phase 7: auth flow UI (email-code login + session resume + revocation)
Implements ui/PLAN.md Phase 7 end-to-end: - /login two-step form (email -> code) over the gateway public REST surface; /lobby placeholder issues the first authenticated user.account.get and renders the decoded display name. - SessionStore (Svelte 5 runes) with loading / unsupported / anonymous / authenticated states; layout-level route guard, browser-not-supported blocker, and a minimal SubscribeEvents revocation watcher that closes the active client within 1s on a clean stream end or Unauthenticated. - VITE_GATEWAY_BASE_URL + VITE_GATEWAY_RESPONSE_PUBLIC_KEY config plus AuthError taxonomy in api/auth.ts. - Vitest (auth-api, session-store, login-page) and Playwright e2e (auth-flow.spec.ts) on the four configured projects, with a fixture Ed25519 keypair forging Connect-Web JSON responses. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Ilia Denisov
@@ -0,0 +1,57 @@
|
||||
// TypeScript port of the canonical response-signing serializer in
|
||||
// `ui/core/canon/response.go` (`BuildResponseSigningInput`). Used by
|
||||
// the Phase 7 Playwright spec to forge gateway responses and sign
|
||||
// them with the fixture key. The Go-side parity check
|
||||
// (`gateway/authn/parity_with_ui_core_test.go`) is the source of
|
||||
// truth; this TS copy stays small enough to read against that test.
|
||||
|
||||
const RESPONSE_DOMAIN_MARKER_V1 = "galaxy-response-v1";
|
||||
|
||||
export interface ResponseSigningFields {
|
||||
protocolVersion: string;
|
||||
requestId: string;
|
||||
timestampMs: bigint;
|
||||
resultCode: string;
|
||||
payloadHash: Uint8Array;
|
||||
}
|
||||
|
||||
export function buildResponseSigningInput(
|
||||
fields: ResponseSigningFields,
|
||||
): Uint8Array {
|
||||
const parts: number[] = [];
|
||||
appendLengthPrefixedString(parts, RESPONSE_DOMAIN_MARKER_V1);
|
||||
appendLengthPrefixedString(parts, fields.protocolVersion);
|
||||
appendLengthPrefixedString(parts, fields.requestId);
|
||||
appendBigEndianUint64(parts, fields.timestampMs);
|
||||
appendLengthPrefixedString(parts, fields.resultCode);
|
||||
appendLengthPrefixedBytes(parts, fields.payloadHash);
|
||||
return new Uint8Array(parts);
|
||||
}
|
||||
|
||||
function appendLengthPrefixedString(dst: number[], value: string): void {
|
||||
const bytes = new TextEncoder().encode(value);
|
||||
appendLengthPrefixedBytes(dst, bytes);
|
||||
}
|
||||
|
||||
function appendLengthPrefixedBytes(dst: number[], value: Uint8Array): void {
|
||||
appendUvarint(dst, BigInt(value.length));
|
||||
for (let i = 0; i < value.length; i++) {
|
||||
dst.push(value[i]!);
|
||||
}
|
||||
}
|
||||
|
||||
function appendUvarint(dst: number[], value: bigint): void {
|
||||
let v = value;
|
||||
while (v >= 0x80n) {
|
||||
dst.push(Number(v & 0xffn) | 0x80);
|
||||
v >>= 7n;
|
||||
}
|
||||
dst.push(Number(v & 0xffn));
|
||||
}
|
||||
|
||||
function appendBigEndianUint64(dst: number[], value: bigint): void {
|
||||
const v = value & 0xffffffffffffffffn;
|
||||
for (let i = 7; i >= 0; i--) {
|
||||
dst.push(Number((v >> BigInt(i * 8)) & 0xffn));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
// Deterministic Ed25519 keypair used by the Phase 7 Playwright e2e
|
||||
// suite to forge gateway-shaped responses inside `page.route(...)`.
|
||||
// The pair was generated once with Node's WebCrypto and is checked
|
||||
// in: it is purely test fixture material, not used in production
|
||||
// builds, and the public half lands in the dev server via
|
||||
// `VITE_GATEWAY_RESPONSE_PUBLIC_KEY` from `playwright.config.ts`.
|
||||
|
||||
export const FIXTURE_PUBLIC_KEY_RAW_BASE64 =
|
||||
"3Jf1C+qApVeysTytS6umsvTGqNfn3oHcagJhO97Ias4=";
|
||||
|
||||
export const FIXTURE_PRIVATE_KEY_PKCS8_BASE64 =
|
||||
"MC4CAQAwBQYDK2VwBCIEIGnpfNAYxKJivan1ww5uvidgozuz9JXQM9dcdYrSiHHt";
|
||||
|
||||
export function decodeBase64(value: string): Uint8Array {
|
||||
const bin = Buffer.from(value, "base64");
|
||||
return new Uint8Array(bin.buffer, bin.byteOffset, bin.byteLength);
|
||||
}
|
||||
@@ -0,0 +1,83 @@
|
||||
// Helper used by `auth-flow.spec.ts` to forge a Connect-Web-shaped
|
||||
// `ExecuteCommandResponse` signed with the fixture gateway response
|
||||
// key. Lives next to the keypair fixture so the e2e file stays
|
||||
// focused on the UI flow. Connect-Web's default transport uses
|
||||
// JSON over HTTP/1.1, so the helper emits JSON bytes; the canonical
|
||||
// signing input is still the binary form defined in
|
||||
// `ui/core/canon/response.go`.
|
||||
|
||||
import { create, toJson, toJsonString } from "@bufbuild/protobuf";
|
||||
import { webcrypto } from "node:crypto";
|
||||
import { ExecuteCommandResponseSchema } from "../../../src/proto/galaxy/gateway/v1/edge_gateway_pb";
|
||||
import {
|
||||
FIXTURE_PRIVATE_KEY_PKCS8_BASE64,
|
||||
decodeBase64,
|
||||
} from "./gateway-key";
|
||||
import { buildResponseSigningInput } from "./canon";
|
||||
|
||||
const PROTOCOL_VERSION = "v1";
|
||||
|
||||
export interface ForgedResponseInput {
|
||||
requestId: string;
|
||||
timestampMs: bigint;
|
||||
resultCode: string;
|
||||
payloadBytes: Uint8Array;
|
||||
}
|
||||
|
||||
let cachedPrivateKey: CryptoKey | null = null;
|
||||
|
||||
async function privateKey(): Promise<CryptoKey> {
|
||||
if (cachedPrivateKey !== null) {
|
||||
return cachedPrivateKey;
|
||||
}
|
||||
const pkcs8 = decodeBase64(FIXTURE_PRIVATE_KEY_PKCS8_BASE64);
|
||||
cachedPrivateKey = await webcrypto.subtle.importKey(
|
||||
"pkcs8",
|
||||
pkcs8,
|
||||
{ name: "Ed25519" },
|
||||
false,
|
||||
["sign"],
|
||||
);
|
||||
return cachedPrivateKey;
|
||||
}
|
||||
|
||||
async function sha256(payload: Uint8Array): Promise<Uint8Array> {
|
||||
const digest = await webcrypto.subtle.digest("SHA-256", payload);
|
||||
return new Uint8Array(digest);
|
||||
}
|
||||
|
||||
/**
|
||||
* forgeExecuteCommandResponseJson produces the JSON body of a
|
||||
* gateway response that `GalaxyClient.executeCommand` will accept
|
||||
* under the fixture public key, encoded the way Connect-Web's
|
||||
* default JSON transport expects to receive it.
|
||||
*/
|
||||
export async function forgeExecuteCommandResponseJson(
|
||||
input: ForgedResponseInput,
|
||||
): Promise<string> {
|
||||
const payloadHash = await sha256(input.payloadBytes);
|
||||
const canonical = buildResponseSigningInput({
|
||||
protocolVersion: PROTOCOL_VERSION,
|
||||
requestId: input.requestId,
|
||||
timestampMs: input.timestampMs,
|
||||
resultCode: input.resultCode,
|
||||
payloadHash,
|
||||
});
|
||||
const sig = await webcrypto.subtle.sign(
|
||||
{ name: "Ed25519" },
|
||||
await privateKey(),
|
||||
canonical,
|
||||
);
|
||||
const message = create(ExecuteCommandResponseSchema, {
|
||||
protocolVersion: PROTOCOL_VERSION,
|
||||
requestId: input.requestId,
|
||||
timestampMs: input.timestampMs,
|
||||
resultCode: input.resultCode,
|
||||
payloadBytes: input.payloadBytes,
|
||||
payloadHash,
|
||||
signature: new Uint8Array(sig),
|
||||
});
|
||||
return toJsonString(ExecuteCommandResponseSchema, message);
|
||||
}
|
||||
|
||||
export { toJson };
|
||||
Reference in New Issue
Block a user