chore: public key retrieval logic

Author: coodos

infrastructure/eid-wallet/src/lib/global/controllers/evault.ts

@@ -1,9 +1,10 @@
-import { PUBLIC_REGISTRY_URL } from "$env/static/public";
+import { PUBLIC_REGISTRY_URL, PUBLIC_PROVISIONER_URL } from "$env/static/public";
 import type { Store } from "@tauri-apps/plugin-store";
 import axios from "axios";
 import { GraphQLClient } from "graphql-request";
 import NotificationService from "../../services/NotificationService";
 import type { UserController } from "./user";
+import type { KeyService } from "./key";
 
 const STORE_META_ENVELOPE = `
   mutation StoreMetaEnvelope($input: MetaEnvelopeInput!) {
@@ -47,12 +48,14 @@ export class VaultController {
     #client: GraphQLClient | null = null;
     #endpoint: string | null = null;
     #userController: UserController;
+    #keyService: KeyService | null = null;
     #profileCreationStatus: "idle" | "loading" | "success" | "failed" = "idle";
     #notificationService: NotificationService;
 
-    constructor(store: Store, userController: UserController) {
+    constructor(store: Store, userController: UserController, keyService?: KeyService) {
         this.#store = store;
         this.#userController = userController;
+        this.#keyService = keyService || null;
         this.#notificationService = NotificationService.getInstance();
     }
 
@@ -74,6 +77,92 @@ export class VaultController {
         this.#profileCreationStatus = status;
     }
 
+    /**
+     * Sync public key to eVault core
+     * Checks if public key was already saved, calls /whois, and PATCH if needed
+     */
+    private async syncPublicKey(eName: string): Promise<void> {
+        try {
+            // Check if we've already saved the public key
+            const savedKey = localStorage.getItem(`publicKeySaved_${eName}`);
+            if (savedKey === "true") {
+                console.log(`Public key already saved for ${eName}, skipping sync`);
+                return;
+            }
+
+            if (!this.#keyService) {
+                console.warn("KeyService not available, cannot sync public key");
+                return;
+            }
+
+            // Get the eVault URI
+            const vault = await this.vault;
+            if (!vault?.uri) {
+                console.warn("No vault URI available, cannot sync public key");
+                return;
+            }
+
+            // Call /whois to check if public key exists
+            const whoisUrl = new URL("/whois", vault.uri).toString();
+            const whoisResponse = await axios.get(whoisUrl, {
+                headers: {
+                    "X-ENAME": eName,
+                },
+            });
+
+            const existingPublicKey = whoisResponse.data?.publicKey;
+            if (existingPublicKey) {
+                // Public key already exists, mark as saved
+                localStorage.setItem(`publicKeySaved_${eName}`, "true");
+                console.log(`Public key already exists for ${eName}`);
+                return;
+            }
+
+            // Get public key from KeyService
+            const publicKey = await this.#keyService.getPublicKey(eName, "signing");
+            if (!publicKey) {
+                console.warn(`No public key found for ${eName}, cannot sync`);
+                return;
+            }
+
+            // Get authentication token from registry
+            let authToken: string | null = null;
+            try {
+                const entropyResponse = await axios.get(
+                    new URL("/entropy", PUBLIC_REGISTRY_URL).toString()
+                );
+                authToken = entropyResponse.data?.token || null;
+            } catch (error) {
+                console.error("Failed to get auth token from registry:", error);
+                // Continue without token - server will reject if auth is required
+            }
+
+            // Call PATCH /public-key to save the public key
+            const patchUrl = new URL("/public-key", vault.uri).toString();
+            const headers: Record<string, string> = {
+                "X-ENAME": eName,
+                "Content-Type": "application/json",
+            };
+
+            if (authToken) {
+                headers["Authorization"] = `Bearer ${authToken}`;
+            }
+
+            await axios.patch(
+                patchUrl,
+                { publicKey },
+                { headers }
+            );
+
+            // Mark as saved
+            localStorage.setItem(`publicKeySaved_${eName}`, "true");
+            console.log(`Public key synced successfully for ${eName}`);
+        } catch (error) {
+            console.error("Failed to sync public key:", error);
+            // Don't throw - this is a non-critical operation
+        }
+    }
+
     /**
      * Register device for notifications
      */
@@ -352,6 +441,9 @@ export class VaultController {
             // Register device for notifications
             this.registerDeviceForNotifications(vault.ename);
 
+            // Sync public key to eVault core
+            this.syncPublicKey(vault.ename);
+
             if (this.profileCreationStatus === "success") return;
             // Set loading status
             this.profileCreationStatus = "loading";

infrastructure/eid-wallet/src/lib/global/state.ts

@@ -34,9 +34,9 @@ export class GlobalState {
         this.#store = store;
         this.securityController = new SecurityController(store);
         this.userController = new UserController(store);
-        this.vaultController = new VaultController(store, this.userController);
-        this.notificationService = NotificationService.getInstance();
         this.keyService = keyService;
+        this.vaultController = new VaultController(store, this.userController, keyService);
+        this.notificationService = NotificationService.getInstance();
     }
 
     /**

infrastructure/evault-core/src/core/db/db.service.ts

@@ -590,6 +590,48 @@ export class DbService {
         });
     }
 
+    /**
+     * Gets the public key for a given eName.
+     * @param eName - The eName identifier
+     * @returns The public key string, or null if not found
+     */
+    async getPublicKey(eName: string): Promise<string | null> {
+        if (!eName) {
+            throw new Error("eName is required for getting public key");
+        }
+
+        const result = await this.runQuery(
+            `MATCH (u:User { eName: $eName }) RETURN u.publicKey AS publicKey`,
+            { eName }
+        );
+
+        if (!result.records[0]) {
+            return null;
+        }
+
+        return result.records[0].get("publicKey") || null;
+    }
+
+    /**
+     * Sets or updates the public key for a given eName.
+     * @param eName - The eName identifier
+     * @param publicKey - The public key to store
+     */
+    async setPublicKey(eName: string, publicKey: string): Promise<void> {
+        if (!eName) {
+            throw new Error("eName is required for setting public key");
+        }
+        if (!publicKey) {
+            throw new Error("publicKey is required");
+        }
+
+        await this.runQuery(
+            `MERGE (u:User { eName: $eName })
+             SET u.publicKey = $publicKey`,
+            { eName, publicKey }
+        );
+    }
+
     /**
      * Closes the database connection.
      */

infrastructure/evault-core/src/core/db/migrations/add-user-index.ts

@@ -0,0 +1,34 @@
+/**
+ * Neo4j Migration: Add User node index for eName property
+ * 
+ * This migration creates an index on the eName property of User nodes
+ * to ensure optimal query performance for public key lookups.
+ * 
+ * Run this migration once to create the index:
+ * ```cypher
+ * CREATE INDEX user_ename_index FOR (u:User) ON (u.eName)
+ * ```
+ */
+
+import { Driver } from "neo4j-driver";
+
+export async function createUserIndex(driver: Driver): Promise<void> {
+    const session = driver.session();
+    try {
+        await session.run(
+            `CREATE INDEX user_ename_index IF NOT EXISTS FOR (u:User) ON (u.eName)`
+        );
+        console.log("Created User eName index");
+    } catch (error) {
+        // Index might already exist, which is fine
+        if (error instanceof Error && error.message.includes("already exists")) {
+            console.log("User eName index already exists");
+        } else {
+            console.error("Error creating User eName index:", error);
+            throw error;
+        }
+    } finally {
+        await session.close();
+    }
+}
+