feat: publish keys for UMA and packaging (#30)

Author: termontwouter

package.json

@@ -78,7 +78,7 @@
     "koreografeye": "^0.4.8",
     "shx": "^0.3.3",
     "ts-jest": "^29.1.1",
-    "ts-node": "^10.9.1",
+    "ts-node": "^10.9.2",
     "typescript": "^5.2.2"
   },
   "resolutions": {

packages/css/config/default.json

@@ -6,7 +6,6 @@
   "import": [
     "css:config/app/main/default.json",
     "css:config/app/variables/default.json",
-    "css:config/http/handler/default.json",
     "css:config/http/middleware/default.json",
     "css:config/http/notifications/all.json",
     "css:config/http/server-factory/http.json",
@@ -29,6 +28,7 @@
     "css:config/util/resource-locker/memory.json",
     "css:config/util/variables/default.json",
     "uma-css:config/uma/default.json",
+    "uma-css:config/http/handler/default.json",
     "uma-css:config/ldp/authentication/uma.json",
     "uma-css:config/ldp/authorization/uma.json",
     "uma-css:config/ldp/handler/uma.json",

packages/css/config/http/handler/default.json

@@ -0,0 +1,59 @@
+{
+  "@context": [
+    "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^7.0.0/components/context.jsonld",
+    "https://linkedsoftwaredependencies.org/bundles/npm/@solidlab/uma-css/^0.0.0/components/context.jsonld"
+  ],
+  "import": [
+    "css:config/http/handler/handlers/storage-description.json"
+  ],
+  "@graph": [
+    {
+      "comment": "These are all the handlers a request will go through until it is handled.",
+      "@id": "urn:solid-server:default:HttpHandler",
+      "@type": "SequenceHandler",
+      "handlers": [
+        {
+          "@id": "urn:solid-server:default:Middleware"
+        },
+        {
+          "@id": "urn:solid-server:default:BaseHttpHandler",
+          "@type": "WaterfallHandler",
+          "handlers": [
+            {
+              "@id": "urn:solid-server:default:JwksHandler",
+              "@type": "JwksHandler",
+              "path": "/.well-known/jwks.json",
+              "generator": {
+                "@id": "urn:solid-server:default:JwkGenerator"
+              }
+            },
+            {
+              "@id": "urn:solid-server:default:StaticAssetHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:StaticAssetHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:OidcHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:NotificationHttpHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:StorageDescriptionHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:AuthResourceHttpHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:IdentityProviderHandler"
+            },
+            {
+              "@id": "urn:solid-server:default:LdpHandler"
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}

packages/css/package.json

@@ -67,7 +67,7 @@
     "@solidlab/uma": "workspace:^",
     "componentsjs": "^5.4.2",
     "cross-fetch": "^4.0.0",
-    "jose": "^4.15.4",
+    "jose": "^5.2.2",
     "n3": "^1.17.2"
   },
   "devDependencies": {

packages/css/src/index.ts

@@ -11,6 +11,10 @@ export * from './identity/interaction/account/util/LoginStorage';
 
 export * from './init/SeededAccountInitializer';
 
+export * from './server/description/AccountSettingsStorageDescriber';
+
+export * from './server/middleware/JwksHandler';
+
 export * from './storage/keyvalue/IndexedStorage';
 
 export * from './uma/ResourceRegistrar';

packages/css/src/server/description/AccountSettingsStorageDescriber.ts

@@ -0,0 +1,77 @@
+import type { NamedNode, Quad, Quad_Object, Term } from '@rdfjs/types';
+import { DataFactory } from 'n3';
+import { stringToTerm } from 'rdf-string';
+import type { PodStore, ResourceIdentifier } from '@solid/community-server';
+import { StorageDescriber } from '@solid/community-server';
+import quad = DataFactory.quad;
+import namedNode = DataFactory.namedNode;
+import type { AccountStore, AccountSettings } from '../../identity/interaction/account/util/AccountStore';
+
+/**
+ * Adds triples to the storage description resource, based on the settings of
+ * the account that created the storage. 
+ * 
+ * The resource identifier of the storage is used as subject.
+ */
+export class AccountSettingsStorageDescriber extends StorageDescriber {
+  private readonly terms: ReadonlyMap<NamedNode, keyof AccountSettings>;
+
+  public constructor(
+    private podStore: PodStore,
+    private accountStore: AccountStore,
+    terms: Record<string, keyof AccountSettings>,
+  ) {
+    super();
+    
+    const termMap = new Map<NamedNode, keyof AccountSettings>();
+    for (const [ predicate, settingsKey ] of Object.entries(terms)) {
+    
+      const predTerm = stringToTerm(predicate);
+      if (predTerm.termType !== 'NamedNode') {
+        throw new Error('Predicate needs to be a named node.');
+      }
+      
+      termMap.set(predTerm, settingsKey);
+    }
+
+    this.terms = termMap;
+  }
+
+  public async handle(target: ResourceIdentifier): Promise<Quad[]> {
+    const subject = namedNode(target.path);
+    const pod = await this.podStore.findByBaseUrl(target.path);
+    if (!pod) throw new Error(`Cannot find pod for storage path ${target.path}`);
+
+    const quads: Quad[] = [];
+    for await (const quad of this.generateTriples(subject, pod.accountId)) {
+      quads.push(quad);
+    }
+
+    return quads;
+  }
+
+  private async* generateTriples(subject: NamedNode, account: string): AsyncGenerator<Quad> {
+    
+    for (const [ predicate, settingsKey ] of this.terms.entries()) {
+
+      const settingsValue = await this.accountStore.getSetting(account, settingsKey);
+      if (settingsValue === undefined) continue;
+
+      const objects = (Array.isArray(settingsValue) ? settingsValue : [ settingsValue ]).map((value): Quad_Object => {
+        let term: Term;
+
+        try {
+          term = stringToTerm(`${value}`);
+        } catch {
+          term = stringToTerm(`"${value}"`);
+        }
+
+        return term as Quad_Object;
+      });
+
+      for (const object of objects) {
+        yield quad(subject, predicate, object);
+      }
+    }
+  }
+}

packages/css/src/server/middleware/JwksHandler.ts

@@ -0,0 +1,41 @@
+import type { HttpHandlerInput } from '@solid/community-server';
+import { HttpHandler, JwkGenerator, MethodNotAllowedHttpError, NotImplementedHttpError } from '@solid/community-server';
+
+export class JwksHandler extends HttpHandler {
+
+  constructor(
+    private path: string,
+    private generator: JwkGenerator,
+  ) {
+    super();
+  }
+
+  public async canHandle({ request }: HttpHandlerInput): Promise<void> {
+    const { method, url } = request;
+
+    if (!['GET', 'HEAD'].includes(method ?? '')) {
+      throw new MethodNotAllowedHttpError(
+        method ? [ method ] : undefined, 
+        `Only GET or HEAD requests can target the storage description.`
+      );
+    }
+    
+    if (url !== this.path) throw new NotImplementedHttpError(`This handler is not configured for ${url}`);
+  }
+
+
+  public async handle({ request, response }: HttpHandlerInput): Promise<void> {
+    const key = await this.generator.getPublicKey();
+
+    response.writeHead(200, {
+      'content-type': 'application/json',
+    });
+
+    if (request.method === 'HEAD') {
+      response.end();
+      return;
+    }
+
+    response.end(JSON.stringify({ keys: [ key ] }));
+  }
+}

yarn.lock

@@ -4136,7 +4136,7 @@ __metadata:
     "@types/node": "npm:^18.18.11"
     componentsjs: "npm:^5.4.2"
     cross-fetch: "npm:^4.0.0"
-    jose: "npm:^4.15.4"
+    jose: "npm:^5.2.2"
     n3: "npm:^1.17.2"
   languageName: unknown
   linkType: soft
@@ -4181,7 +4181,7 @@ __metadata:
     koreografeye: "npm:^0.4.8"
     shx: "npm:^0.3.3"
     ts-jest: "npm:^29.1.1"
-    ts-node: "npm:^10.9.1"
+    ts-node: "npm:^10.9.2"
     typescript: "npm:^5.2.2"
   languageName: unknown
   linkType: soft
@@ -7990,7 +7990,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"jose@npm:^4.15.2, jose@npm:^4.15.4, jose@npm:^4.5.1, jose@npm:^4.7.0":
+"jose@npm:^4.15.2, jose@npm:^4.5.1, jose@npm:^4.7.0":
   version: 4.15.4
   resolution: "jose@npm:4.15.4"
   checksum: 10c0/ce8b29f84d6172a566b12b599dafa82f3bef0f16278bb76d562490ac1516fcc14017b05a39d20ffad25ed504f4996d4af4c9d3e0273d95b2d5559bf6d1112bc0
@@ -8004,6 +8004,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"jose@npm:^5.2.2":
+  version: 5.2.2
+  resolution: "jose@npm:5.2.2"
+  checksum: 10c0/f6a439d41fa36e1c0a3a1554c1955ba656f37a7fc5e353bdcbda144cc9210fe513cc1b0480ec5bd5de50c0ec23714c82d82ae89f1b906656b683aa35ae075b68
+  languageName: node
+  linkType: hard
+
 "js-tokens@npm:^4.0.0":
   version: 4.0.0
   resolution: "js-tokens@npm:4.0.0"
@@ -10792,6 +10799,44 @@ __metadata:
   languageName: node
   linkType: hard
 
+"ts-node@npm:^10.9.2":
+  version: 10.9.2
+  resolution: "ts-node@npm:10.9.2"
+  dependencies:
+    "@cspotcode/source-map-support": "npm:^0.8.0"
+    "@tsconfig/node10": "npm:^1.0.7"
+    "@tsconfig/node12": "npm:^1.0.7"
+    "@tsconfig/node14": "npm:^1.0.0"
+    "@tsconfig/node16": "npm:^1.0.2"
+    acorn: "npm:^8.4.1"
+    acorn-walk: "npm:^8.1.1"
+    arg: "npm:^4.1.0"
+    create-require: "npm:^1.1.0"
+    diff: "npm:^4.0.1"
+    make-error: "npm:^1.1.1"
+    v8-compile-cache-lib: "npm:^3.0.1"
+    yn: "npm:3.1.1"
+  peerDependencies:
+    "@swc/core": ">=1.2.50"
+    "@swc/wasm": ">=1.2.50"
+    "@types/node": "*"
+    typescript: ">=2.7"
+  peerDependenciesMeta:
+    "@swc/core":
+      optional: true
+    "@swc/wasm":
+      optional: true
+  bin:
+    ts-node: dist/bin.js
+    ts-node-cwd: dist/bin-cwd.js
+    ts-node-esm: dist/bin-esm.js
+    ts-node-script: dist/bin-script.js
+    ts-node-transpile-only: dist/bin-transpile.js
+    ts-script: dist/bin-script-deprecated.js
+  checksum: 10c0/5f29938489f96982a25ba650b64218e83a3357d76f7bede80195c65ab44ad279c8357264639b7abdd5d7e75fc269a83daa0e9c62fd8637a3def67254ecc9ddc2
+  languageName: node
+  linkType: hard
+
 "tslib@npm:^1.8.1":
   version: 1.14.1
   resolution: "tslib@npm:1.14.1"