developer/galaxy-game
1
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Wiki Activity
Files
ae91037bc3f17d49d5193fce2d0af2682321b24e
galaxy-game/ui/frontend/tests/e2e/fixtures/sign-response.ts
T
Ilia Denisov 8565942392
Build · Site / build (push) Successful in 8s
Details
Tests · Go / test (push) Successful in 2m22s
Details
Tests · UI / test (push) Failing after 2m42s
Details
feat(deploy): single-origin path-based deployment + project site 
Serve the whole stack behind one host: site at /, game UI at /game/,
gateway REST at /api + /healthz, Connect at /rpc (prefix stripped by the
edge Caddy). The built artifact is domain-agnostic — the UI talks to the
gateway same-origin via relative URLs, so the same bundle runs under any
host with no rebuild and with CORS disabled.

- Rename the Connect proto service galaxy.gateway.v1.EdgeGateway ->
  edge.v1.Gateway; regenerate Go + TS; public path /rpc/edge.v1.Gateway.
- Move the game UI under base path /game (env BASE_PATH); make the
  manifest, service-worker scope, WASM loader, and all navigation
  base-aware via a withBase helper.
- Relative API + /rpc Connect prefix; Vite dev proxy mirrors the strip.
- Rewrite the edge Caddy (dev + prod) for path-based routing; empty CORS
  allow-lists (same-origin); single host.
- New VitePress project site (site/): i18n en/ru with switcher, LaTeX
  math, minimal monospace theme; built and served at /.
- dev-deploy compose/Makefile + CI (dev-deploy, prod-build, new
  site-build) build and seed the site; probes hit /, /game/, /healthz.
- Sync docs (ARCHITECTURE, gateway README/openapi, dev-deploy &
  local-dev READMEs, CLAUDE.md, ui/PLAN).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 18:19:07 +02:00

84 lines
2.5 KiB
TypeScript
Raw Blame History

// Helper used by `auth-flow.spec.ts` to forge a Connect-Web-shaped
// `ExecuteCommandResponse` signed with the fixture gateway response
// key. Lives next to the keypair fixture so the e2e file stays
// focused on the UI flow. Connect-Web's default transport uses
// JSON over HTTP/1.1, so the helper emits JSON bytes; the canonical
// signing input is still the binary form defined in
// `ui/core/canon/response.go`.
import { create, toJson, toJsonString } from "@bufbuild/protobuf";
import { webcrypto } from "node:crypto";
import { ExecuteCommandResponseSchema } from "../../../src/proto/edge/v1/edge_gateway_pb";
import {
FIXTURE_PRIVATE_KEY_PKCS8_BASE64,
decodeBase64,
} from "./gateway-key";
import { buildResponseSigningInput } from "./canon";
const PROTOCOL_VERSION = "v1";
export interface ForgedResponseInput {
requestId: string;
timestampMs: bigint;
resultCode: string;
payloadBytes: Uint8Array;
}
let cachedPrivateKey: CryptoKey | null = null;
async function privateKey(): Promise<CryptoKey> {
if (cachedPrivateKey !== null) {
return cachedPrivateKey;
}
const pkcs8 = decodeBase64(FIXTURE_PRIVATE_KEY_PKCS8_BASE64);
cachedPrivateKey = await webcrypto.subtle.importKey(
"pkcs8",
pkcs8,
{ name: "Ed25519" },
false,
["sign"],
);
return cachedPrivateKey;
}
async function sha256(payload: Uint8Array): Promise<Uint8Array> {
const digest = await webcrypto.subtle.digest("SHA-256", payload);
return new Uint8Array(digest);
}
/**
* forgeExecuteCommandResponseJson produces the JSON body of a
* gateway response that `GalaxyClient.executeCommand` will accept
* under the fixture public key, encoded the way Connect-Web's
* default JSON transport expects to receive it.
*/
export async function forgeExecuteCommandResponseJson(
input: ForgedResponseInput,
): Promise<string> {
const payloadHash = await sha256(input.payloadBytes);
const canonical = buildResponseSigningInput({
protocolVersion: PROTOCOL_VERSION,
requestId: input.requestId,
timestampMs: input.timestampMs,
resultCode: input.resultCode,
payloadHash,
});
const sig = await webcrypto.subtle.sign(
{ name: "Ed25519" },
await privateKey(),
canonical,
);
const message = create(ExecuteCommandResponseSchema, {
protocolVersion: PROTOCOL_VERSION,
requestId: input.requestId,
timestampMs: input.timestampMs,
resultCode: input.resultCode,
payloadBytes: input.payloadBytes,
payloadHash,
signature: new Uint8Array(sig),
});
return toJsonString(ExecuteCommandResponseSchema, message);
}
export { toJson };
Reference in New Issue View Git Blame Copy Permalink