fix authorizeContentServe test

storacha · Nov 29, 2024 · 396d820 · 396d820
1 parent abb23bd
commit 396d820
Show file tree

Hide file tree

Showing 5 changed files with 93 additions and 13 deletions.
diff --git a/packages/filecoin-api/test/context/service.js b/packages/filecoin-api/test/context/service.js
@@ -13,6 +13,7 @@ import * as API from '../../src/types.js'
 
 import { validateAuthorization } from '../utils.js'
 import { mockService } from './mocks.js'
+import { Access } from '@web3-storage/capabilities'
 
 export { getStoreImplementations } from './store-implementations.js'
 export { getQueueImplementations } from './queue-implementations.js'
@@ -240,6 +241,16 @@ export function getMockService() {
         }
       ),
     },
+    access: {
+      delegate: Server.provide(
+        Access.delegate,
+        async ({ capability, invocation }) => {
+          return {
+            ok: {},
+          }
+        }
+      ),
+    },
   })
 }
 

diff --git a/packages/upload-api/test/helpers/utils.js b/packages/upload-api/test/helpers/utils.js
@@ -43,6 +43,7 @@ export const w3Signer = ed25519.parse(
 )
 export const w3 = w3Signer.withDID('did:web:test.web3.storage')
 
+/** did:key:z6MkuKJgV8DKxiAF5oaUcT8ckg8kZUoBe6yavSLnHn5ZgyAP */
 export const gatewaySigner = ed25519.parse(
   'MgCaNpGXCEX0+BxxE4SjSStrxU9Ru/Im+HGNQ/JJx3lDoI+0B3NWjWW3G8OzjbazZjanjM3kgfcZbvpyxv20jHtmcTtg='
 )

diff --git a/packages/w3up-client/src/client.js b/packages/w3up-client/src/client.js
@@ -345,15 +345,15 @@ export class Client extends Base {
   async authorizeContentServe(space, options) {
     const currentSpace = this.currentSpace()
     try {
-      // Set the current space to the space we are authorizing the gateway for
+      // Set the current space to the space we are authorizing the gateway for, otherwise the delegation will fail
       await this.setCurrentSpace(space.did())
 
       /** @type {import('@ucanto/client').Principal<`did:${string}:${string}`>} */
       const audience = {
         did: () => options.audience,
       }
 
-      // Create the delegation
+      // Grant the audience the ability to serve content from the space, it includes existing proofs automatically
       const delegation = await this.createDelegation(
         audience,
         [SpaceCapabilities.contentServe.can],
@@ -363,12 +363,15 @@ export class Client extends Base {
       )
 
       // Publish the delegation to the content serve service
+      const accessProofs = this.proofs([
+        { can: AccessCapabilities.access.can, with: space.did() },
+      ])
       const verificationResult = await AccessCapabilities.delegate
         .invoke({
           issuer: this._agent.issuer,
           audience,
           with: space.did(),
-          proofs: [delegation],
+          proofs: [...accessProofs, delegation],
           nb: {
             delegations: {
               [delegation.cid.toString()]: delegation.cid,

diff --git a/packages/w3up-client/test/client.test.js b/packages/w3up-client/test/client.test.js
@@ -15,10 +15,13 @@ import { receiptsEndpoint } from './helpers/utils.js'
 import { Absentee } from '@ucanto/principal'
 import { DIDMailto } from '../src/capability/access.js'
 import {
+  alice,
   confirmConfirmationUrl,
-  w3,
+  gateway,
+  gatewaySigner,
 } from '../../upload-api/test/helpers/utils.js'
 import * as SpaceCapability from '@web3-storage/capabilities/space'
+import { getConnection, getMockService } from './mocks/service.js'
 
 /** @type {Test.Suite} */
 export const testClient = {
@@ -547,33 +550,52 @@ export const testClient = {
   authorizeGateway: Test.withContext({
     'should authorize a gateway to serve content from a space': async (
       assert,
-      { client, mail, grantAccess, connection }
+      { mail, grantAccess, connection }
     ) => {
       // Step 1: Create a client for Alice and login
+      const aliceClient = new Client(
+        await AgentData.create({
+          principal: alice,
+        }),
+        {
+          // @ts-ignore
+          serviceConf: {
+            access: connection,
+            upload: connection,
+          },
+        }
+      )
+
       const aliceEmail = '[email protected]'
-      const aliceLogin = client.login(aliceEmail)
+      const aliceLogin = aliceClient.login(aliceEmail)
       const message = await mail.take()
       assert.deepEqual(message.to, aliceEmail)
       await grantAccess(message)
       const aliceAccount = await aliceLogin
 
       // Step 2: Alice creates a space
-      const spaceA = await client.createSpace('authorize-gateway-space', {
+      const spaceA = await aliceClient.createSpace('authorize-gateway-space', {
         account: aliceAccount,
+        skipContentServeAuthorization: true,
       })
       assert.ok(spaceA)
-      await client.setCurrentSpace(spaceA.did())
 
-      // Step 3: Authorize the gateway to serve content from the space
-      const delegationResult = await client.authorizeContentServe(spaceA, {
-        audience: w3.did(),
-        connection: connection,
+      const gatewayService = getMockService()
+      const gatewayConnection = getConnection(
+        gateway,
+        gatewayService
+      ).connection
+
+      // Step 3: Alice authorizes the gateway to serve content from the space
+      const delegationResult = await aliceClient.authorizeContentServe(spaceA, {
+        audience: gateway.did(),
+        connection: gatewayConnection,
       })
       assert.ok(delegationResult.ok)
       const { delegation } = delegationResult.ok
 
       // Step 4: Find the delegation for the default gateway
-      assert.equal(delegation.audience.did(), 'did:web:staging.w3s.link')
+      assert.equal(delegation.audience.did(), gateway.did())
       assert.ok(
         delegation.capabilities.some(
           (c) =>

diff --git a/packages/w3up-client/test/mocks/service.js b/packages/w3up-client/test/mocks/service.js
@@ -0,0 +1,43 @@
+import * as Client from '@ucanto/client'
+import * as Server from '@ucanto/server'
+import * as CAR from '@ucanto/transport/car'
+
+import * as AccessCaps from '@web3-storage/capabilities'
+
+/**
+ * Mocked Gateway/Content Serve service
+ */
+export function getMockService() {
+  return {
+    access: {
+      delegate: Server.provide(
+        AccessCaps.Access.delegate,
+        async ({ capability, invocation }) => {
+          return {
+            ok: {},
+          }
+        }
+      ),
+    },
+  }
+}
+
+/**
+ * @param {any} service
+ * @param {any} id
+ */
+export function getConnection(id, service) {
+  const server = Server.create({
+    id: id,
+    service,
+    codec: CAR.inbound,
+    validateAuthorization: () => ({ ok: {} }),
+  })
+  const connection = Client.connect({
+    id: id,
+    codec: CAR.outbound,
+    channel: server,
+  })
+
+  return { connection }
+}