, publicKey) {
   const { values } = parseSignatureInputHeader(signatureInputHeader)

package/src/lib/helpers/agentAuth.js

@@ -1,50 +0,0 @@
-const { http } = require('./http')
-const sign = require('./sign')
-const dotenvx = require('@dotenvx/dotenvx')
-
-async function agentAuth (website) {
-  let publicKey = null
-  let privateKey = null
-  try { publicKey = dotenvx.get('AGENT_PUBLIC_KEY', { strict: true }) } catch (_e) {}
-  try { privateKey = dotenvx.get('AGENT_PRIVATE_KEY', { strict: true }) } catch (_e) {}
-
-  if (!publicKey && !privateKey) throw new Error('missing AGENT_PUBLIC_KEY and AGENT_PRIVATE_KEY. Run [vestauth agent init]')
-
-  let signature
-  const url = `${website}/agent/auth`
-
-  if (!signature) {
-    const resp = await http(url, {
-      method: 'POST',
-      headers: {
-        Authorization: `Agent ${publicKey}:${signature}`,
-        'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({})
-    })
-
-    const json = await resp.body.json()
-    const challenge = json.challenge // grab challenge
-    signature = await sign(challenge, privateKey)
-  }
-
-  const resp = await http(url, {
-    method: 'POST',
-    headers: {
-      Authorization: `Agent ${publicKey}:${signature}`,
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify({})
-  })
-
-  if (resp.statusCode >= 400) {
-    const json = await resp.body.json()
-    return json
-  }
-
-  const json = await resp.body.json()
-  // ok and if a success what should i do here? should i store the challenge to the .env file?
-  return json
-}
-
-module.exports = agentAuth