🎨 use long term keypairs in invitation token creation (#184)

* 🎨 fix: use longTerm keypairs in invitation token creation

* 🎨 feat: handle long term key rotation properly

* 🧪 chore: handle unique constraint key failing tests

Author: rezk2ll

packages/matrix-identity-server/src/db/index.ts

@@ -686,7 +686,7 @@ class IdentityServerDb<T extends string = never>
     return new Promise((resolve, reject) => {
       const _type = type === 'current' ? 'currentKey' : 'previousKey'
       this.db
-        .getAll('shortTermKeypairs', ['keyID', 'public', 'private'])
+        .getAll('longTermKeypairs', ['keyID', 'public', 'private'])
         .then((rows) => {
           if (rows.length === 0) {
             reject(new Error(`No ${_type} found`))
@@ -708,7 +708,7 @@ class IdentityServerDb<T extends string = never>
    * @param {'longTerm' | 'shortTerm'} type
    * @param {'ed25519' | 'curve25519'} algorithm
    */
-  createKeypair(
+  async createKeypair(
     type: 'longTerm' | 'shortTerm',
     algorithm: 'ed25519' | 'curve25519'
   ): Promise<keyPair> {
@@ -719,6 +719,34 @@ class IdentityServerDb<T extends string = never>
 
     const keyPair = generateKeyPair(algorithm)
 
+    try {
+      if (type === 'longTerm') {
+        const currentKey = await this.db.get('longTermKeypairs', ['name'], {
+          name: 'currentKey'
+        })
+
+        if (currentKey.length > 0) {
+          const previousKey = await this.db.get('longTermKeypairs', ['name'], {
+            name: 'previousKey'
+          })
+
+          if (previousKey.length > 0) {
+            await this.db.deleteEqual('longTermKeypairs', 'name', 'previousKey')
+          }
+
+          await this.db.update(
+            'longTermKeypairs',
+            { name: 'previousKey' },
+            'name',
+            'currentKey'
+          )
+        }
+      }
+    } catch (error) {
+      console.error({ error })
+      this.logger.error(`Failed to update ${type} Key Pair`, error)
+    }
+
     return new Promise((resolve) => {
       this.db
         .insert(
@@ -734,6 +762,7 @@ class IdentityServerDb<T extends string = never>
           resolve(keyPair)
         })
         .catch((err) => {
+          console.error({ err })
           /* istanbul ignore next */
           this.logger.error(`Failed to insert ${type} Key Pair`, err)
         })

packages/matrix-identity-server/src/index.test.ts

@@ -1451,12 +1451,21 @@ describe('Use configuration file', () => {
       beforeAll(async () => {
         keyPair = generateKeyPair('ed25519')
         longKeyPair = generateKeyPair('ed25519')
-        await idServer.db.insert('longTermKeypairs', {
-          name: 'currentKey',
-          keyID: longKeyPair.keyId,
-          public: longKeyPair.publicKey,
-          private: longKeyPair.privateKey
-        })
+        try {
+          await idServer.db.deleteEqual(
+            'longTermKeypairs',
+            'name',
+            'currentKey'
+          )
+          await idServer.db.insert('longTermKeypairs', {
+            name: 'currentKey',
+            keyID: longKeyPair.keyId,
+            public: longKeyPair.publicKey,
+            private: longKeyPair.privateKey
+          })
+        } catch (error) {
+          console.log({ error })
+        }
       })
 
       beforeEach(async () => {

packages/matrix-identity-server/src/invitation/index.ts

@@ -269,7 +269,7 @@ const StoreInvit = <T extends string = never>(
               } else if (response.status === 200 && !foundMappings) {
                 // Create invitation token
                 const ephemeralKey = await idServer.db.createKeypair(
-                  'shortTerm',
+                  'longTerm',
                   'curve25519'
                 )
                 const objWithKey = {