fix: access-api ctx.signer no longer uses env.DID. instead env.DID is…

… only used for ucanto server id (#303) Motivation: * #302
storacha · Dec 13, 2022 · 1155998 · 1155998
1 parent 7f4082f
commit 1155998
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 19 deletions.
diff --git a/packages/access-api/package.json b/packages/access-api/package.json
@@ -22,7 +22,6 @@
     "@ucanto/principal": "^4.0.2",
     "@ucanto/server": "^4.0.2",
     "@ucanto/transport": "^4.0.2",
-    "@ucanto/validator": "^4.0.2",
     "@web3-storage/access": "workspace:^",
     "@web3-storage/capabilities": "workspace:^",
     "@web3-storage/worker-utils": "0.4.3-dev",

diff --git a/packages/access-api/src/config.js b/packages/access-api/src/config.js
@@ -1,5 +1,5 @@
-import { DID } from '@ucanto/validator'
 import { Signer } from '@ucanto/principal/ed25519'
+import * as DID from '@ipld/dag-ucan/did'
 
 /**
  * Loads configuration variables from the global environment and returns a JS object
@@ -34,7 +34,8 @@ export function loadConfig(env) {
 
   const DID = env.DID
   const PRIVATE_KEY = vars.PRIVATE_KEY
-  const signer = configureSigner({ DID, PRIVATE_KEY })
+  const signer = configureSigner({ PRIVATE_KEY })
+  const ucantoServerId = configureUcantoServerId({ DID, PRIVATE_KEY })
   return {
     DEBUG: boolValue(vars.DEBUG),
     ENV: parseRuntimeEnv(vars.ENV),
@@ -55,6 +56,7 @@ export function loadConfig(env) {
     COMMITHASH: ACCOUNT_COMMITHASH,
 
     signer,
+    ucantoServerId,
 
     // bindings
     METRICS:
@@ -117,14 +119,25 @@ export function createAnalyticsEngine() {
  * Given a config, return a ucanto Signer object representing the service
  *
  * @param {object} config
- * @param {string} [config.DID] - public identifier of the running service. e.g. a did:key or a did:web
  * @param {string} config.PRIVATE_KEY - multiformats private key of primary signing key
+ * @returns {Signer.EdSigner}
  */
 export function configureSigner(config) {
   const signer = Signer.parse(config.PRIVATE_KEY)
-  const did = config.DID
-  if (!did) {
-    return signer
+  return signer
+}
+
+/**
+ * Given a config, return a ucanto principal
+ *
+ * @param {object} config
+ * @param {string} [config.DID] - public identifier of the running service. e.g. a did:key or a did:web
+ * @param {string} config.PRIVATE_KEY - multiformats private key of primary signing key
+ * @returns {import('@ucanto/interface').Principal}
+ */
+export function configureUcantoServerId(config) {
+  if (config.DID) {
+    return DID.parse(config.DID)
   }
-  return signer.withDID(DID.match({}).from(did))
+  return configureSigner(config)
 }
diff --git a/packages/access-api/src/routes/raw.js b/packages/access-api/src/routes/raw.js
@@ -8,7 +8,7 @@ import { service } from '../service/index.js'
  */
 export async function postRaw(request, env) {
   const server = Server.create({
-    id: env.signer,
+    id: env.config.ucantoServerId,
     encoder: serverCodec,
     decoder: serverCodec,
     service: service(env),

diff --git a/packages/access-api/test/config.test.js b/packages/access-api/test/config.test.js
@@ -19,21 +19,32 @@ const testKeypair = {
 }
 
 describe('@web3-storage/access-api/src/config configureSigner', () => {
-  it('creates a signer using config.{DID,PRIVATE_KEY}', async () => {
+  it('creates a signer using config.PRIVATE_KEY', async () => {
     const config = {
       PRIVATE_KEY: testKeypair.private.multiformats,
-      DID: 'did:web:exampe.com',
     }
     const signer = configModule.configureSigner(config)
     assert.ok(signer)
-    assert.equal(signer.did().toString(), config.DID)
+    assert.equal(signer.did().toString(), testKeypair.public.did)
     const { keys } = signer.toArchive()
     const didKeys = Object.keys(keys)
     assert.deepEqual(didKeys, [testKeypair.public.did])
   })
+})
+
+describe('@web3-storage/access-api/src/config configureUcantoServerId', () => {
+  it('creates a signer using config.{DID,PRIVATE_KEY}', async () => {
+    const config = {
+      PRIVATE_KEY: testKeypair.private.multiformats,
+      DID: 'did:web:exampe.com',
+    }
+    const serverId = configModule.configureUcantoServerId(config)
+    assert.ok(serverId)
+    assert.equal(serverId.did().toString(), config.DID)
+  })
   it('errors if config.DID is provided but not a did', () => {
     assert.throws(() => {
-      configModule.configureSigner({
+      configModule.configureUcantoServerId({
         DID: 'not a did',
         PRIVATE_KEY: testKeypair.private.multiformats,
       })
@@ -43,8 +54,8 @@ describe('@web3-storage/access-api/src/config configureSigner', () => {
     const config = {
       PRIVATE_KEY: testKeypair.private.multiformats,
     }
-    const signer = configModule.configureSigner(config)
-    assert.ok(signer)
-    assert.equal(signer.did().toString(), testKeypair.public.did)
+    const serverId = configModule.configureUcantoServerId(config)
+    assert.ok(serverId)
+    assert.equal(serverId.did().toString(), testKeypair.public.did)
   })
 })
diff --git a/packages/access-api/wrangler.toml b/packages/access-api/wrangler.toml
@@ -28,7 +28,7 @@ database_id = "7c676e0c-b9e7-4711-97c8-7b1c8eb229ae"
 [vars]
 ENV = "dev"
 DEBUG = "true"
-
+DID = "did:web:local.web3.storage"
 
 [build]
 command = "scripts/cli.js build"

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml