feat!: implement new account-based multi-device flow #433
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gobengo
reviewed
Feb 10, 2023
gobengo
reviewed
Feb 25, 2023
I think we'll want to make higher level combinations of these at some point, but this translates the various operations from @Bengo's observable (https://observablehq.com/d/95bfec64fbb3c2d1) into functions that clients can use
gobengo
reviewed
Mar 10, 2023
2 tasks
travis
reviewed
Mar 13, 2023
gobengo
reviewed
Mar 13, 2023
Motivation: * there weren't any tests that test access-api + access-client agent, so this adds a stub for one * it includes a lot of type adjustments that should make it easier to write more tests in followup * specifically it removed some old types I had tried to make when testing access delegate. I added a new `ServiceInvoke` type that is better than the ones I had made before. This is useful for making an 'invoke' function that will handle a subset of the caps available on `Service` but expect the same success/fail types as Service
1) save session principal in agent data 2) delegate more permissions from space to account (I think this is working?) 3) add newCreateSpace that can be renamed to get this working with the cli I haven't tested actual space uploads yet, but moving on to that next!
gobengo
reviewed
Mar 14, 2023
… registerSpaces + validate-email handler (#530) Previously a lot of logic to handle `access/confirm` was in the `validate-email` flow, since that is the most common place we'd receive that invocation (after clicking email sent by `access/authorize` handler). However, this logic can be expressed as a `ServiceMethod` on invocation of `access/confirm`, and validate-email can call that. This allows us to also self-issue `access/confirm` in some tests, e.g. in ucanto-test-utils `registerSpaces` and send it to our service to handle, which is only enabled when node env is TEST for now. Benefits: * wherever we use ucanto-test-utils `registerSpaces`, we'll be accurately testing the `access/confirm` + `provider/add` flow (not old/deprecated `voucher/redeem`) --------- Co-authored-by: Travis Vachon <travis@dag.house>
Gozala
reviewed
Mar 14, 2023
1) use new allows method from a ucanto branch to do so 2) throw errors in new space create flow if we adding a provider or delegating access fails 3) claim delegations after authorizing
Gozala
reviewed
Mar 14, 2023
This reverts commit 78cb8bf.
gobengo
reviewed
Mar 14, 2023
travis
approved these changes
Mar 17, 2023
This was referenced Mar 17, 2023
travis
pushed a commit
that referenced
this pull request
Mar 20, 2023
🤖 I have created a release *beep* *boop* --- ## [4.0.0](capabilities-v3.2.0...capabilities-v4.0.0) (2023-03-17) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([b1bbc90](b1bbc90)) * implement new account-based multi-device flow ([#433](#433)) ([1ddc6a0](1ddc6a0)) * provision provider type is now the DID of the w3s service ([#528](#528)) ([6a72855](6a72855)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
travis
pushed a commit
that referenced
this pull request
Mar 20, 2023
🤖 I have created a release *beep* *boop* --- ## [11.0.0-rc.0](access-v10.0.0...access-v11.0.0-rc.0) (2023-03-20) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([b1bbc90](b1bbc90)) * implement new account-based multi-device flow ([#433](#433)) ([1ddc6a0](1ddc6a0)) * move validation flow to a Durable Object to make it ⏩ fast ⏩ fast ⏩ fast ⏩ ([#449](#449)) ([02d7552](02d7552)) * space/info will not error for spaces that have had storage provider added via provider/add ([#510](#510)) ([ea4e872](ea4e872)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([be4386d](be4386d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
This was referenced Mar 21, 2023
alanshaw
pushed a commit
that referenced
this pull request
Mar 23, 2023
🤖 I have created a release *beep* *boop* --- ## [8.0.0](upload-client-v7.0.0...upload-client-v8.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * add HAMT sharded directories support ([#536](#536)) ([8d98025](8d98025)) * implement new account-based multi-device flow ([#433](#433)) ([1ddc6a0](1ddc6a0)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([be4386d](be4386d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
alanshaw
pushed a commit
that referenced
this pull request
Mar 23, 2023
🤖 I have created a release *beep* *boop* --- ## [2.0.0](upload-api-v1.0.4...upload-api-v2.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * ucan bucket is not part of upload-api but rather ucan-api * implement new account-based multi-device flow ([#433](#433)) ### Features * implement new account-based multi-device flow ([#433](#433)) ([1ddc6a0](1ddc6a0)) ### Bug Fixes * remove ucan bucket interface ([#594](#594)) ([52cf7c1](52cf7c1)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([be4386d](be4386d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: Alan Shaw <alan.shaw@protocol.ai>
alanshaw
pushed a commit
that referenced
this pull request
Mar 23, 2023
🤖 I have created a release *beep* *boop* --- ## [5.0.0](access-api-v4.11.0...access-api-v5.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) * upgrade capabilities to latest ucanto ([#463](#463)) ### Features * access-api handles provider/add invocations ([#462](#462)) ([5fb56f7](5fb56f7)) * access-api serves access/claim invocations ([#456](#456)) ([baacf35](baacf35)) * access/authorize confirmation email click results in a delegation back to the issuer did:key so that access/claim works ([#460](#460)) ([a466a7d](a466a7d)) * allow multiple providers ([#595](#595)) ([96c5a2e](96c5a2e)) * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([b1bbc90](b1bbc90)) * handle access/delegate invocations without error ([#427](#427)) ([4f0bd1c](4f0bd1c)) * if POST /validate-email?mode=authorize catches error w/ too big qr code ([#516](#516)) ([d0df525](d0df525)) * implement new account-based multi-device flow ([#433](#433)) ([1ddc6a0](1ddc6a0)) * includes proofs chains in the delegated authorization chain ([#467](#467)) ([5144293](5144293)) * move access-api delegation bytes out of d1 and into r2 ([#578](#578)) ([4510c9a](4510c9a)) * move validation flow to a Durable Object to make it ⏩ fast ⏩ fast ⏩ fast ⏩ ([#449](#449)) ([02d7552](02d7552)) * provision provider type is now the DID of the w3s service ([#528](#528)) ([6a72855](6a72855)) * space/info will not error for spaces that have had storage provider added via provider/add ([#510](#510)) ([ea4e872](ea4e872)) * upgrade capabilities to latest ucanto ([#463](#463)) ([2d786ee](2d786ee)) * upgrade to new ucanto ([#498](#498)) ([dcb41a9](dcb41a9)) * write invocations and receipts into ucan log ([#592](#592)) ([754bf52](754bf52)) ### Bug Fixes * access/delegate checks hasStorageProvider(space) in a way that provider/add allows access/delegate ([#483](#483)) ([f4c640d](f4c640d)) * adjust migration 0005 to keep delegations table but create new used delegations_v2 ([#469](#469)) ([a205ad1](a205ad1)) * adjust migration 0005 to not do a drop table and instead rename delegations -> delegations_old and create a new delegations ([#468](#468)) ([6c8242d](6c8242d)) * allow injecting email ([#466](#466)) ([e19847f](e19847f)) * DbDelegationsStorage#find throws UnexpectedDelegation w/ { row } if failed bytesToDelegations ([#476](#476)) ([a6dafcb](a6dafcb)) * DbProvisionsStorage putMany doesnt error on cid col conflict ([#517](#517)) ([c1fea63](c1fea63)) * delegations model tries to handle if row.bytes is Array not Buffer (e.g. cloudflare) ([#478](#478)) ([030e7b7](030e7b7)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([be4386d](be4386d)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
gobengo
added a commit
that referenced
this pull request
Apr 11, 2023
With this PR we're able to use two different devices on behalf of a single account identified by an email address. An agent (ie, a device like w3console or w3cli) can now: 1) use `access/authorize` to trigger an email verification flow that will give them delegations to act on behalf of an account 2) create a space locally 3) add a storage provider to that space with `provider/add` 4) delegate capabilities to the account they are authorized as that permit the account to delegate all capabilities on those spaces to other agents - in other words, create spaces and assign all "permissions" on those spaces to their account 5) upload data to the space A second agent (ie, another device) can then: 1) use `access/authorize` to trigger an email verification flow that will give them delegations to act on behalf of the same account 2) get a list of spaces they can store data in, which includes the space created on the first device 3) upload data to the space This PR also contains various refactoring of the `Agent` class to minimize its responsibilities and move in the direction of letting user agents take responsibility for state storage. refs #395 * [x] setup tests for access-client agent + access-api * [x] simple test agent createSpace * [x] @gobengo test agent authorize happy path #535 * [x] @gobengo upgrade to ucanto 6.2 #541 * [x] @travis ensure what's proposed here can work in w3up-client, w3ui, w3console * [x] upgrade this branch to `@ucanto/transport@5.1.1` after storacha/ucanto#261 * [x] minimize new public api surface area on access-client Agent * [x] (e.g. `sessionProof`) https://github.com/web3-storage/w3protocol/pull/545/files * [x] `sessionPrincipal` #546 * [x] review comments * [x] `authorize` should access/claim `with=did:mailto:...` https://github.com/web3-storage/w3protocol/pull/556/files# --------- Co-authored-by: Travis Vachon <travis.vachon@gmail.com> Co-authored-by: Benjamin Goering <171782+gobengo@users.noreply.github.com> Co-authored-by: Irakli Gozalishvili <contact@gozala.io>
gobengo
pushed a commit
that referenced
this pull request
Apr 11, 2023
🤖 I have created a release *beep* *boop* --- ## [4.0.0](capabilities-v3.2.0...capabilities-v4.0.0) (2023-03-17) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([a08b513](a08b513)) * implement new account-based multi-device flow ([#433](#433)) ([6152e55](6152e55)) * provision provider type is now the DID of the w3s service ([#528](#528)) ([4cd6cd9](4cd6cd9)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
gobengo
pushed a commit
that referenced
this pull request
Apr 11, 2023
🤖 I have created a release *beep* *boop* --- ## [11.0.0-rc.0](access-v10.0.0...access-v11.0.0-rc.0) (2023-03-20) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([a08b513](a08b513)) * implement new account-based multi-device flow ([#433](#433)) ([6152e55](6152e55)) * move validation flow to a Durable Object to make it ⏩ fast ⏩ fast ⏩ fast ⏩ ([#449](#449)) ([3868d97](3868d97)) * space/info will not error for spaces that have had storage provider added via provider/add ([#510](#510)) ([362024f](362024f)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([29daa02](29daa02)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
gobengo
pushed a commit
that referenced
this pull request
Apr 11, 2023
🤖 I have created a release *beep* *boop* --- ## [8.0.0](upload-client-v7.0.0...upload-client-v8.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) ### Features * add HAMT sharded directories support ([#536](#536)) ([346b050](346b050)) * implement new account-based multi-device flow ([#433](#433)) ([6152e55](6152e55)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([29daa02](29daa02)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
gobengo
pushed a commit
that referenced
this pull request
Apr 11, 2023
🤖 I have created a release *beep* *boop* --- ## [2.0.0](upload-api-v1.0.4...upload-api-v2.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * ucan bucket is not part of upload-api but rather ucan-api * implement new account-based multi-device flow ([#433](#433)) ### Features * implement new account-based multi-device flow ([#433](#433)) ([6152e55](6152e55)) ### Bug Fixes * remove ucan bucket interface ([#594](#594)) ([fa9504b](fa9504b)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([29daa02](29daa02)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: Alan Shaw <alan.shaw@protocol.ai>
gobengo
pushed a commit
that referenced
this pull request
Apr 11, 2023
🤖 I have created a release *beep* *boop* --- ## [5.0.0](access-api-v4.11.0...access-api-v5.0.0) (2023-03-23) ### ⚠ BREAKING CHANGES * implement new account-based multi-device flow ([#433](#433)) * upgrade capabilities to latest ucanto ([#463](#463)) ### Features * access-api handles provider/add invocations ([#462](#462)) ([46da0df](46da0df)) * access-api serves access/claim invocations ([#456](#456)) ([2ec16e9](2ec16e9)) * access/authorize confirmation email click results in a delegation back to the issuer did:key so that access/claim works ([#460](#460)) ([fc62691](fc62691)) * allow multiple providers ([#595](#595)) ([aba57b3](aba57b3)) * define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](#530)) ([a08b513](a08b513)) * handle access/delegate invocations without error ([#427](#427)) ([db01d07](db01d07)) * if POST /validate-email?mode=authorize catches error w/ too big qr code ([#516](#516)) ([ab83b19](ab83b19)) * implement new account-based multi-device flow ([#433](#433)) ([6152e55](6152e55)) * includes proofs chains in the delegated authorization chain ([#467](#467)) ([743a72f](743a72f)) * move access-api delegation bytes out of d1 and into r2 ([#578](#578)) ([3029e4a](3029e4a)) * move validation flow to a Durable Object to make it ⏩ fast ⏩ fast ⏩ fast ⏩ ([#449](#449)) ([3868d97](3868d97)) * provision provider type is now the DID of the w3s service ([#528](#528)) ([4cd6cd9](4cd6cd9)) * space/info will not error for spaces that have had storage provider added via provider/add ([#510](#510)) ([362024f](362024f)) * upgrade capabilities to latest ucanto ([#463](#463)) ([e375ae4](e375ae4)) * upgrade to new ucanto ([#498](#498)) ([790750d](790750d)) * write invocations and receipts into ucan log ([#592](#592)) ([d52a281](d52a281)) ### Bug Fixes * access/delegate checks hasStorageProvider(space) in a way that provider/add allows access/delegate ([#483](#483)) ([1d3d562](1d3d562)) * adjust migration 0005 to keep delegations table but create new used delegations_v2 ([#469](#469)) ([d90825a](d90825a)) * adjust migration 0005 to not do a drop table and instead rename delegations -> delegations_old and create a new delegations ([#468](#468)) ([89f2acd](89f2acd)) * allow injecting email ([#466](#466)) ([b4b0173](b4b0173)) * DbDelegationsStorage#find throws UnexpectedDelegation w/ { row } if failed bytesToDelegations ([#476](#476)) ([660f773](660f773)) * DbProvisionsStorage putMany doesnt error on cid col conflict ([#517](#517)) ([8c6dea8](8c6dea8)) * delegations model tries to handle if row.bytes is Array not Buffer (e.g. cloudflare) ([#478](#478)) ([02c0c28](02c0c28)) ### Miscellaneous Chores * **access-client:** release 11.0.0-rc.0 ([#573](#573)) ([29daa02](29daa02)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Peeja
added a commit
that referenced
this pull request
Oct 4, 2024
This was deprecated in #433, but it's still what we use, and no clear migration path was given.
Peeja
added a commit
that referenced
this pull request
Oct 4, 2024
This was deprecated in #433, but it's still what we use, and no clear migration path was given.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
With this PR we're able to use two different devices on behalf of a single account identified by an email address.
An agent (ie, a device like w3console or w3cli) can now:
access/authorizeto trigger an email verification flow that will give them delegations to act on behalf of an accountprovider/addA second agent (ie, another device) can then:
access/authorizeto trigger an email verification flow that will give them delegations to act on behalf of the same accountThis PR also contains various refactoring of the
Agentclass to minimize its responsibilities and move in the direction of letting user agents take responsibility for state storage.refs #395
@ucanto/transport@5.1.1after @ucanto/transport 5.1.0 error bundling for browser (not present in 5.0.0) ucanto#261sessionProof) https://github.com/web3-storage/w3protocol/pull/545/filessessionPrincipalfix: rm mention of 'sessionPrincipal' from agent and agent-data #546authorizeshould access/claimwith=did:mailto:...https://github.com/web3-storage/w3protocol/pull/556/files#