-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: trigger content claims from piece cid #230
feat: trigger content claims from piece cid #230
Conversation
6c34000
to
3df02f1
Compare
3df02f1
to
607fa87
Compare
test/integration.test.js
Outdated
@@ -114,7 +114,7 @@ test('authorizations can be blocked by email or domain', async t => { | |||
}) | |||
|
|||
// Integration test for all flow from uploading a file to Kinesis events consumers and replicator | |||
test('w3infra integration flow', async t => { | |||
test.skip('w3infra integration flow', async t => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
todo once dep available
filecoin/package.json
Outdated
"@ucanto/principal": "^8.1.0", | ||
"@ucanto/transport": "^8.0.0", | ||
"@web3-storage/content-claims": "^3.0.1", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
607fa87
to
0ad12d8
Compare
View stack outputs
|
did: aggregatorDid, | ||
url: aggregatorUrl |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
did: aggregatorDid, | |
url: aggregatorUrl | |
did: contentClaimsDid, | |
url: contentClaimsUrl |
claimsInvocationConfig: /** @type {import('../types').ClaimsInvocationConfig} */ ({ | ||
issuer, | ||
audience: claimsServiceConnection.id, | ||
with: issuer.did(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You either need to use the claims service private key or delegate assert/equals
to this issuer from the claims service (and include it as a proof).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added private key as secret as we talked
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code changes LGTM 🚀
Generated by [@ucanto/principal `EdSigner`](https://github.com/web3-storage/ucanto) via [`ucan-key`](https://www.npmjs.com/package/ucan-key) | ||
|
||
_Example:_ `MgCZG7EvaA...1pX9as=` | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One thing I did when integrating claims with the current web3.storage API was allow a proof to be passed.
You need to sign a UCAN with a private key and provide proof that you have the capability. When the private key is the private key of the content claims service no proof is needed (you are self signing). When it's a different private key you need to have a delagation for assert/equals
as proof.
By allowing a proof to be passed you enable both cases. It just means we can switch to the latter case in the future without code changes.
Not blocking...but should be easy to implement:
Co-authored-by: Alan Shaw <[email protected]>
a3f4d8c
to
a8b24c5
Compare
Written content claims to staging 🎉
|
Needs: