atsign-foundation / at_libraries Goto Github PK
View Code? Open in Web Editor NEWSupport libraries & dependencies for Atsign's technology
Home Page: https://pub.dev/publishers/atsign.org/packages
License: BSD 3-Clause "New" or "Revised" License
Support libraries & dependencies for Atsign's technology
Home Page: https://pub.dev/publishers/atsign.org/packages
License: BSD 3-Clause "New" or "Revised" License
Is your feature request related to a problem? Please describe.
As described in this document, there is an opportunity to provide an end-to-end encrypted, peer-to-peer, surveillance free notification service.
Describe the solution you'd like
The approach needs to be discussed in the architecture call.
Adding to the backlog so we can plan accordingly.
Describe alternatives you've considered
This could be accomplished as a widget only, but a library for sending notifications for IoT or other applications may also makes sense.
No response
No response
No response
md5 is prone to collisions and should not be used.
Change the algorithm to SHA512
No response
No response
Describe the bug
During onboarding flow, AtLookup throws error
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Onboarding flow should work as on any other device
Smartphone (please complete the following information):
Device: iPad mini
OS version: 9.3.5
Were you using an @application when the bug was found?
Additional context
Captured some more information via the dev tools and console.
Is your feature request related to a problem? Please describe.
The current directory structure creates bad links on pub.dev for Example content.
For example, clicking on the example/at_server_status_example.dart link on the at_server_status Example tab returns a 404 response because it references the root of the at_libraries repo and not that of the package itself.
Describe the solution you'd like
Rumor has it that adding a "packages" subdirectory from root resolves this for pub.dev. We need to test and validate this is true and then add the subdirectory if it works.
Describe alternatives you've considered
The other option would be to create separate repos for each package that we want to publish to pub.dev
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
If a device is offline then at_lookup can cause the application to crash rather than wait for connectivity to come back. Looks to be a failure in name lookup in this case but if the network is down nothing @ should crash it should wait until network is available..
To Reproduce
Steps to reproduce the behavior:
Expected behavior
@ apps should never crash and should handle being offline gracefully and reconnect when possible
Screenshots
pi@raspberrypi:~/Colin-snippets/ssh_control $ bin/ssh_control
initializing storage
INFO|2022-03-31 03:00:52.990549|HiveBase|commit_log_f15959d1046b21a3e727245571dcd5c697956835e967a0a273db44d5681ac682 initialized suc
cessfully
AtServer.getHiveSecretFromFile file found
INFO|2022-03-31 03:00:53.003552|HiveBase|f15959d1046b21a3e727245571dcd5c697956835e967a0a273db44d5681ac682 initialized successfully
SEVERE|2022-03-31 03:00:53.016314|AtLookup|AtLookup.findSecondary connection to root.atsign.org exception: SocketException: Failed h
ost lookup: 'root.atsign.org' (OS Error: Temporary failure in name resolution, errno = -3)
Unhandled exception:
Exception: Secondary server not found
#0 AtLookupImpl.createConnection (package:at_lookup/src/at_lookup_impl.dart:270)
<asynchronous suspension>
#1 AtLookupImpl._sendCommand (package:at_lookup/src/at_lookup_impl.dart:550)
<asynchronous suspension>
#2 AtLookupImpl.authenticate (package:at_lookup/src/at_lookup_impl.dart:415)
<asynchronous suspension>
#3 AtOnboardingServiceImpl.authenticate (package:at_onboarding_cli/src/at_onboarding_service_impl.dart:187)
<asynchronous suspension>
#4 main (file:///home/pi/Colin-snippets/ssh_control/bin/ssh_control.dart:29)
<asynchronous suspension>
pi@raspberrypi:~/Colin-snippets/ssh_control $
Additional context
This is critically important for IoT use cases and also for mobile apps
Now that auto activation is a feature in the registrar, sometimes activating the atSign will take a while. Code may go straight to onboard()
with the cram key however the secondary address is not initialized. This may become a problem if CLI code tries to onboard too quickly.
1. Activate an unactivated atSign via the web API
2. Web API will give you a cram key, but the secondary address is still null.
3. Try to onboard immediately upon receiving the cram key
4. You will receive a secondary not found because the atSign's secondary was not initialized quickly enough
Simply pause your code until the secondary address can be found.
/// Hot fix in case activating the atSign takes too long (if the person does not press the orange "Activate" button on their atSign, then the secondary was not initialized just yet. Just run this method with async/await and it will pause your code until the secondary is successfully initialized.)
Future<void> runUntilSecondaryExists(String rootUrl, String atSign, {timeoutIterations = 10000000}) async {
List<String> s = rootUrl.split(':');
String rootDomain = s[0];
int rootPort = int.parse(s[1]);
late SecondaryAddress sAddress;
bool exists = false;
int timeout = timeoutIterations;
int count = 0;
do {
count++;
try {
sAddress = await CacheableSecondaryAddressFinder(rootDomain, rootPort).findSecondary(atSign);
exists = true;
} catch (e) {
// ignore
}
} while(!exists && count < timeout);
if(sAddress.host.length > 2) {
print('Secondary address found! ${sAddress.host}:${sAddress.port} | Iterations: $count/$timeout');
} else {
print('Secondary address not found after $count/$timeout iterations');
}
throw Exception('Secondary address not found after $count/$timeout iterations');
}
// 1.
// get the cram key from via the web api
// (will actually give a non-null valid cramkey despite secondaryUrl not addressable).
String? cram = await apiUtil.authenticateAtSignValidate(atSign, otp);
// 2.
// pause code until secondaryUrl is addressable
await apiUtil.runUntilSecondaryExists(rootUrl, atSign);
// 3.
// onboard with the cram key (this function ultimately looks for secondaryUrl..
// if the pause code above were to be excluded, then it would immediately jump
// into this code block and look for a non-existent secondaryUrl).
bool onboarded = await onboard(atSign, rootUrl, cram);
Support multiple platforms dropdown missing documentation for the following:
Client will be able to call at_onboarding_service --> onboard multiple times.
First time onboard is called for an atsign, cram auth will be done to server and keys will be persisted to local secondary.
If client calls onboard again, with current logic cram will be unnecessarily attempted to server and would fail (cram secret will be deleted from secondary during first onboard)
Implement a method isOnboarded and check whether cram should be attempted to server.
No response
No response
No response
No response
Describe the bug
The latest version of at_lookup includes a line in at_lookup_impl.dart
that prints outs the PKAM challenge signature to the console
To Reproduce
Steps to reproduce the behavior:
Expected behavior
No prints in production code
Screenshots
NA
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
line 381 of at_lookup_impl.dart
print(signature);
Is your feature request related to a problem? Please describe.
Update TLS connection to optionally output TLS keys to file. This allows you to "see" inside the TLS packets using WireShark and diagnose issues.
Describe the solution you'd like
Open to suggestions on implementation but it would be nice just to include a dev low level library that includes this feature. So testing can be done by including a dev library in pubspec.yaml. This would dump the TLS keys in the directory where the binary is being run.
The additional lines of code required to do this are :-
In at_lookup_impl.dart
var secConConnect = SecurityContext();
var keyfile = File('keysfile');
secConConnect.setTrustedCertificates('caroot/rootcacert.pem');
var secureSocket = await SecureSocket.connect(host, int.parse(port), context: secConConnect, keyLog: (line) => keyfile.writeAsStringSync(line, mode: FileMode.append));
And in monitor_client.dart
var secConConnect = SecurityContext();
var keyfile = File('keysfile');
secConConnect.setTrustedCertificates('caroot/rootcacert.pem');
var secureSocket = await SecureSocket.connect(host, int.parse(port), context: secConConnect, keyLog: (line) => keyfile.writeAsStringSync(line, mode: FileMode.append));
replacing the secureSocket connection with no SecurityContent()
It would be nice to abstract the SecureSocket.connect so only one change would effect both lines of code and then that abstraction could be used in the secondary server code as well perhaps.
Describe alternatives you've considered
I did consider pushing all the way through via command line options or by adding a method options but that I think holds the danger of leaving it in place before going to a prod build.. But open to them or other ideas..
Additional context
Screen shot of the resulting Wireshark diagnostics
As discussed on Monday, June 21st in the Engg. stand, we dont want to duplicate information on the dev site. The best way to do it is to have one source of info either from Git or Pub.dev. We need a script that pulls the relevant info to the Dev site on a regular basis.
Describe the bug
The key of concern public:publickey@atsign is being created with proper syntax while activating/onboarding but the key stored on the local secondary does not follow proper correct syntax which is being synced to the remote secondary.
To Reproduce
Steps to reproduce the behavior:
Expected behaviour
Device (please complete the following information):
Were you using an @application when the bug was found?
Additional context
For more context please refer to atsign-foundation/at_server#820.
Tasks:
Describe the solution you'd like
Per the guidance from dart-lang/lints:
in each pubspec.yaml
:
- pedantic: ^1.11.0
+ lints: ^1.0.1
and in each analysis_options.yaml
:
-include: package:pedantic/analysis_options.yaml
+include: package:lints/recommended.yaml
When a timeout exception is thrown by the OutboundMessageListener when waiting for responses from the server, it calls async method _closeConnection
- but without using await
. As a result, the exception is thrown before the OutboundConnection is closed and marked as inValid. And a result of that, code which immediately tries to reissue whatever command timed out may result in AtLookupImpl's check of OutboundConnection isInvalid() returning true
, and therefore result in AtLookupImpl's writing to a connection with a dead socket, and hanging for a very long period of time as a result.
Race condition, very difficult to reproduce except via unit tests, which is what #251 largely consists of, to prevent regression
After a timeout exception, the connection should be recreated before AtLookupImpl executes any other command
No response
No response
No response
No response
See atsign-foundation/at_client_sdk#756 and #235
Incorporate the signing library into the overall at_chops library
No response
No response
I don't know if this is a feature already, but:
I'd like to import a base 64 encoded private/public rsa key manually.
If this is a feature, I wasn't able to find any documentation/examples easily in the readme and pub.dev
Documentation on how to import keys in various ways for writing rsa decrypting/encrypting/signing/verifying code.
.atKeys
fileNo response
No response
Please check libraries link as well (current, samples and examples)
LIBRARIES
Describe the bug
The client keeps waiting even after the getting server responses. This is an intermittent issue.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The client should process the server responses.
Screenshots
If applicable, add screenshots to help explain your problem.
Smartphone (please complete the following information):
Were you using an @application when the bug was found?
Additional context
Add any other context about the problem here.
No response
No response
At the moment, users need to provide inputs for the following fields:
Instead of asking for the user's input for the above fields; use to default the path for all of these directories to HOME_DIRECTORY/.atsign. This would simplify the user experience and also make the behaviour uniform with all of the other atRepositories/tools.
Unlist the following packages ~ @nickelskevin to provide further details
Describe the bug
After CacheableSecondaryAddressFinder implementation, root server should be hit only once to fetch secondary address.
But currently there are many hits to root server since findSecondary in at_lookup creates a new instance of CacheableSecondaryAddressFinder.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Root server should be hit only once to find the secondary url. Only if the address expires from cache, subsequent connection to root server should be made
Describe the bug
If the authenticate(String? privateKey)
in AtLookupImpl is called twice in quick succession, then the requests and responses for the two could become intermingled, whereas the expectation is that the entire authentication flow should complete atomically
Expected behavior
_process
method worksThe at_onboarding_cli functional_tests that are part of at_libraries GitHub actions are failing. Specifically, the test_for_env_readiness check is failing after retrying for 5 mins. This is causing the actions to terminate and abort after this test fails.
The actions and tests should successfully pass
No response
No response
Since the tests are not able to confirm the env readiness, the assumption is that the test secondaries are unavailable (or) the actions are unable to connect to the test secondaries.
Below is a list of the issues and enhancements that have been identified while testing the most recent version of the Register CLI.
Bugs
Wording/Visual
Please look at the library links too (current, samples and examples)
LIBRARIES
All the content shown on pub.dev and where it comes from.
Example: Shelf (will point to one of our own once completed)
Package name, version <pubspec.yaml>
Published date (generated)
Platform support (generated based on project structure)
Tabbed navigation
Right column
Scores tab all require documentation:
Update Github documentation for to be unlisted pub.dev package at_contact.
Review at_contact readme.md, changelog.md and look for standard archetype template updates to make current. Repo will remain active even though it will be unlisted on Pub.dev.
Review at_lookup readme package version (example the package version is 2.0.3, but the readme description says - dependencies: at_lookup: ^1.0.0)
Describe the bug
Two minor issues, that should be corrected with a single update:
Expected behavior
atSign
in metadataReview at_server_status readme package version (example the package version is 2.0.3, but the readme description says - dependencies: at_lookup: ^1.0.0)
When sending an at_talk message from @atgps01 to @atgps02 messages never arrive. When running with -v the following message appears in the log:-
'SEVERE|2023-01-27 09:09:43.059190| atTalk |Invalid argument(s): Unsupported block type for private key: 17'
This was the first time that these two atSigns communicated. This issue does NOT happen everytime in fact I have not seen it at all with other atSigns communicating.
But I also see no way to correct the error from a dev point of view.
Never to have a miss managed key if that is what the issue is.
No response
code used is the nosync branch which uses the at_chops lib
https://github.com/atsign-foundation/at_talk/tree/nosync
at_talk
I was testing to ensure that newly created atSigns can communicate without a problem using chops and notification (this used to have other issues in that the RSA key was not in place)
Review at_contact readme package version (example the package version is 2.0.3, but the readme description says - dependencies: at_lookup: ^1.0.0)
I was writing documentation for sshnp on the dev site, then I realized the first step was to prepare two atSigns and their .atKeys
files.
Getting the atSigns is the easy part, but for somebody who wants to use something like ssh no ports and want nothing to do with our apps or ecosystem, it may be hard for them to onboard their atSigns and generate the .atKeys
files.
For headless tools/systems like sshnp, there should be an easy way to generate the .atKeys
files without having to write dart code or download our apps.
Using at_onboarding_cli
, create a binary called "onboard."
./onboard <email> <atSign> // arguments can be figured out more in detail later
This binary could be released with the sshnp
binaries, or just remain as a release or file in at_libraries/at_onboarding_cli
We could also have a register binary for skipping the atSign purchasing process altogether; the goal is for the person using sshnp to focus on using sshnp and not the atSign portion. (But if we want them to be involved in our atPlatform ecosystem, I could see why this is not an angle we want to take; but I believe we should make it easy for devs to use sshnp to avoid scaring them away, even if it means they don't know what an atSign really is)
The goal of having the register binary would be to steer them away from the complexities of what an "atSign" is. After all, the developers primary concern is to ssh without open ports and things would ideally just work.
Is your feature request related to a problem? Please describe.
Describe the solution you'd like
When using
var onboard = await onboardingService.authenticate();
My expected result was true if onboarded and false if the onboarding fails. But if there is for example no Internet connection then this call hangs and does not return or throw an exception. If the Internet comes back online then the onboarding seems to continue, but this await never returns true.
Expected that a false would return if the onboarding fails for some reason (e.g. secondary lookup fails or network check fails). Or perhaps an exception to be thrown ?
Either would be fine but a hang is problematic
-Linux Dart
2.17.6
at_talk - branch nosync
No response
People have noticed that their contacts are not consistent across the apps.
Examples of the issue:
Expected behavior
The contacts should be sync'd across the apps
Smartphone:
Reported on iphones
Were you using an @Application when the bug was found?
@buzz, @rrive, @Mosphere, @Mosphere pro
Please review library links as well (current, samples and examples)
LIBRARIES
Scores tab is missing follow documentation: (as of 8/4 error message on page - awaiting analysis to complete)
Describe the bug
On pub.dev the Repository (GitHub) link points to https://github.com/michaelspiss/dart-utf7 rather than https://github.com/atsign-foundation/at_libraries/tree/trunk/dart_utf7
The usage example also imports the upstream utf7 rather than the at_utf7 (Null safety) fork.
Expected behavior
Update Github documentation for to be unlisted pub.dev package at_server_status.
Review at_server_status readme.md, changelog.md and look for standard archetype template updates to make current. Repo will remain active even though it will be unlisted on Pub.dev.
Is your feature request related to a problem? Please describe.
A library which implements the design which was worked on during PR46, to enable easy addition of cryptographic signatures to AtData as well as to ad-hoc data, and easy verification of those signatures.
Describe the solution you'd like
Design a tool that accepts AtValue and necessary keys and digitally signs and returns the AtValue. Similarly, the tool should also provide a way to verify this previously created signature. The digitally signing and then the signature verification should be built on an asymmetric encryption architecture
Additional context
Further tasks
Unlist the following packages ~ @nickelskevin to provide further details
Describe the bug
AtLookupImpl._process()
does a few things - authenticates if necessary, sends a command, reads a responseTo Reproduce
Expected behaviour
Fixed by #139
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.