feat!: content serve authorization #1590
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fforbeck
force-pushed
the
feat/gateway-authorization
branch
2 times, most recently
from
b98e723 to
5d8ba9b
Compare
2 tasks
alanshaw
requested changes
Nov 27, 2024
Peeja
requested changes
Nov 27, 2024
Peeja
previously requested changes
Nov 29, 2024
fforbeck
force-pushed
the
feat/gateway-authorization
branch
from
9984a07 to
7a395a9
Compare
alanshaw
requested changes
Nov 29, 2024
fforbeck
force-pushed
the
feat/gateway-authorization
branch
2 times, most recently
from
e0fb6fb to
d533b7a
Compare
fforbeck
force-pushed
the
feat/gateway-authorization
branch
from
d533b7a to
5f414b0
Compare
fforbeck
commented
Dec 2, 2024
| @@ -13,13 +13,15 @@ export const provide = (ctx) => | |||
|
|
|||
| /** | |||
| * Checks if the given Principal is an Account. | |||
| * | |||
fforbeck
commented
Dec 2, 2024
| * @param {API.Principal} principal | ||
| * @returns {principal is API.Principal<API.DID<'mailto'>>} | ||
| */ | ||
| const isAccount = (principal) => principal.did().startsWith('did:mailto:') | ||
|
|
||
| /** | ||
| * Returns true when the delegation has a `ucan:*` capability. | ||
| * |
fforbeck
commented
Dec 2, 2024
| * @param {Agent<S>} agent | ||
| * @param {Types.Invocation} invocation |
alanshaw
approved these changes
Dec 2, 2024
fforbeck
force-pushed
the
feat/gateway-authorization
branch
from
990df46 to
8ab9792
Compare
This was referenced Nov 29, 2024
fforbeck
pushed a commit
that referenced
this pull request
Dec 9, 2024
🤖 I have created a release *beep* *boop* --- ## [18.0.0](capabilities-v17.4.1...capabilities-v18.0.0) (2024-12-05) ### ⚠ BREAKING CHANGES * content serve authorization ([#1590](#1590)) ### Features * content serve authorization ([#1590](#1590)) ([8b553a5](8b553a5)) ### Fixes * **egressRecord:** Remove unnecessary multiplication for ts conversion ([#1588](#1588)) ([b7bc90e](b7bc90e)) ### Other Changes * **main:** release w3up-client 16.4.1 ([#1577](#1577)) ([1482d69](1482d69)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
fforbeck
pushed a commit
that referenced
this pull request
Dec 9, 2024
🤖 I have created a release *beep* *boop* --- ## [8.0.0](filecoin-api-v7.3.2...filecoin-api-v8.0.0) (2024-12-09) ### ⚠ BREAKING CHANGES * content serve authorization ([#1590](#1590)) ### Features * content serve authorization ([#1590](#1590)) ([8b553a5](8b553a5)) ### Other Changes * **main:** release w3up-client 16.4.1 ([#1577](#1577)) ([1482d69](1482d69)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
fforbeck
pushed a commit
that referenced
this pull request
Dec 9, 2024
🤖 I have created a release *beep* *boop* --- ## [19.0.0](upload-api-v18.1.4...upload-api-v19.0.0) (2024-12-09) ### ⚠ BREAKING CHANGES * content serve authorization ([#1590](#1590)) ### Features * content serve authorization ([#1590](#1590)) ([8b553a5](8b553a5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
fforbeck
pushed a commit
that referenced
this pull request
Dec 9, 2024
🤖 I have created a release *beep* *boop* --- ## [17.0.0](w3up-client-v16.5.2...w3up-client-v17.0.0) (2024-12-09) ### ⚠ BREAKING CHANGES * content serve authorization ([#1590](#1590)) ### Features * content serve authorization ([#1590](#1590)) ([8b553a5](8b553a5)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Do you have any documentation / getting started example for this new behavior? |
This was referenced Dec 10, 2024
Not yet @juliangruber . This functionality will align with other ongoing changes, like this issue. Once those are finalized, the documentation will be updated with all the necessary details to explain the new behavior. |
|
Got it, thanks. For now we shouldn't upgrade to that version, correct? |
That's correct. If you keep your |
fforbeck
added a commit
to storacha/upload-service
that referenced
this pull request
Dec 11, 2024
To enable a gateway to serve content from a specific space, we must ensure that the space owner delegates the `space/content/serve/*` capability to the Gateway. This delegation allows the Gateway to serve content and log egress events appropriately. I created a new function `authorizeContentServe` for this implementation and included it in the `createSpace` flow. This is a breaking change because now the user is forced to provide the DIDs of the Content Serve services, and the connection, or skip the authorization flow. Additionally, with the `authorizeContentServe` function, we can implement a feature in the Console App that enables users to explicitly authorize the Freeway Gateway to serve content from existing/legacy spaces. - **New Functionality:** Added a new function, `authorizeContentServe`, in the `w3up-client` module to facilitate the delegation process. Integrated it with the `createdSpace` flow. - **Testing:** Introduced test cases to verify the authorization of specified gateways. - **Fixes:** Resolved issues with previously broken test cases (Egress Record). - storacha/project-tracking#158 - storacha/project-tracking#160
fforbeck
added a commit
to storacha/upload-service
that referenced
this pull request
Dec 11, 2024
To enable a gateway to serve content from a specific space, we must ensure that the space owner delegates the `space/content/serve/*` capability to the Gateway. This delegation allows the Gateway to serve content and log egress events appropriately. I created a new function `authorizeContentServe` for this implementation and included it in the `createSpace` flow. This is a breaking change because now the user is forced to provide the DIDs of the Content Serve services, and the connection, or skip the authorization flow. Additionally, with the `authorizeContentServe` function, we can implement a feature in the Console App that enables users to explicitly authorize the Freeway Gateway to serve content from existing/legacy spaces. - **New Functionality:** Added a new function, `authorizeContentServe`, in the `w3up-client` module to facilitate the delegation process. Integrated it with the `createdSpace` flow. - **Testing:** Introduced test cases to verify the authorization of specified gateways. - **Fixes:** Resolved issues with previously broken test cases (Egress Record). - storacha/project-tracking#158 - storacha/project-tracking#160
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
To enable a gateway to serve content from a specific space, we must ensure that the space owner delegates the
space/content/serve/*capability to the Gateway. This delegation allows the Gateway to serve content and log egress events appropriately.I created a new function
authorizeContentServefor this implementation and included it in thecreateSpaceflow. This is a breaking change because now the user is forced to provide the DIDs of the Content Serve services, and the connection, or skip the authorization flow.Additionally, with the
authorizeContentServefunction, we can implement a feature in the Console App that enables users to explicitly authorize the Freeway Gateway to serve content from existing/legacy spaces.Main Changes
authorizeContentServe, in thew3up-clientmodule to facilitate the delegation process. Integrated it with thecreatedSpaceflow.Related Issues
space/content/serveSpaces by default project-tracking#158space/content/serve/*delegations project-tracking#160