Save email verification token to person's pod (#5)

Before GET /verify-email, person must create a settings file that this service can discover and write to. This can be done automatically via app, e.g. sleepy.bike
solidcouch · Jan 17, 2024 · 6a40af1 · 6a40af1
1 parent 6576f66
commit 6a40af1
Show file tree

Hide file tree

Showing 9 changed files with 370 additions and 185 deletions.
diff --git a/src/config/index.ts b/src/config/index.ts
@@ -65,3 +65,6 @@ export const jwt = {
 export const emailDiscoveryType =
   process.env.EMAIL_DISCOVERY_TYPE ??
   'http://w3id.org/hospex/ns#PersonalHospexDocument'
+
+export const verificationTokenPredicate =
+  'https://example.com/emailVerificationToken'
diff --git a/src/controllers/integration.ts b/src/controllers/integration.ts
@@ -5,6 +5,7 @@ import { Middleware } from 'koa'
 import { pick } from 'lodash'
 import * as config from '../config'
 import { sendMail } from '../services/mailerService'
+import { findWritableSettings, getBotFetch } from '../utils'
 
 export const initializeIntegration: Middleware = async ctx => {
   // we should receive info about webId and email address
@@ -84,7 +85,49 @@ export const finishIntegration: Middleware = async ctx => {
     pem,
     { algorithm: 'ES256' },
   )
-  ctx.response.body = jwt
-  ctx.set('content-type', 'text/plain')
-  ctx.response.status = 200
+
+  // save the token to person
+  const savedTokensCount = await saveTokenToPerson(jwt, webId)
+
+  if (savedTokensCount === 0) {
+    ctx.response.status = 400
+    ctx.set('content-type', 'application/json')
+    ctx.response.body({
+      error:
+        "We could't find any writeable location on your Pod to save the email verifiation token. You can write it manually.",
+      token: jwt,
+    })
+  } else {
+    ctx.response.body = jwt
+    ctx.set('content-type', 'text/plain')
+    ctx.response.status = 200
+  }
+}
+
+/**
+ * Find writable settings files on person's pod
+ * and save the email verification token there
+ */
+const saveTokenToPerson = async (token: string, webId: string) => {
+  // find candidates for saving the token
+  const settings = await findWritableSettings(webId)
+  const authBotFetch = await getBotFetch()
+  // save the token to the candidates and keep track of how many succeeded
+  let okCount = 0
+  for (const uri of settings) {
+    const patch = `@prefix solid: <http://www.w3.org/ns/solid/terms#>.
+    _:patch a solid:InsertDeletePatch;
+      solid:inserts {
+        <${webId}> <${config.verificationTokenPredicate}> "${token}" .
+      } .`
+    const response = await authBotFetch(uri, {
+      method: 'PATCH',
+      headers: { 'content-type': 'text/n3' },
+      body: patch,
+    })
+
+    if (response.ok) okCount++
+  }
+
+  return okCount
 }
diff --git a/src/controllers/status.ts b/src/controllers/status.ts
@@ -1,14 +1,8 @@
-import { RdfQuery } from '@ldhop/core/dist/src'
-import { QueryAndStore } from '@ldhop/core/dist/src/QueryAndStore'
-import { fetchRdfDocument } from '@ldhop/core/dist/src/utils/helpers'
-import { getAuthenticatedFetch as getAuthenticatedFetch6x } from 'css-authn/dist/6.x'
-import { getAuthenticatedFetch as getAuthenticatedFetch7x } from 'css-authn/dist/7.x'
 import { readFile } from 'fs-extra'
 import { verify } from 'jsonwebtoken'
 import type { DefaultContext, DefaultState, Middleware } from 'koa'
-import { NamedNode, Quad } from 'n3'
-import { dct, rdfs, solid, space } from 'rdf-namespaces'
 import * as config from '../config'
+import { findEmailVerificationTokens } from '../utils'
 
 export const getVerifiedEmails = async (webId: string) => {
   const tokens = await findEmailVerificationTokens(webId)
@@ -46,114 +40,3 @@ export const getStatus: Middleware<
   ctx.response.body = { emailVerified: verifiedEmails.length > 0 }
   ctx.response.status = 200
 }
-
-/**
- * To find verified email of a person
- *
- * - Go to person's webId
- * - Find public type index `(webId) - solid:publicTypeIndex -> (publicTypeIndex)``
- * - Find instances of specific class defined in config (EMAIL_DISCOVERY_TYPE defaults to hospex:PersonalHospexDocument)
- * - Find settings in the relevant instance (webId) - space:preferencesFile -> (settings)
- * - In the settings, find (webId) - example:emailVerificationToken -> (JWT)
- */
-const findEmailQuery: RdfQuery = [
-  // Go to person's webId and fetch extended profile documents, too
-  {
-    type: 'match',
-    subject: '?person',
-    predicate: rdfs.seeAlso,
-    pick: 'object',
-    target: '?extendedDocument',
-  },
-  { type: 'add resources', variable: '?extendedDocument' },
-  // Find public type index
-  {
-    type: 'match',
-    subject: '?person',
-    predicate: solid.publicTypeIndex,
-    pick: 'object',
-    target: '?publicTypeIndex',
-  },
-  // Find instances of specific class defined in config (EMAIL_DISCOVERY_TYPE)
-  {
-    type: 'match',
-    subject: '?publicTypeIndex',
-    predicate: dct.references,
-    pick: 'object',
-    target: '?typeRegistration',
-  },
-  {
-    type: 'match',
-    subject: '?typeRegistration',
-    predicate: solid.forClass,
-    object: config.emailDiscoveryType,
-    pick: 'subject',
-    target: '?typeRegistrationForClass',
-  },
-  {
-    type: 'match',
-    subject: '?typeRegistrationForClass',
-    predicate: solid.instance,
-    pick: 'object',
-    target: `?classDocument`,
-  },
-  { type: 'add resources', variable: '?classDocument' },
-  // Find settings
-  {
-    type: 'match',
-    subject: '?person',
-    predicate: space.preferencesFile,
-    pick: 'object',
-    target: '?settings',
-  },
-  { type: 'add resources', variable: '?settings' },
-]
-
-const findEmailVerificationTokens = async (webId: string) => {
-  // initialize knowledge graph and follow your nose through it
-  // according to the query
-  const qas = new QueryAndStore(findEmailQuery, { person: new Set([webId]) })
-  await run(qas)
-
-  // Find email verification tokens
-  const objects = qas.store.getObjects(
-    new NamedNode(webId),
-    new NamedNode('https://example.com/emailVerificationToken'),
-    null,
-  )
-
-  return objects.map(o => o.value)
-}
-
-const fetchRdf = async (uri: string) => {
-  const getAuthenticatedFetch =
-    config.mailerCredentials.cssVersion === 6
-      ? getAuthenticatedFetch6x
-      : getAuthenticatedFetch7x
-  const authBotFetch = await getAuthenticatedFetch(config.mailerCredentials)
-
-  const { data: quads } = await fetchRdfDocument(uri, authBotFetch)
-
-  return quads
-}
-
-/**
- * Follow your nose through the linked data graph by query
- */
-const run = async (qas: QueryAndStore) => {
-  let missingResources = qas.getMissingResources()
-
-  while (missingResources.length > 0) {
-    let quads: Quad[] = []
-    const res = missingResources[0]
-    try {
-      quads = await fetchRdf(missingResources[0])
-    } catch (e) {
-      // eslint-disable-next-line no-console
-      console.error(e)
-    } finally {
-      qas.addResource(res, quads)
-      missingResources = qas.getMissingResources()
-    }
-  }
-}
diff --git a/src/test/helpers/index.ts b/src/test/helpers/index.ts
@@ -5,6 +5,8 @@ import { createSandbox } from 'sinon'
 import { v4 as uuidv4 } from 'uuid'
 import * as config from '../../config'
 import * as mailerService from '../../services/mailerService'
+import { setupEmailSettings } from './setupPod'
+import { Person } from './types'
 
 export const createRandomAccount = ({
   solidServer,
@@ -54,15 +56,26 @@ const finishIntegration = async (verificationLink: string) => {
 
 export const verifyEmail = async ({
   email,
+  person,
   authenticatedFetch,
 }: {
   email: string
+  person: Person
   authenticatedFetch: typeof fetch
 }) => {
+  await setupEmailSettings({
+    person,
+    email: '',
+    emailVerificationToken: '',
+    authenticatedFetch,
+    skipSettings: true,
+  })
+
   const { verificationLink } = await initIntegration({
     email,
     authenticatedFetch,
   })
+
   const { token } = await finishIntegration(verificationLink)
 
   return token