From 1871d17e657e8e9cac4fa1795116d8ed03ad6df0 Mon Sep 17 00:00:00 2001
From: cel <cel@f/6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=.ed25519>
Date: Sun, 11 Aug 2019 20:08:14 -0700
Subject: Render and validate peer-invites

---
 lib/render-msg.js | 66 +++++++++++++++++++++++++++++++++++++------------------
 1 file changed, 45 insertions(+), 21 deletions(-)

(limited to 'lib/render-msg.js')

diff --git a/lib/render-msg.js b/lib/render-msg.js
index 92d12e2..b8e0123 100644
--- a/lib/render-msg.js
+++ b/lib/render-msg.js
@@ -3,9 +3,7 @@ var htime = require('human-time')
 var multicb = require('multicb')
 var u = require('./util')
 var mdInline = require('./markdown-inline')
-/*
 var ssbKeys = require('ssb-keys')
-*/
 
 module.exports = RenderMsg
 
@@ -355,6 +353,8 @@ RenderMsg.prototype.message = function (cb) {
     case 'pub-owner-confirm': return this.pubOwnerConfirm(cb)
     case 'user-invite':
     case 'peer-invite': return this.peerInvite(cb)
+    case 'peer-invite/confirm': return this.peerInviteConfirm(cb)
+    case 'peer-invite/accept': return this.peerInviteAccept(cb)
     default: return this.object(cb)
   }
 }
@@ -809,27 +809,51 @@ RenderMsg.prototype.pubOwnerConfirm = function (cb) {
 }
 
 RenderMsg.prototype.peerInvite = function (cb) {
-  this.wrapMini('peer invite', cb)
-/*
-  var self = this
   var invite = this.c.invite
-  var host = this.c.host
-  var author = this.msg.value.author
-  // this.c.private
-  // this.c.reveal
-  var isValid = ssbKeys.verifyObj(invite, this.serve.app.peerInviteCap, this.c)
-  if (host && host !== author) self.link(host, gotHostLink)
-  else gotHostLink()
-  function gotHostLink(err, hostLink) {
-    if (err) return cb(err)
-    self.wrap([
-      isValid ? 'valid ' : 'invalid ',
-      'peer invite',
-      hostLink ? [' from ', hostLink] : '',
-      h('a', {href: self.toUrl(invite)}, u.truncate(invite, 10)),
-    ], cb)
+  var isValid = this.c.host === this.value.author
+    && ssbKeys.verifyObj(invite, this.app.peerInviteCap, this.c)
+  var isValidDev = !isValid && this.c.host === this.value.author
+    && ssbKeys.verifyObj(invite, this.app.devPeerInviteCap, this.c)
+  this.wrapMini('peer invite' + (isValid ? '' : isValidDev ? ' (dev)' : ' (invalid)'), cb)
+}
+
+function hashMsg(value) {
+  return {
+    key: '%' + ssbKeys.hash(JSON.stringify(value, null, 2)),
+    value: value
   }
-  */
+}
+
+RenderMsg.prototype.peerInviteConfirm = function (cb) {
+  var self = this
+  var msg = hashMsg(self.c.embed)
+  var isValid =
+    msg.value && msg.value.content && msg.value.content.receipt === self.c.receipt
+    && ssbKeys.verifyObj(msg.value.author, self.app.caps.sign, msg.value)
+  var renderMsg = new RenderMsg(self.render, self.app, msg, {serve: self.serve})
+  renderMsg.message(function (err, msgEl) {
+    self.wrapMini([
+      'confirmed peer invite',
+      isValid ? '' : ' (invalid)',
+      err ? h('div', u.renderError(err)) : ''
+    ], function (err, wrapped) {
+      if (err) return cb(err)
+      cb(null, [wrapped, msgEl])
+    })
+  })
+}
+
+RenderMsg.prototype.peerInviteAccept = function (cb) {
+  var self = this
+  var receipt = self.c.receipt
+  var accept = self.msg.value
+  var isValid = ssbKeys.verifyObj(accept.content.id, self.app.caps.sign, accept)
+  // TODO: if invite msg has c.reveal, check that self.c.key decrypts it
+  self.wrapMini([
+    'accepted peer invite ',
+    isValid ? '' : '(invalid) ',
+    h('a', {href: self.toUrl(receipt)}, u.truncate(receipt, 10))
+  ], cb)
 }
 
 RenderMsg.prototype.channel = function (cb) {
-- 
cgit v1.2.3