From 396d820e3afaa0cc2e9702a36af767aad19a21fb Mon Sep 17 00:00:00 2001
From: Felipe Forbeck <felipe.forbeck@gmail.com>
Date: Fri, 29 Nov 2024 10:43:41 -0300
Subject: [PATCH] fix authorizeContentServe test

---
 packages/filecoin-api/test/context/service.js | 11 +++++
 packages/upload-api/test/helpers/utils.js     |  1 +
 packages/w3up-client/src/client.js            |  9 ++--
 packages/w3up-client/test/client.test.js      | 42 +++++++++++++-----
 packages/w3up-client/test/mocks/service.js    | 43 +++++++++++++++++++
 5 files changed, 93 insertions(+), 13 deletions(-)
 create mode 100644 packages/w3up-client/test/mocks/service.js

diff --git a/packages/filecoin-api/test/context/service.js b/packages/filecoin-api/test/context/service.js
index 37de7be45..44b0635dd 100644
--- a/packages/filecoin-api/test/context/service.js
+++ b/packages/filecoin-api/test/context/service.js
@@ -13,6 +13,7 @@ import * as API from '../../src/types.js'
 
 import { validateAuthorization } from '../utils.js'
 import { mockService } from './mocks.js'
+import { Access } from '@web3-storage/capabilities'
 
 export { getStoreImplementations } from './store-implementations.js'
 export { getQueueImplementations } from './queue-implementations.js'
@@ -240,6 +241,16 @@ export function getMockService() {
         }
       ),
     },
+    access: {
+      delegate: Server.provide(
+        Access.delegate,
+        async ({ capability, invocation }) => {
+          return {
+            ok: {},
+          }
+        }
+      ),
+    },
   })
 }
 
diff --git a/packages/upload-api/test/helpers/utils.js b/packages/upload-api/test/helpers/utils.js
index d4c31c125..e95be29e6 100644
--- a/packages/upload-api/test/helpers/utils.js
+++ b/packages/upload-api/test/helpers/utils.js
@@ -43,6 +43,7 @@ export const w3Signer = ed25519.parse(
 )
 export const w3 = w3Signer.withDID('did:web:test.web3.storage')
 
+/** did:key:z6MkuKJgV8DKxiAF5oaUcT8ckg8kZUoBe6yavSLnHn5ZgyAP */
 export const gatewaySigner = ed25519.parse(
   'MgCaNpGXCEX0+BxxE4SjSStrxU9Ru/Im+HGNQ/JJx3lDoI+0B3NWjWW3G8OzjbazZjanjM3kgfcZbvpyxv20jHtmcTtg='
 )
diff --git a/packages/w3up-client/src/client.js b/packages/w3up-client/src/client.js
index 85053b1c3..e5e0e43b5 100644
--- a/packages/w3up-client/src/client.js
+++ b/packages/w3up-client/src/client.js
@@ -345,7 +345,7 @@ export class Client extends Base {
   async authorizeContentServe(space, options) {
     const currentSpace = this.currentSpace()
     try {
-      // Set the current space to the space we are authorizing the gateway for
+      // Set the current space to the space we are authorizing the gateway for, otherwise the delegation will fail
       await this.setCurrentSpace(space.did())
 
       /** @type {import('@ucanto/client').Principal<`did:${string}:${string}`>} */
@@ -353,7 +353,7 @@ export class Client extends Base {
         did: () => options.audience,
       }
 
-      // Create the delegation
+      // Grant the audience the ability to serve content from the space, it includes existing proofs automatically
       const delegation = await this.createDelegation(
         audience,
         [SpaceCapabilities.contentServe.can],
@@ -363,12 +363,15 @@ export class Client extends Base {
       )
 
       // Publish the delegation to the content serve service
+      const accessProofs = this.proofs([
+        { can: AccessCapabilities.access.can, with: space.did() },
+      ])
       const verificationResult = await AccessCapabilities.delegate
         .invoke({
           issuer: this._agent.issuer,
           audience,
           with: space.did(),
-          proofs: [delegation],
+          proofs: [...accessProofs, delegation],
           nb: {
             delegations: {
               [delegation.cid.toString()]: delegation.cid,
diff --git a/packages/w3up-client/test/client.test.js b/packages/w3up-client/test/client.test.js
index 73a3fc638..56c184080 100644
--- a/packages/w3up-client/test/client.test.js
+++ b/packages/w3up-client/test/client.test.js
@@ -15,10 +15,13 @@ import { receiptsEndpoint } from './helpers/utils.js'
 import { Absentee } from '@ucanto/principal'
 import { DIDMailto } from '../src/capability/access.js'
 import {
+  alice,
   confirmConfirmationUrl,
-  w3,
+  gateway,
+  gatewaySigner,
 } from '../../upload-api/test/helpers/utils.js'
 import * as SpaceCapability from '@web3-storage/capabilities/space'
+import { getConnection, getMockService } from './mocks/service.js'
 
 /** @type {Test.Suite} */
 export const testClient = {
@@ -547,33 +550,52 @@ export const testClient = {
   authorizeGateway: Test.withContext({
     'should authorize a gateway to serve content from a space': async (
       assert,
-      { client, mail, grantAccess, connection }
+      { mail, grantAccess, connection }
     ) => {
       // Step 1: Create a client for Alice and login
+      const aliceClient = new Client(
+        await AgentData.create({
+          principal: alice,
+        }),
+        {
+          // @ts-ignore
+          serviceConf: {
+            access: connection,
+            upload: connection,
+          },
+        }
+      )
+
       const aliceEmail = 'alice@web.mail'
-      const aliceLogin = client.login(aliceEmail)
+      const aliceLogin = aliceClient.login(aliceEmail)
       const message = await mail.take()
       assert.deepEqual(message.to, aliceEmail)
       await grantAccess(message)
       const aliceAccount = await aliceLogin
 
       // Step 2: Alice creates a space
-      const spaceA = await client.createSpace('authorize-gateway-space', {
+      const spaceA = await aliceClient.createSpace('authorize-gateway-space', {
         account: aliceAccount,
+        skipContentServeAuthorization: true,
       })
       assert.ok(spaceA)
-      await client.setCurrentSpace(spaceA.did())
 
-      // Step 3: Authorize the gateway to serve content from the space
-      const delegationResult = await client.authorizeContentServe(spaceA, {
-        audience: w3.did(),
-        connection: connection,
+      const gatewayService = getMockService()
+      const gatewayConnection = getConnection(
+        gateway,
+        gatewayService
+      ).connection
+
+      // Step 3: Alice authorizes the gateway to serve content from the space
+      const delegationResult = await aliceClient.authorizeContentServe(spaceA, {
+        audience: gateway.did(),
+        connection: gatewayConnection,
       })
       assert.ok(delegationResult.ok)
       const { delegation } = delegationResult.ok
 
       // Step 4: Find the delegation for the default gateway
-      assert.equal(delegation.audience.did(), 'did:web:staging.w3s.link')
+      assert.equal(delegation.audience.did(), gateway.did())
       assert.ok(
         delegation.capabilities.some(
           (c) =>
diff --git a/packages/w3up-client/test/mocks/service.js b/packages/w3up-client/test/mocks/service.js
new file mode 100644
index 000000000..761e0666e
--- /dev/null
+++ b/packages/w3up-client/test/mocks/service.js
@@ -0,0 +1,43 @@
+import * as Client from '@ucanto/client'
+import * as Server from '@ucanto/server'
+import * as CAR from '@ucanto/transport/car'
+
+import * as AccessCaps from '@web3-storage/capabilities'
+
+/**
+ * Mocked Gateway/Content Serve service
+ */
+export function getMockService() {
+  return {
+    access: {
+      delegate: Server.provide(
+        AccessCaps.Access.delegate,
+        async ({ capability, invocation }) => {
+          return {
+            ok: {},
+          }
+        }
+      ),
+    },
+  }
+}
+
+/**
+ * @param {any} service
+ * @param {any} id
+ */
+export function getConnection(id, service) {
+  const server = Server.create({
+    id: id,
+    service,
+    codec: CAR.inbound,
+    validateAuthorization: () => ({ ok: {} }),
+  })
+  const connection = Client.connect({
+    id: id,
+    codec: CAR.outbound,
+    channel: server,
+  })
+
+  return { connection }
+}