feat: added tests for startup network join behaviour

aryanjassal · aryanjassal · commit 1760ab53c2d9 · 2025-07-21T15:56:34.000+10:00
diff --git a/jest.config.mjs b/jest.config.mjs
@@ -1,6 +1,6 @@
 import path from 'node:path';
 import url from 'node:url';
-import tsconfigJSON from './tsconfig.json' assert { type: "json" };
+import tsconfigJSON from './tsconfig.json' with { type: "json" };
 
 const projectPath = path.dirname(url.fileURLToPath(import.meta.url));
 
diff --git a/src/nodes/NodeManager.ts b/src/nodes/NodeManager.ts
@@ -301,9 +301,9 @@ class NodeManager<Manifest extends AgentClientManifestNodeManager> {
     if (ctx.signal.aborted) return;
 
     if (network != null) {
-      try {
+      if (this.getClaimNetworkAccess(network) == null) {
         await this.claimNetwork(successfulConnections[0].value.nodeId, network);
-      } catch {
+      } else {
         await this.switchNetwork(network);
       }
     }
@@ -1757,7 +1757,7 @@ class NodeManager<Manifest extends AgentClientManifestNodeManager> {
   /**
    * This returns the `ClaimNetworkAccess` for the given network.
    */
-  protected async getClaimNetworkAccess(
+  public async getClaimNetworkAccess(
     network: string,
     tran?: DBTransaction,
   ): Promise<Token<ClaimNetworkAccess> | undefined> {
diff --git a/src/nodes/agent/handlers/NodesSyncGraph.ts b/src/nodes/agent/handlers/NodesSyncGraph.ts
@@ -0,0 +1,41 @@
+import type { ContextTimed } from '@matrixai/contexts';
+import type { JSONValue } from '@matrixai/rpc';
+import type NodeManager from '../../NodeManager.js';
+import type {
+  AgentRPCRequestParams,
+  AgentRPCResponseResult,
+  NodesSyncGraphMessage,
+} from '../types.js';
+import type { AgentClientManifest } from '../callers/index.js';
+import { UnaryHandler } from '@matrixai/rpc';
+
+class NodesSyncGraph extends UnaryHandler<
+  {
+    nodeManager: NodeManager<AgentClientManifest>;
+  },
+  AgentRPCRequestParams<NodesSyncGraphMessage>,
+  AgentRPCResponseResult
+> {
+  public handle = async (
+    input: AgentRPCRequestParams<NodesSyncGraphMessage>,
+    _cancel: (reason?: any) => void,
+    _meta: Record<string, JSONValue> | undefined,
+    ctx: ContextTimed,
+  ): Promise<AgentRPCResponseResult> => {
+    const {
+      nodeManager,
+    }: {
+      nodeManager: NodeManager<AgentClientManifest>;
+    } = this.container;
+    await nodeManager.syncNodeGraph(
+      input.network,
+      input.initialNodes,
+      input.connectionTimeout,
+      true,
+      ctx,
+    );
+    return {};
+  };
+}
+
+export default NodesSyncGraph;
diff --git a/src/nodes/agent/types.ts b/src/nodes/agent/types.ts
@@ -13,7 +13,12 @@ import type {
 import type { VaultAction, VaultName } from '../../vaults/types.js';
 import type { SignedNotification } from '../../notifications/types.js';
 import type { Host, Hostname, Port } from '../../network/types.js';
-import type { NetworkId, NodeContact } from '../../nodes/types.js';
+import type {
+  NetworkId,
+  NodeContact,
+  NodeId,
+  NodeAddress,
+} from '../../nodes/types.js';
 import type { AuditEvent } from '../../audit/types.js';
 import type { SignedClaimEncoded } from '../../claims/types.js';
 
@@ -125,6 +130,12 @@ type NodesAuthenticateConnectionMessageNone = {
   type: 'NodesAuthenticateConnectionMessageNone';
 };
 
+type NodesSyncGraphMessage = {
+  network: string;
+  initialNodes: Array<[NodeId, NodeAddress]>;
+  connectionTimeout: number;
+};
+
 export type {
   AgentRPCRequestParams,
   AgentRPCResponseResult,
@@ -147,4 +158,5 @@ export type {
   NodesAuthenticateConnectionMessagePrivate,
   NodesAuthenticateConnectionMessageBasicPublic,
   NodesAuthenticateConnectionMessageNone,
+  NodesSyncGraphMessage,
 };
diff --git a/tests/nodes/NodeManager.test.ts b/tests/nodes/NodeManager.test.ts
@@ -2967,11 +2967,146 @@ describe(`${NodeManager.name}`, () => {
         node1.nodeManager.claimNetwork(seedNodeId, network),
       ).rejects.toThrow(claimsErrors.ErrorEmptyStream);
     });
-    // verify the claim exists
-    test.todo(
-      'node should automatically request NetworkAccessClaim if it does not exist',
-    );
-    // verify the claim is unmodified
-    test.todo('node should not request new NetworkAccessClaim if it exist');
+    test('node should automatically request a claim if it does not exist', async () => {
+      // Creating network credentials
+      const networkKeyPair = keysUtils.generateKeyPair();
+      const networkNodeId = keysUtils.publicKeyToNodeId(
+        networkKeyPair.publicKey,
+      );
+      const network = 'public.network.com';
+
+      // Setting up seed nodes claims
+      const seedNode = await createPeerNode();
+      const [, seedNodeClaimNetworkAuthority] =
+        await seedNode.nodeManager.createClaimNetworkAuthority(
+          networkNodeId,
+          network,
+          false,
+          async (claim) => {
+            claim.signWithPrivateKey(networkKeyPair.privateKey);
+            return claim;
+          },
+        );
+      await seedNode.nodeManager.createSelfSignedClaimNetworkAccess(
+        seedNodeClaimNetworkAuthority,
+      );
+      const seedNodeId = seedNode.keyRing.getNodeId();
+
+      // Setting up the new node entering the network
+      const node1 = await createPeerNode();
+      // We intentionally do not claim the network manually
+      const node1Id = node1.keyRing.getNodeId();
+      await allowNodeToJoin(seedNode.gestaltGraph, node1Id);
+      // Connect to the seed node
+      await node1.nodeConnectionManager.createConnection(
+        [seedNodeId],
+        localHost,
+        seedNode.nodeConnectionManager.port,
+      );
+
+      await node1.nodeManager.syncNodeGraph(
+        network,
+        [
+          [
+            seedNode.keyRing.getNodeId(),
+            [localHost, seedNode.nodeConnectionManager.port],
+          ],
+        ],
+        1000,
+        true,
+      );
+
+      // We have now proved that a node can request access to the network from a node with network authority.
+      // Now We should be able to connect while authenticated to the seed node.
+
+      // Re-initiate authentication
+      await seedNode.nodeConnectionManager.destroyConnection(node1Id, true);
+      await node1.nodeConnectionManager.destroyConnection(seedNodeId, true);
+      await node1.nodeConnectionManager.createConnection(
+        [seedNodeId],
+        localHost,
+        seedNode.nodeConnectionManager.port,
+      );
+
+      const networkAccess =
+        await node1.nodeManager.getClaimNetworkAccess(network);
+      if (networkAccess == null) {
+        throw new Error('network access claim not found');
+      }
+      claimNetworkAccessUtils.verifyClaimNetworkAccess(
+        networkNodeId,
+        node1Id,
+        network,
+        networkAccess,
+      );
+
+      await node1.nodeManager.withConnF(seedNodeId, undefined, async () => {
+        // Do nothing
+      });
+    });
+    test('node should not request new claim if it already exists', async () => {
+      // Creating network credentials
+      const networkKeyPair = keysUtils.generateKeyPair();
+      const networkNodeId = keysUtils.publicKeyToNodeId(
+        networkKeyPair.publicKey,
+      );
+      const network = 'test.network.com';
+
+      // Setting up seed nodes claims
+      const seedNode = await createPeerNode();
+      const [, seedNodeClaimNetworkAuthority] =
+        await seedNode.nodeManager.createClaimNetworkAuthority(
+          networkNodeId,
+          network,
+          true,
+          async (claim) => {
+            claim.signWithPrivateKey(networkKeyPair.privateKey);
+            return claim;
+          },
+        );
+      await seedNode.nodeManager.createSelfSignedClaimNetworkAccess(
+        seedNodeClaimNetworkAuthority,
+      );
+      const seedNodeId = seedNode.keyRing.getNodeId();
+
+      // Setting up the new node entering the network
+      const node1 = await createPeerNode();
+
+      const node1Id = node1.keyRing.getNodeId();
+      await allowNodeToJoin(seedNode.gestaltGraph, node1Id);
+
+      // Connect to the seednode
+      await node1.nodeConnectionManager.createConnection(
+        [seedNodeId],
+        localHost,
+        seedNode.nodeConnectionManager.port,
+      );
+
+      // Create a network access claim
+      await node1.nodeManager.claimNetwork(seedNodeId, network);
+
+      // Re-initiate authentication
+      await seedNode.nodeConnectionManager.destroyConnection(node1Id, true);
+      await node1.nodeConnectionManager.destroyConnection(seedNodeId, true);
+      await node1.nodeConnectionManager.createConnection(
+        [seedNodeId],
+        localHost,
+        seedNode.nodeConnectionManager.port,
+      );
+
+      // Check the claim once we have re-authenticated
+      const token1 = await node1.nodeManager.getClaimNetworkAccess(network);
+      if (token1 == null) throw new Error('network access claim not found');
+      const token1Id = token1.payload.jti;
+
+      // Try claiming again
+      await expect(node1.nodeManager.claimNetwork(seedNodeId, network)).toReject();
+
+      // The token should not have changed
+      const token2 = await node1.nodeManager.getClaimNetworkAccess(network);
+      if (token2 == null) throw new Error('network access claim not found');
+      const token2Id = token2.payload.jti;
+      expect(token1Id).toBe(token2Id);
+    });
   });
 });
