Ilia Denisov
22b0710d04
Implements ui/PLAN.md Phase 7 end-to-end: - /login two-step form (email -> code) over the gateway public REST surface; /lobby placeholder issues the first authenticated user.account.get and renders the decoded display name. - SessionStore (Svelte 5 runes) with loading / unsupported / anonymous / authenticated states; layout-level route guard, browser-not-supported blocker, and a minimal SubscribeEvents revocation watcher that closes the active client within 1s on a clean stream end or Unauthenticated. - VITE_GATEWAY_BASE_URL + VITE_GATEWAY_RESPONSE_PUBLIC_KEY config plus AuthError taxonomy in api/auth.ts. - Vitest (auth-api, session-store, login-page) and Playwright e2e (auth-flow.spec.ts) on the four configured projects, with a fixture Ed25519 keypair forging Connect-Web JSON responses. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
58 lines
1.8 KiB
TypeScript
58 lines
1.8 KiB
TypeScript
// TypeScript port of the canonical response-signing serializer in
|
|
// `ui/core/canon/response.go` (`BuildResponseSigningInput`). Used by
|
|
// the Phase 7 Playwright spec to forge gateway responses and sign
|
|
// them with the fixture key. The Go-side parity check
|
|
// (`gateway/authn/parity_with_ui_core_test.go`) is the source of
|
|
// truth; this TS copy stays small enough to read against that test.
|
|
|
|
const RESPONSE_DOMAIN_MARKER_V1 = "galaxy-response-v1";
|
|
|
|
export interface ResponseSigningFields {
|
|
protocolVersion: string;
|
|
requestId: string;
|
|
timestampMs: bigint;
|
|
resultCode: string;
|
|
payloadHash: Uint8Array;
|
|
}
|
|
|
|
export function buildResponseSigningInput(
|
|
fields: ResponseSigningFields,
|
|
): Uint8Array {
|
|
const parts: number[] = [];
|
|
appendLengthPrefixedString(parts, RESPONSE_DOMAIN_MARKER_V1);
|
|
appendLengthPrefixedString(parts, fields.protocolVersion);
|
|
appendLengthPrefixedString(parts, fields.requestId);
|
|
appendBigEndianUint64(parts, fields.timestampMs);
|
|
appendLengthPrefixedString(parts, fields.resultCode);
|
|
appendLengthPrefixedBytes(parts, fields.payloadHash);
|
|
return new Uint8Array(parts);
|
|
}
|
|
|
|
function appendLengthPrefixedString(dst: number[], value: string): void {
|
|
const bytes = new TextEncoder().encode(value);
|
|
appendLengthPrefixedBytes(dst, bytes);
|
|
}
|
|
|
|
function appendLengthPrefixedBytes(dst: number[], value: Uint8Array): void {
|
|
appendUvarint(dst, BigInt(value.length));
|
|
for (let i = 0; i < value.length; i++) {
|
|
dst.push(value[i]!);
|
|
}
|
|
}
|
|
|
|
function appendUvarint(dst: number[], value: bigint): void {
|
|
let v = value;
|
|
while (v >= 0x80n) {
|
|
dst.push(Number(v & 0xffn) | 0x80);
|
|
v >>= 7n;
|
|
}
|
|
dst.push(Number(v & 0xffn));
|
|
}
|
|
|
|
function appendBigEndianUint64(dst: number[], value: bigint): void {
|
|
const v = value & 0xffffffffffffffffn;
|
|
for (let i = 7; i >= 0; i--) {
|
|
dst.push(Number((v >> BigInt(i * 8)) & 0xffn));
|
|
}
|
|
}
|