From 582fc6c58c04350ea8c9d8312fd2ee8c8e9d38f8 Mon Sep 17 00:00:00 2001 From: clauspeterhuebner Date: Fri, 13 Jun 2025 22:43:02 +0200 Subject: [PATCH] generate asymmetric keypair and store them in database --- backend/src/config/schema.ts | 2 +- backend/src/federation/validateCommunities.ts | 37 +++++++++++++++++++ backend/src/index.ts | 2 + 3 files changed, 40 insertions(+), 1 deletion(-) diff --git a/backend/src/config/schema.ts b/backend/src/config/schema.ts index f805d02a7..61c1026b0 100644 --- a/backend/src/config/schema.ts +++ b/backend/src/config/schema.ts @@ -40,7 +40,7 @@ export const schema = Joi.object({ OPENAI_ACTIVE, PRODUCTION, - COMMUNITY_REDEEM_URL: Joi.string() + COMMUNITY_REDEEM_URL: Joi.string() .uri({ scheme: ['http', 'https'] }) .description('The url for redeeming link transactions, must start with frontend base url') .default('http://0.0.0.0/redeem/') diff --git a/backend/src/federation/validateCommunities.ts b/backend/src/federation/validateCommunities.ts index 2a1bc630e..ec26aba84 100644 --- a/backend/src/federation/validateCommunities.ts +++ b/backend/src/federation/validateCommunities.ts @@ -14,6 +14,9 @@ import { backendLogger as logger } from '@/server/logger' import { startCommunityAuthentication } from './authenticateCommunities' import { PublicCommunityInfoLoggingView } from './client/1_0/logging/PublicCommunityInfoLogging.view' import { ApiVersionType } from './enum/apiVersionType' +import { generateKeyPair, exportSPKI, exportPKCS8 } from 'jose' + +// import { CONFIG } from '@/config/' export async function startValidateCommunities(timerInterval: number): Promise { if (Number.isNaN(timerInterval) || timerInterval <= 0) { @@ -83,6 +86,40 @@ export async function validateCommunities(): Promise { } } +export async function writeJwtKeyPairInHomeCommunity(): Promise { + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity`) + try { + // check for existing homeCommunity entry + let homeCom = await DbCommunity.findOne({ where: { foreign: false } }) + if (homeCom) { + if (!homeCom.publicJwtKey && !homeCom.privateJwtKey) { + // Generate key pair using jose library + const keyPair = await generateKeyPair('RS256'); + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity generated keypair=`, keyPair); + + // Convert keys to PEM format + const publicKeyPem = await exportSPKI(keyPair.publicKey); + const privateKeyPem = await exportPKCS8(keyPair.privateKey); + + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity publicKey=`, publicKeyPem); + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity privateKey=`, privateKeyPem); + + homeCom.publicJwtKey = Buffer.from(publicKeyPem); + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity publicJwtKey.length=`, homeCom.publicJwtKey.length); + homeCom.privateJwtKey = Buffer.from(privateKeyPem); + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity privateJwtKey.length=`, homeCom.privateJwtKey.length); + await DbCommunity.save(homeCom) + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity done`) + } + } else { + throw new Error(`Error! A HomeCommunity-Entry still not exist! Please start the DHT-Modul first.`) + } + return homeCom + } catch (err) { + throw new Error(`Error writing JwtKeyPair in HomeCommunity-Entry: ${err}`) + } +} + async function writeForeignCommunity( dbCom: DbFederatedCommunity, pubInfo: PublicCommunityInfo, diff --git a/backend/src/index.ts b/backend/src/index.ts index 01f7f47a3..04ecbc58b 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -2,6 +2,7 @@ import 'reflect-metadata' import { CONFIG } from './config' import { startValidateCommunities } from './federation/validateCommunities' import { createServer } from './server/createServer' +import { writeJwtKeyPairInHomeCommunity } from './federation/validateCommunities' async function main() { const { app } = await createServer() @@ -14,6 +15,7 @@ async function main() { console.log(`GraphIQL available at http://localhost:${CONFIG.PORT}`) } }) + await writeJwtKeyPairInHomeCommunity() await startValidateCommunities(Number(CONFIG.FEDERATION_VALIDATE_COMMUNITY_TIMER)) }