Add optional createdAt property to last used identities (#3414)

* Add optional createdAt property to last used identities

* Add tests for util

* Update last used identities

* Format

* Remove unused imports

* Refactor to use nanosToMillis and add create_at field to endpoint

* Revert `updateLastUsedIdentity`

* Remove comment

* Avoid two calls

Author: Llorenç Muntaner

src/frontend/src/lib/flows/authFlow.svelte.ts

@@ -36,6 +36,7 @@ import {
   decodeJWT,
   extractIssuerTemplateClaims,
 } from "$lib/utils/openID";
+import { nanosToMillis } from "$lib/utils/time";
 
 interface AuthFlowOptions {
   trackLastUsed?: boolean;
@@ -111,6 +112,7 @@ export class AuthFlow {
         identityNumber,
         name: info.name[0],
         authMethod: { passkey: { credentialId } },
+        createdAtMillis: info.created_at.map(nanosToMillis)[0],
       });
     }
     return identityNumber;
@@ -211,6 +213,7 @@ export class AuthFlow {
           authMethod: {
             openid: { iss, sub, metadata: authnMethod?.metadata, loginHint },
           },
+          createdAtMillis: info.created_at.map(nanosToMillis)[0],
         });
       }
       return { identityNumber, type: "signIn" };
@@ -313,6 +316,7 @@ export class AuthFlow {
           identityNumber,
           name: passkeyIdentity.getName(),
           authMethod: { passkey: { credentialId } },
+          createdAtMillis: Date.now(),
         });
       }
       this.#captcha = undefined;
@@ -425,6 +429,7 @@ export class AuthFlow {
           identityNumber,
           name,
           authMethod: { openid: { iss, sub, loginHint, metadata } },
+          createdAtMillis: Date.now(),
         });
       }
       this.#captcha = undefined;

src/frontend/src/lib/flows/migrationFlow.svelte.ts

@@ -170,6 +170,8 @@ export class MigrationFlow {
           credentialId: new Uint8Array(credentialId),
         },
       },
+      // Legacy identities do not have the `created_at` property
+      createdAtMillis: undefined,
     });
   };
 

src/frontend/src/lib/flows/registerAccessMethodFlow.svelte.ts

@@ -11,6 +11,7 @@ import { DiscoverableDummyIdentity } from "$lib/utils/discoverableDummyIdentity"
 import { DiscoverablePasskeyIdentity } from "$lib/utils/discoverablePasskeyIdentity";
 import { inferPasskeyAlias, loadUAParser } from "$lib/legacy/flows/register";
 import { lastUsedIdentitiesStore } from "$lib/stores/last-used-identities.store";
+import { nanosToMillis } from "$lib/utils/time";
 
 const POLL_INTERVAL = 3000; // Should be frequent enough
 
@@ -20,6 +21,7 @@ export class RegisterAccessMethodFlow {
   >("continueFromExistingDevice");
   #confirmationCode = $state<string>();
   #identityName = $state<string>();
+  #createdAtMillis = $state<number>();
   #identityNumber = $state<bigint>();
   #existingDeviceLink = $state<URL>();
 
@@ -79,6 +81,7 @@ export class RegisterAccessMethodFlow {
       // Show confirm sign-in view if session has been confirmed
       if (nonNullish(info)) {
         this.#identityName = info.name[0] ?? identityNumber.toString(10);
+        this.#createdAtMillis = info.created_at.map(nanosToMillis)[0];
         this.#view = "confirmSignIn";
         return;
       }
@@ -134,6 +137,7 @@ export class RegisterAccessMethodFlow {
           credentialId: new Uint8Array(credentialId),
         },
       },
+      createdAtMillis: this.#createdAtMillis,
     });
     return this.#identityNumber;
   };

src/frontend/src/lib/generated/internet_identity_idl.js

@@ -192,7 +192,10 @@ export const idlFactory = ({ IDL }) => {
   const AuthnMethodSecuritySettingsReplaceError = IDL.Variant({
     'AuthnMethodNotFound' : IDL.Null,
   });
-  const AuthnMethodSessionInfo = IDL.Record({ 'name' : IDL.Opt(IDL.Text) });
+  const AuthnMethodSessionInfo = IDL.Record({
+    'name' : IDL.Opt(IDL.Text),
+    'created_at' : IDL.Opt(Timestamp),
+  });
   const CheckCaptchaArg = IDL.Record({ 'solution' : IDL.Text });
   const RegistrationFlowNextStep = IDL.Variant({
     'CheckCaptcha' : IDL.Record({ 'captcha_png_base64' : IDL.Text }),

src/frontend/src/lib/generated/internet_identity_types.d.ts

@@ -225,7 +225,10 @@ export type AuthnMethodSecuritySettingsReplaceError = {
      */
     'AuthnMethodNotFound' : null
   };
-export interface AuthnMethodSessionInfo { 'name' : [] | [string] }
+export interface AuthnMethodSessionInfo {
+  'name' : [] | [string],
+  'created_at' : [] | [Timestamp],
+}
 export interface BufferedArchiveEntry {
   'sequence_number' : bigint,
   'entry' : Uint8Array | number[],

src/frontend/src/lib/stores/last-used-identities.store.test.ts

@@ -47,10 +47,12 @@ describe("lastUsedIdentitiesStore", () => {
   });
 
   it("should add the first identity correctly", () => {
+    const createdAtMillis = 1690000000000;
     lastUsedIdentitiesStore.addLastUsedIdentity({
       identityNumber: identity1,
       name: name1,
       authMethod: { passkey: { credentialId: credId1 } },
+      createdAtMillis,
     });
 
     const expected: LastUsedIdentities = {
@@ -59,6 +61,7 @@ describe("lastUsedIdentitiesStore", () => {
         name: name1,
         authMethod: { passkey: { credentialId: credId1 } },
         lastUsedTimestampMillis: mockTimestamp1,
+        createdAtMillis,
       },
     };
     expect(get(lastUsedIdentitiesStore).identities).toEqual(expected);
@@ -176,17 +179,20 @@ describe("lastUsedIdentityStore (derived store)", () => {
   });
 
   it("should return the only identity when one is added", () => {
+    const createdAtMillis = 1690000000000;
     lastUsedIdentitiesStore.addLastUsedIdentity({
       identityNumber: identity1,
       name: name1,
       authMethod: { passkey: { credentialId: credId1 } },
+      createdAtMillis,
     });
 
     const expected: LastUsedIdentity = {
       identityNumber: identity1,
       name: name1,
       authMethod: { passkey: { credentialId: credId1 } },
       lastUsedTimestampMillis: mockTimestamp1,
+      createdAtMillis,
     };
     expect(get(lastUsedIdentityStore)).toEqual(expected);
   });

src/frontend/src/lib/stores/last-used-identities.store.ts

@@ -34,6 +34,7 @@ export type LastUsedIdentity = {
       };
   accounts?: LastUsedAccounts;
   lastUsedTimestampMillis: number;
+  createdAtMillis?: number;
 };
 export type LastUsedIdentities = {
   [identityNumber: string]: LastUsedIdentity;
@@ -43,7 +44,10 @@ type LastUsedIdentitiesStore = Readable<{
   selected?: LastUsedIdentity;
 }> & {
   addLastUsedIdentity: (
-    params: Pick<LastUsedIdentity, "identityNumber" | "name" | "authMethod">,
+    params: Pick<
+      LastUsedIdentity,
+      "identityNumber" | "name" | "authMethod" | "createdAtMillis"
+    >,
   ) => void;
   addLastUsedAccount: (
     params: Omit<LastUsedAccount, "lastUsedTimestampMillis">,

src/frontend/src/lib/utils/time.ts

@@ -28,3 +28,6 @@ export const formatLastUsage = (timestamp: Date): string => {
 
   return relativeTime;
 };
+
+export const nanosToMillis = (nanos: bigint): number =>
+  Number(nanos / BigInt(1_000_000));

src/internet_identity/internet_identity.did

@@ -516,6 +516,7 @@ type AuthnMethodConfirmationCode = record {
 
 type AuthnMethodSessionInfo = record {
     name : opt text;
+    created_at : opt Timestamp;
 };
 
 type RegistrationId = text;

src/internet_identity/src/main.rs

@@ -1022,8 +1022,12 @@ mod v2_api {
         // Return session info if caller matches confirmed session
         tentative_device_registration::get_confirmed_session(identity_number)
             .is_some_and(|confirmed_session| confirmed_session == caller())
-            .then_some(AuthnMethodSessionInfo {
-                name: state::anchor(identity_number).name(),
+            .then(|| {
+                let anchor = state::anchor(identity_number);
+                AuthnMethodSessionInfo {
+                    name: anchor.name(),
+                    created_at: anchor.created_at(),
+                }
             })
     }