-
Notifications
You must be signed in to change notification settings - Fork 7
/
bridge.js
66 lines (57 loc) · 1.74 KB
/
bridge.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import * as DID from '@ipld/dag-ucan/did'
import * as Account from './account.js'
import * as Space from './space.js'
import { getClient } from './lib.js'
import * as ucanto from '@ucanto/core'
import { base64url } from 'multiformats/bases/base64'
import cryptoRandomString from 'crypto-random-string'
export { Account, Space }
/**
* @typedef {object} BridgeGenerateTokensOptions
* @property {string} resource
* @property {string[]|string} [can]
* @property {number} [expiration]
* @property {boolean} [json]
*
* @param {string} resource
* @param {BridgeGenerateTokensOptions} options
*/
export const generateTokens = async (
resource,
{ can = ['store/add', 'upload/add'], expiration, json }
) => {
const client = await getClient()
const resourceDID = DID.parse(resource)
const abilities = can ? [can].flat() : []
if (!abilities.length) {
console.error('Error: missing capabilities for delegation')
process.exit(1)
}
const capabilities = /** @type {ucanto.API.Capabilities} */ (
abilities.map((can) => ({ can, with: resourceDID.did() }))
)
const password = cryptoRandomString({ length: 32 })
const coupon = await client.coupon.issue({
capabilities,
expiration: expiration === 0 ? Infinity : expiration,
password,
})
const { ok: bytes, error } = await coupon.archive()
if (!bytes) {
console.error(error)
return process.exit(1)
}
const xAuthSecret = base64url.encode(new TextEncoder().encode(password))
const authorization = base64url.encode(bytes)
if (json) {
console.log(JSON.stringify({
"X-Auth-Secret": xAuthSecret,
"Authorization": authorization
}))
} else {
console.log(`
X-Auth-Secret header: ${xAuthSecret}
Authorization header: ${authorization}
`)
}
}