From 1728a4c06cb5c1d45bffa28f87bc3bebdb5bc043 Mon Sep 17 00:00:00 2001 From: Petra Jaros Date: Fri, 6 Sep 2024 11:15:20 -0400 Subject: [PATCH 1/2] refactor: Avoid conflation of Space and Account * `space.signer.withDID(account)` gives us a Signer with the Space's key, but which reports the Account's DID. It looks like this might have been needed at some point when this thing was actually used to sign something. But as of now, we don't need a *Signer*, just a DID, and a `did:mailto:` is fine. So, simplify this. * This was being passed as the `agent`, but it's not an Agent. `createAuthorization()` doesn't need an Agent, it needs an *audience*. In some cases that's an Agent, in some cases it's an Account. This changes the name to clarify. --- packages/access-client/src/space.js | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/packages/access-client/src/space.js b/packages/access-client/src/space.js index 753df58ff..ec2b1c15c 100644 --- a/packages/access-client/src/space.js +++ b/packages/access-client/src/space.js @@ -1,5 +1,5 @@ import * as ED25519 from '@ucanto/principal/ed25519' -import { delegate, Schema, UCAN, error, fail } from '@ucanto/core' +import { delegate, Schema, UCAN, error, fail, DID } from '@ucanto/core' import * as BIP39 from '@scure/bip39' import { wordlist } from '@scure/bip39/wordlists/english' import * as API from './types.js' @@ -67,7 +67,7 @@ export const toMnemonic = ({ signer }) => { */ export const createRecovery = (space, account) => createAuthorization(space, { - agent: space.signer.withDID(account), + audience: DID.parse(account), access: Access.accountAccess, expiration: Infinity, }) @@ -85,21 +85,21 @@ export const SESSION_LIFETIME = 60 * 60 * 24 * 365 * * @param {Model} space * @param {object} options - * @param {API.Principal} options.agent + * @param {API.Principal} options.audience * @param {API.Access} [options.access] * @param {API.UTCUnixTimestamp} [options.expiration] */ export const createAuthorization = async ( { signer, name }, { - agent, + audience, access = Access.spaceAccess, expiration = UCAN.now() + SESSION_LIFETIME, } ) => { return await delegate({ issuer: signer, - audience: agent, + audience: audience, capabilities: toCapabilities({ [signer.did()]: access, }), @@ -174,7 +174,7 @@ export class OwnedSpace { return fail('Please provide an agent to save the space into') } - const proof = await createAuthorization(this, { agent }) + const proof = await createAuthorization(this, { audience: agent }) await agent.importSpaceFromDelegation(proof) await agent.setCurrentSpace(this.did()) @@ -210,13 +210,13 @@ export class OwnedSpace { * specified ability (passed as `access.can` field) on the this space. * Optionally, you can specify `access.expiration` field to set the * - * @param {API.Principal} agent + * @param {API.Principal} principal * @param {object} [input] * @param {API.Access} [input.access] * @param {API.UCAN.UTCUnixTimestamp} [input.expiration] */ - createAuthorization(agent, input) { - return createAuthorization(this, { ...input, agent }) + createAuthorization(principal, input) { + return createAuthorization(this, { ...input, audience: principal }) } /** From 12e04896505963a99fd7550b5cf94129aea5a4cd Mon Sep 17 00:00:00 2001 From: Petra Jaros Date: Fri, 6 Sep 2024 11:32:01 -0400 Subject: [PATCH 2/2] chore: Don't specify version in workflow We already have it in `packageManager`. --- .github/workflows/access-client.yml | 2 -- .github/workflows/blob-index.yml | 2 -- .github/workflows/did-mailto.yml | 2 -- .github/workflows/filecoin-api.yml | 2 -- .github/workflows/upload-api.yml | 4 ---- .github/workflows/w3up-client.yml | 2 -- 6 files changed, 14 deletions(-) diff --git a/.github/workflows/access-client.yml b/.github/workflows/access-client.yml index ad516eef4..6998c2622 100644 --- a/.github/workflows/access-client.yml +++ b/.github/workflows/access-client.yml @@ -28,8 +28,6 @@ jobs: steps: - uses: actions/checkout@v3 - uses: pnpm/action-setup@v4 - with: - version: 9 - uses: actions/setup-node@v3 with: node-version: ${{ matrix.node_version }} diff --git a/.github/workflows/blob-index.yml b/.github/workflows/blob-index.yml index 2b90753b2..9712fe68a 100644 --- a/.github/workflows/blob-index.yml +++ b/.github/workflows/blob-index.yml @@ -26,8 +26,6 @@ jobs: uses: actions/checkout@v3 - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 with: diff --git a/.github/workflows/did-mailto.yml b/.github/workflows/did-mailto.yml index fe63e4cf6..2142d0862 100644 --- a/.github/workflows/did-mailto.yml +++ b/.github/workflows/did-mailto.yml @@ -26,8 +26,6 @@ jobs: uses: actions/checkout@v3 - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 with: diff --git a/.github/workflows/filecoin-api.yml b/.github/workflows/filecoin-api.yml index 3b6f6440e..492cf6c01 100644 --- a/.github/workflows/filecoin-api.yml +++ b/.github/workflows/filecoin-api.yml @@ -30,8 +30,6 @@ jobs: - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 diff --git a/.github/workflows/upload-api.yml b/.github/workflows/upload-api.yml index 0fcbda9a4..27aac10e1 100644 --- a/.github/workflows/upload-api.yml +++ b/.github/workflows/upload-api.yml @@ -30,8 +30,6 @@ jobs: - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 @@ -61,8 +59,6 @@ jobs: - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 diff --git a/.github/workflows/w3up-client.yml b/.github/workflows/w3up-client.yml index 4d80288e6..be8e554fc 100644 --- a/.github/workflows/w3up-client.yml +++ b/.github/workflows/w3up-client.yml @@ -31,8 +31,6 @@ jobs: uses: actions/checkout@v3 - name: Install uses: pnpm/action-setup@v4 - with: - version: 9 - name: Setup uses: actions/setup-node@v3 with: