developer/galaxy-game
1
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Wiki Activity
Files
5d2f2bfc26146d8630fd3fab680ea6284ba105d0
galaxy-game/ui/frontend/tests/e2e/fixtures/sign-event.ts
T
Ilia Denisov 8565942392
Build · Site / build (push) Successful in 8s
Details
Tests · Go / test (push) Successful in 2m22s
Details
Tests · UI / test (push) Failing after 2m42s
Details
feat(deploy): single-origin path-based deployment + project site 
Serve the whole stack behind one host: site at /, game UI at /game/,
gateway REST at /api + /healthz, Connect at /rpc (prefix stripped by the
edge Caddy). The built artifact is domain-agnostic — the UI talks to the
gateway same-origin via relative URLs, so the same bundle runs under any
host with no rebuild and with CORS disabled.

- Rename the Connect proto service galaxy.gateway.v1.EdgeGateway ->
  edge.v1.Gateway; regenerate Go + TS; public path /rpc/edge.v1.Gateway.
- Move the game UI under base path /game (env BASE_PATH); make the
  manifest, service-worker scope, WASM loader, and all navigation
  base-aware via a withBase helper.
- Relative API + /rpc Connect prefix; Vite dev proxy mirrors the strip.
- Rewrite the edge Caddy (dev + prod) for path-based routing; empty CORS
  allow-lists (same-origin); single host.
- New VitePress project site (site/): i18n en/ru with switcher, LaTeX
  math, minimal monospace theme; built and served at /.
- dev-deploy compose/Makefile + CI (dev-deploy, prod-build, new
  site-build) build and seed the site; probes hit /, /game/, /healthz.
- Sync docs (ARCHITECTURE, gateway README/openapi, dev-deploy &
  local-dev READMEs, CLAUDE.md, ui/PLAN).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 18:19:07 +02:00

95 lines
2.9 KiB
TypeScript
Raw Blame History

// `forgeGatewayEventFrame` produces one Connect HTTP/1.1
// server-streaming frame carrying a `GatewayEvent` signed with the
// fixture private key. The Playwright `turn-ready.spec.ts` route
// handler returns this body when the UI opens `SubscribeEvents` so
// the production verification path (`core.verifyEvent`) accepts the
// frame under the matching public key the dev server picks up via
// `VITE_GATEWAY_RESPONSE_PUBLIC_KEY`.
//
// Connect HTTP/1.1 server-streaming framing per request:
// 1 byte flag (0x00 = message)
// 4 bytes length (big-endian, payload size)
// N bytes payload (JSON-encoded GatewayEvent for the JSON codec)
//
// The route handler closes the response after one frame; the UI's
// `events.svelte.ts` reconnect loop treats the abrupt end-of-body as
// a transient error and backs off, which keeps the toast visible
// long enough for the test to assert on it.
import { create, toJsonString } from "@bufbuild/protobuf";
import { webcrypto } from "node:crypto";
import { GatewayEventSchema } from "../../../src/proto/edge/v1/edge_gateway_pb";
import { buildEventSigningInput } from "./canon";
import {
FIXTURE_PRIVATE_KEY_PKCS8_BASE64,
decodeBase64,
} from "./gateway-key";
export interface ForgedEventInput {
eventType: string;
eventId: string;
timestampMs: bigint;
requestId: string;
traceId: string;
payloadBytes: Uint8Array;
}
let cachedPrivateKey: CryptoKey | null = null;
async function privateKey(): Promise<CryptoKey> {
if (cachedPrivateKey !== null) {
return cachedPrivateKey;
}
const pkcs8 = decodeBase64(FIXTURE_PRIVATE_KEY_PKCS8_BASE64);
cachedPrivateKey = await webcrypto.subtle.importKey(
"pkcs8",
pkcs8,
{ name: "Ed25519" },
false,
["sign"],
);
return cachedPrivateKey;
}
async function sha256(payload: Uint8Array): Promise<Uint8Array> {
const digest = await webcrypto.subtle.digest("SHA-256", payload);
return new Uint8Array(digest);
}
export async function forgeGatewayEventFrame(
input: ForgedEventInput,
): Promise<Uint8Array> {
const payloadHash = await sha256(input.payloadBytes);
const canonical = buildEventSigningInput({
eventType: input.eventType,
eventId: input.eventId,
timestampMs: input.timestampMs,
requestId: input.requestId,
traceId: input.traceId,
payloadHash,
});
const signatureBuf = await webcrypto.subtle.sign(
{ name: "Ed25519" },
await privateKey(),
canonical,
);
const event = create(GatewayEventSchema, {
eventType: input.eventType,
eventId: input.eventId,
timestampMs: input.timestampMs,
payloadBytes: input.payloadBytes,
payloadHash,
signature: new Uint8Array(signatureBuf),
requestId: input.requestId,
traceId: input.traceId,
});
const body = new TextEncoder().encode(
toJsonString(GatewayEventSchema, event),
);
const frame = new Uint8Array(5 + body.length);
frame[0] = 0x00; // message frame
new DataView(frame.buffer).setUint32(1, body.length, false);
frame.set(body, 5);
return frame;
}
Reference in New Issue View Git Blame Copy Permalink