fix(script):optional space creation + minor fixes

storacha · Nov 8, 2024 · 514c995 · 514c995
1 parent b045c81
commit 514c995
Show file tree

Hide file tree

Showing 7 changed files with 48 additions and 38 deletions.
diff --git a/.gitignore b/.gitignore
@@ -2,5 +2,5 @@ node_modules
 dist
 .mf
 .env
-.dev.vars
+.dev.vars*
 .wrangler
diff --git a/README.md b/README.md
@@ -101,7 +101,7 @@ npm run test:unit
 
 **Integration Tests**
 ```sh
-TBD
+npm run test:integration
 ```
 
 ## Deployment

diff --git a/scripts/delegate-serve.js b/scripts/delegate-serve.js
@@ -3,41 +3,54 @@ import { getClient } from '@web3-storage/w3cli/lib.js'
 import * as ed25519 from '@ucanto/principal/ed25519'
 import { Space } from '@web3-storage/capabilities'
 
-const cli = sade('delegate-serve.js [token]')
+const cli = sade('delegate-serve.js [space] [token]')
 
 cli
   .describe(
     `Delegates ${Space.contentServe.can} to the Gateway for a test space generated by the script, with an optional auth token. Outputs a base64url string suitable for the stub_delegation query parameter. Pipe the output to pbcopy or similar for the quickest workflow. If the GATEWAY_PRINCIPAL_KEY environment variable is not set, a new key pair will be generated.`
   )
-  .action(async (token) => {
+  .action(async (space, token) => {
     const client = await getClient()
-    const newSpace = await client.createSpace('test')
-    const authProof = await newSpace.createAuthorization(client.agent)
-    await client.addSpace(authProof)
+
+    let newSpace
+    let proofs = []
+    if (!space) {
+      newSpace = await client.createSpace('test')
+      const authProof = await newSpace.createAuthorization(client.agent)
+      await client.addSpace(authProof)
+      proofs = [authProof]
+    } else {
+      newSpace = space
+      proofs = client.proofs([
+        {
+          can: Space.contentServe.can,
+          with: newSpace.did(),
+        }
+      ])
+    }
 
     const signer =
       process.env.GATEWAY_PRINCIPAL_KEY
         ? ed25519.Signer.parse(process.env.GATEWAY_PRINCIPAL_KEY)
         : await ed25519.Signer.generate()
 
     const gatewayIdentity = signer.withDID('did:web:w3s.link')
-    const proofs = [authProof]
-    process.stdout.write(`Agent Proofs: ${proofs.flatMap(p => p.capabilities).map(c => `${c.can} with ${c.with}`).join('\n')}\n`)
     const delegation = await Space.contentServe.delegate({
       issuer: client.agent.issuer,
       audience: gatewayIdentity,
       with: newSpace.did(),
       expiration: Infinity,
       proofs
     })
-
+    
     await client.capability.access.delegate({
       delegations: [delegation],
     })
-
+    
     const carResult = await delegation.archive()
     if (carResult.error) throw carResult.error
     const base64Url = Buffer.from(carResult.ok).toString('base64url')
+    process.stdout.write(`Agent Proofs: ${proofs.flatMap(p => p.capabilities).map(c => `${c.can} with ${c.with}`).join('\n')}\n`)
     process.stdout.write(`Issuer: ${client.agent.issuer.did()}\n`)
     process.stdout.write(`Audience: ${gatewayIdentity.did()}\n`)
     process.stdout.write(`Space: ${newSpace.did()}\n`)

diff --git a/src/index.js b/src/index.js
@@ -27,7 +27,7 @@ import {
   withDelegationStubs
 } from './middleware/index.js'
 import { instrument } from '@microlabs/otel-cf-workers'
-import { NoopSpanProcessor } from '@opentelemetry/sdk-trace-base'
+// import { NoopSpanProcessor } from '@opentelemetry/sdk-trace-base'
 import { withEgressClient } from './middleware/withEgressClient.js'
 import { withGatewayIdentity } from './middleware/withGatewayIdentity.js'
 
@@ -102,12 +102,12 @@ function config (env, _trigger) {
     }
   }
   return {
-    spanProcessors: new NoopSpanProcessor(),
-    service: { name: 'freeway' }
+    // spanProcessors: new NoopSpanProcessor(),
+    service: { name: 'freeway' },
   }
 }
 
-export default instrument(handler, config)
+export default handler //instrument(handler, config)
 
 /**
  * @type {Middleware<BlockContext & UnixfsContext & IpfsUrlContext, BlockContext & UnixfsContext & IpfsUrlContext, Environment>}

diff --git a/src/middleware/withAuthorizedSpace.js b/src/middleware/withAuthorizedSpace.js
@@ -123,10 +123,6 @@ const authorize = async (space, ctx) => {
     authority: ctx.gatewayIdentity,
     principal: Verifier,
     validateAuthorization: () => ok({}),
-    // resolveDIDKey: async (did) => {
-    //   if (did === ctx.gatewayIdentity.did()) return ok(ctx.gatewayIdentity.toDIDKey())
-    //   throw new Error(`Unknown DID: ${did}`)
-    // }
   })
   if (accessResult.error) {
     return accessResult

diff --git a/src/middleware/withEgressClient.js b/src/middleware/withEgressClient.js
@@ -1,9 +1,9 @@
 import * as UCantoClient from '@ucanto/client'
 import * as CAR from '@ucanto/transport/car'
 import { SpaceDID } from '@web3-storage/capabilities/utils'
-import { Verifier, Signer } from '@ucanto/principal/ed25519'
 import { HTTP } from '@ucanto/transport'
 import { Space } from '@web3-storage/capabilities'
+import { DID } from '@ucanto/core'
 
 /**
  * @import { Middleware } from '@web3-storage/gateway-lib'
@@ -31,10 +31,7 @@ export function withEgressClient(handler) {
  * @returns {Promise<import('./withEgressClient.types.js').EgressClient>}
  */
 async function create(env, ctx) {
-  const principalSigner = ctx.gatewaySigner
-  const { connection } = await connect(env.UPLOAD_API_URL, principalSigner)
-
-  return {
+    return {
     /**
      * Records the egress bytes for the given resource.
      *
@@ -45,7 +42,7 @@ async function create(env, ctx) {
      * @returns {Promise<void>}
      */
     record: async (space, resource, bytes, servedAt) =>
-      record(space, resource, bytes, servedAt, connection, ctx),
+      record(space, resource, bytes, servedAt, env, ctx),
 
   }
 }
@@ -54,17 +51,17 @@ async function create(env, ctx) {
  * Creates a connection with the UCanto Server at the provided server URL.
  *
  * @param {string} serverUrl
- * @param {import('@ucanto/principal/ed25519').EdSigner} principal
+ * @param {import('@ucanto/client').Principal<`did:${string}:${string}`>} principal
  *
  */
 async function connect(serverUrl, principal) {
   const connection = await UCantoClient.connect({
     id: principal,
     codec: CAR.outbound,
-    channel: HTTP.open({ url: new URL(serverUrl) })
+    channel: HTTP.open({ url: new URL(serverUrl)}),
   })
 
-  return { connection }
+  return connection
 }
 
 /**
@@ -74,26 +71,26 @@ async function connect(serverUrl, principal) {
  * @param {import('@ucanto/principal/ed25519').UnknownLink} resource - The link to the resource that was served
  * @param {number} bytes - The number of bytes served
  * @param {Date} servedAt - The timestamp of when the content was served
- * @param {any} connection - The connection to execute the command
+ * @param {import('./withEgressClient.types.js').Environment} env - The environment
  * @param {import('./withEgressClient.types.js').EgressClientContext} ctx - The egress client context
  * @returns {Promise<void>}
  */
-async function record(space, resource, bytes, servedAt, connection, ctx) {
-  const egressRecord = Space.egressRecord
-  const invoke = egressRecord.invoke.bind(egressRecord)
-  debugger
-  const invocation = invoke({
+async function record(space, resource, bytes, servedAt, env, ctx) {
+  const uploadServicePrincipal = DID.parse('did:web:staging.web3.storage')
+  const connection = await connect(env.UPLOAD_API_URL, uploadServicePrincipal)
+
+  const invocation = Space.egressRecord.invoke({
     issuer: ctx.gatewayIdentity,
-    audience: ctx.gatewayIdentity,
+    audience: uploadServicePrincipal,
     with: SpaceDID.from(space),
     nb: {
       resource,
       bytes,
       servedAt: Math.floor(servedAt.getTime() / 1000)
     },
-    proofs: ctx.delegationProofs ? ctx.delegationProofs : []
+    proofs: ctx.delegationProofs ? ctx.delegationProofs : [],
+
   })
-  debugger
   const res = await invocation.execute(connection)
   if (res.out.error) {
     console.error(`Failed to record egress for space ${space}`, res.out.error)

diff --git a/wrangler.toml b/wrangler.toml
@@ -107,10 +107,14 @@ r2_buckets = [
 
 [env.fforbeck.vars]
 DEBUG = "true"
+# Feature Flags
 FF_RATE_LIMITER_ENABLED = "false"
 FF_EGRESS_TRACKER_ENABLED = "true"
+# DIDs
+GATEWAY_SERVICE_DID = "did:web:staging.w3s.link"
+UPLOAD_SERVICE_DID = "did:web:staging.web3.storage"
+# SERVICE URLs
 CONTENT_CLAIMS_SERVICE_URL = "https://staging.claims.web3.storage"
-GATEWAY_PRINCIPAL_KEY = "MgCaNpGXCEX0+BxxE4SjSStrxU9Ru/Im+HGNQ/JJx3lDoI+0B3NWjWW3G8OzjbazZjanjM3kgfcZbvpyxv20jHtmcTtg="
 UPLOAD_API_URL = "https://staging.up.web3.storage"
 
 [[env.fforbeck.unsafe.bindings]]