feat: sign

Author: coodos

platforms/group-charter-manager-api/src/controllers/CharterSigningController.ts

@@ -0,0 +1,177 @@
+import { Request, Response } from "express";
+import { CharterSigningService } from "../services/CharterSigningService";
+
+export class CharterSigningController {
+    private signingService: CharterSigningService | null = null;
+
+    constructor() {
+        try {
+            this.signingService = new CharterSigningService();
+            console.log("CharterSigningController initialized successfully");
+        } catch (error) {
+            console.error("Failed to initialize CharterSigningService:", error);
+            this.signingService = null;
+        }
+    }
+
+    private ensureService(): CharterSigningService {
+        if (!this.signingService) {
+            throw new Error("CharterSigningService not initialized");
+        }
+        return this.signingService;
+    }
+
+    testConnection(): boolean {
+        if (!this.signingService) {
+            return false;
+        }
+        return this.signingService.testConnection();
+    }
+
+    // Create a new signing session for a charter
+    async createSigningSession(req: Request, res: Response) {
+        try {
+            const { groupId, charterData } = req.body;
+            const userId = (req as any).user?.id;
+
+            if (!groupId || !charterData || !userId) {
+                return res.status(400).json({ 
+                    error: "Missing required fields: groupId, charterData, or userId" 
+                });
+            }
+
+            const session = await this.ensureService().createSession(groupId, charterData, userId);
+            
+            res.json({
+                sessionId: session.sessionId,
+                qrData: session.qrData,
+                expiresAt: session.expiresAt
+            });
+        } catch (error) {
+            console.error("Error creating signing session:", error);
+            res.status(500).json({ error: "Failed to create signing session" });
+        }
+    }
+
+    // Get signing session status via SSE
+    async getSigningSessionStatus(req: Request, res: Response) {
+        try {
+            const { sessionId } = req.params;
+            
+            if (!sessionId) {
+                return res.status(400).json({ error: "Session ID is required" });
+            }
+
+            // Set up SSE headers
+            res.writeHead(200, {
+                'Content-Type': 'text/event-stream',
+                'Cache-Control': 'no-cache',
+                'Connection': 'keep-alive',
+                'Access-Control-Allow-Origin': '*',
+                'Access-Control-Allow-Headers': 'Cache-Control'
+            });
+
+            // Send initial status
+            const session = await this.ensureService().getSessionStatus(sessionId);
+            if (session) {
+                res.write(`data: ${JSON.stringify({ type: "status", status: session.status })}\n\n`);
+            }
+
+            // Poll for status changes
+            const interval = setInterval(async () => {
+                const session = await this.ensureService().getSessionStatus(sessionId);
+                
+                if (session) {
+                    if (session.status === "completed") {
+                        res.write(`data: ${JSON.stringify({ 
+                            type: "signed", 
+                            status: "completed",
+                            groupId: session.groupId
+                        })}\n\n`);
+                        clearInterval(interval);
+                        res.end();
+                    } else if (session.status === "expired") {
+                        res.write(`data: ${JSON.stringify({ type: "expired" })}\n\n`);
+                        clearInterval(interval);
+                        res.end();
+                    }
+                } else {
+                    res.write(`data: ${JSON.stringify({ type: "error", message: "Session not found" })}\n\n`);
+                    clearInterval(interval);
+                    res.end();
+                }
+            }, 1000);
+
+            // Clean up on client disconnect
+            req.on('close', () => {
+                clearInterval(interval);
+                res.end();
+            });
+
+        } catch (error) {
+            console.error("Error getting signing session status:", error);
+            res.status(500).json({ error: "Failed to get signing session status" });
+        }
+    }
+
+    // Handle signed payload callback from eID Wallet
+    async handleSignedPayload(req: Request, res: Response) {
+        try {
+            const { sessionId, signature, publicKey, message } = req.body;
+            
+            // Validate required fields
+            const missingFields = [];
+            if (!sessionId) missingFields.push('sessionId');
+            if (!signature) missingFields.push('signature');
+            if (!publicKey) missingFields.push('publicKey');
+            if (!message) missingFields.push('message');
+
+            if (missingFields.length > 0) {
+                return res.status(400).json({ 
+                    error: `Missing required fields: ${missingFields.join(', ')}` 
+                });
+            }
+
+            // Process the signed payload
+            const result = await this.ensureService().processSignedPayload(
+                sessionId,
+                signature,
+                publicKey,
+                message
+            );
+
+            res.json({
+                success: true,
+                message: "Signature verified and charter signed",
+                data: result
+            });
+
+        } catch (error) {
+            console.error("Error processing signed payload:", error);
+            res.status(500).json({ error: "Failed to process signed payload" });
+        }
+    }
+
+    // Get signing session by ID
+    async getSigningSession(req: Request, res: Response) {
+        try {
+            const { sessionId } = req.params;
+            
+            if (!sessionId) {
+                return res.status(400).json({ error: "Session ID is required" });
+            }
+
+            const session = await this.ensureService().getSession(sessionId);
+            
+            if (!session) {
+                return res.status(404).json({ error: "Session not found" });
+            }
+
+            res.json(session);
+
+        } catch (error) {
+            console.error("Error getting signing session:", error);
+            res.status(500).json({ error: "Failed to get signing session" });
+        }
+    }
+} 

platforms/group-charter-manager-api/src/database/entities/CharterSignature.ts

@@ -0,0 +1,49 @@
+import {
+    Entity,
+    CreateDateColumn,
+    UpdateDateColumn,
+    PrimaryGeneratedColumn,
+    Column,
+    ManyToOne,
+    JoinColumn,
+} from "typeorm";
+import { Group } from "./Group";
+import { User } from "./User";
+
+@Entity()
+export class CharterSignature {
+    @PrimaryGeneratedColumn("uuid")
+    id!: string;
+
+    @Column()
+    groupId!: string;
+
+    @Column()
+    userId!: string;
+
+    @Column({ type: "text" })
+    charterHash!: string; // Hash of the charter content to track versions
+
+    @Column({ type: "text" })
+    signature!: string; // Cryptographic signature
+
+    @Column({ type: "text" })
+    publicKey!: string; // User's public key
+
+    @Column({ type: "text" })
+    message!: string; // Original message that was signed
+
+    @ManyToOne(() => Group)
+    @JoinColumn({ name: "groupId" })
+    group!: Group;
+
+    @ManyToOne(() => User)
+    @JoinColumn({ name: "userId" })
+    user!: User;
+
+    @CreateDateColumn()
+    createdAt!: Date;
+
+    @UpdateDateColumn()
+    updatedAt!: Date;
+} 

platforms/group-charter-manager-api/src/database/migrations/1755598750354-migration.ts

@@ -0,0 +1,18 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class Migration1755598750354 implements MigrationInterface {
+    name = 'Migration1755598750354'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`CREATE TABLE "charter_signature" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "groupId" uuid NOT NULL, "userId" uuid NOT NULL, "charterHash" text NOT NULL, "signature" text NOT NULL, "publicKey" text NOT NULL, "message" text NOT NULL, "createdAt" TIMESTAMP NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP NOT NULL DEFAULT now(), CONSTRAINT "PK_d566749a8805a43c54ad028deef" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`ALTER TABLE "charter_signature" ADD CONSTRAINT "FK_e1f768c9d467cd20b0f45321626" FOREIGN KEY ("groupId") REFERENCES "group"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
+        await queryRunner.query(`ALTER TABLE "charter_signature" ADD CONSTRAINT "FK_fb0db27afde8d484139b66628fd" FOREIGN KEY ("userId") REFERENCES "users"("id") ON DELETE NO ACTION ON UPDATE NO ACTION`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "charter_signature" DROP CONSTRAINT "FK_fb0db27afde8d484139b66628fd"`);
+        await queryRunner.query(`ALTER TABLE "charter_signature" DROP CONSTRAINT "FK_e1f768c9d467cd20b0f45321626"`);
+        await queryRunner.query(`DROP TABLE "charter_signature"`);
+    }
+
+}

platforms/group-charter-manager-api/src/services/CharterSignatureService.ts

@@ -0,0 +1,133 @@
+import { AppDataSource } from "../database/data-source";
+import { CharterSignature } from "../database/entities/CharterSignature";
+import { Group } from "../database/entities/Group";
+import { User } from "../database/entities/User";
+import crypto from "crypto";
+
+export class CharterSignatureService {
+    private signatureRepository = AppDataSource.getRepository(CharterSignature);
+    private groupRepository = AppDataSource.getRepository(Group);
+    private userRepository = AppDataSource.getRepository(User);
+
+    // Create a hash of the charter content to track versions
+    createCharterHash(charterContent: string): string {
+        return crypto.createHash('sha256').update(charterContent).digest('hex');
+    }
+
+    // Record a new signature
+    async recordSignature(
+        groupId: string,
+        userId: string,
+        charterContent: string,
+        signature: string,
+        publicKey: string,
+        message: string
+    ): Promise<CharterSignature> {
+        const charterHash = this.createCharterHash(charterContent);
+        
+        const charterSignature = this.signatureRepository.create({
+            groupId,
+            userId,
+            charterHash,
+            signature,
+            publicKey,
+            message
+        });
+
+        return await this.signatureRepository.save(charterSignature);
+    }
+
+    // Get all signatures for a specific charter version
+    async getSignaturesForCharter(groupId: string, charterContent: string): Promise<CharterSignature[]> {
+        const charterHash = this.createCharterHash(charterContent);
+        
+        return await this.signatureRepository.find({
+            where: {
+                groupId,
+                charterHash
+            },
+            relations: ['user'],
+            order: {
+                createdAt: 'ASC'
+            }
+        });
+    }
+
+    // Get all signatures for a group (latest version)
+    async getLatestSignaturesForGroup(groupId: string): Promise<CharterSignature[]> {
+        const group = await this.groupRepository.findOne({
+            where: { id: groupId },
+            select: ['charter']
+        });
+
+        if (!group?.charter) {
+            return [];
+        }
+
+        return await this.getSignaturesForCharter(groupId, group.charter);
+    }
+
+    // Check if a user has signed the current charter version
+    async hasUserSignedCharter(groupId: string, userId: string, charterContent: string): Promise<boolean> {
+        const charterHash = this.createCharterHash(charterContent);
+        
+        const signature = await this.signatureRepository.findOne({
+            where: {
+                groupId,
+                userId,
+                charterHash
+            }
+        });
+
+        return !!signature;
+    }
+
+    // Get signing status for all participants in a group
+    async getGroupSigningStatus(groupId: string): Promise<{
+        participants: any[];
+        signatures: CharterSignature[];
+        charterHash: string;
+        isSigned: boolean;
+    }> {
+        const group = await this.groupRepository.findOne({
+            where: { id: groupId },
+            relations: ['participants']
+        });
+
+        if (!group) {
+            throw new Error("Group not found");
+        }
+
+        const charterHash = group.charter ? this.createCharterHash(group.charter) : "";
+        const signatures = charterHash ? await this.getSignaturesForCharter(groupId, group.charter) : [];
+
+        // Create a map of signed user IDs for quick lookup
+        const signedUserIds = new Set(signatures.map(s => s.userId));
+
+        // Add signing status and role information to each participant
+        const participantsWithStatus = group.participants.map(participant => ({
+            ...participant,
+            hasSigned: signedUserIds.has(participant.id),
+            isAdmin: group.admins?.includes(participant.id) || false,
+            isOwner: group.owner === participant.id
+        }));
+
+        return {
+            participants: participantsWithStatus,
+            signatures,
+            charterHash,
+            isSigned: signatures.length > 0
+        };
+    }
+
+    // Get all signatures for a user across all groups
+    async getUserSignatures(userId: string): Promise<CharterSignature[]> {
+        return await this.signatureRepository.find({
+            where: { userId },
+            relations: ['group'],
+            order: {
+                createdAt: 'DESC'
+            }
+        });
+    }
+}