Improvements

Author: lvca

server/src/main/java/com/arcadedb/server/ai/AiActivateHandler.java

@@ -0,0 +1,161 @@
+/*
+ * Copyright © 2021-present Arcade Data Ltd ([email protected])
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-FileCopyrightText: 2021-present Arcade Data Ltd ([email protected])
+ * SPDX-License-Identifier: Apache-2.0
+ */
+package com.arcadedb.server.ai;
+
+import com.arcadedb.Constants;
+import com.arcadedb.log.LogManager;
+import com.arcadedb.serializer.json.JSONObject;
+import com.arcadedb.server.http.HttpServer;
+import com.arcadedb.server.http.handler.AbstractServerHttpHandler;
+import com.arcadedb.server.http.handler.ExecutionResponse;
+import com.arcadedb.server.security.ServerSecurityUser;
+import io.undertow.server.HttpServerExchange;
+
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.security.MessageDigest;
+import java.time.Duration;
+import java.util.Enumeration;
+import java.util.logging.Level;
+
+/**
+ * POST /api/v1/ai/activate - Activates an AI subscription.
+ * Collects hardware fingerprint, validates the key against the gateway, and saves to config/ai.json.
+ */
+public class AiActivateHandler extends AbstractServerHttpHandler {
+  private final AiConfiguration config;
+  private final HttpClient      httpClient;
+
+  public AiActivateHandler(final HttpServer httpServer, final AiConfiguration config) {
+    super(httpServer);
+    this.config = config;
+    this.httpClient = HttpClient.newBuilder().connectTimeout(Duration.ofSeconds(10)).build();
+  }
+
+  @Override
+  protected boolean mustExecuteOnWorkerThread() {
+    return true;
+  }
+
+  @Override
+  protected ExecutionResponse execute(final HttpServerExchange exchange, final ServerSecurityUser user, final JSONObject payload) {
+    if (payload == null)
+      return new ExecutionResponse(400, errorJson("Request body is required"));
+
+    final String subscriptionKey = payload.getString("subscriptionKey", "");
+    if (subscriptionKey.isEmpty())
+      return new ExecutionResponse(400, errorJson("Subscription key is required"));
+
+    try {
+      final String serverVersion = Constants.getVersion();
+      final String hardwareId = getHardwareId();
+      final String clientIp = getClientIp(exchange);
+
+      // Validate the key against the gateway
+      final JSONObject activationRequest = new JSONObject();
+      activationRequest.put("subscriptionKey", subscriptionKey);
+      activationRequest.put("serverVersion", serverVersion);
+      activationRequest.put("hardwareId", hardwareId);
+
+      final HttpRequest request = HttpRequest.newBuilder()//
+          .uri(URI.create(config.getGatewayUrl() + "/api/activate"))//
+          .header("Content-Type", "application/json")//
+          .POST(HttpRequest.BodyPublishers.ofString(activationRequest.toString()))//
+          .timeout(Duration.ofSeconds(15))//
+          .build();
+
+      final HttpResponse<String> response = httpClient.send(request, HttpResponse.BodyHandlers.ofString());
+
+      if (response.statusCode() != 200) {
+        String errorMsg = "Activation failed";
+        try {
+          final JSONObject errBody = new JSONObject(response.body());
+          errorMsg = errBody.getString("error", errorMsg);
+        } catch (final Exception ignored) {
+        }
+        return new ExecutionResponse(response.statusCode(), errorJson(errorMsg));
+      }
+
+      // Activation successful - save to config/ai.json
+      config.activate(subscriptionKey, clientIp, hardwareId, serverVersion);
+
+      LogManager.instance().log(this, Level.INFO, "AI subscription activated (user=%s, ip=%s)", user.getName(), clientIp);
+
+      return new ExecutionResponse(200, new JSONObject().put("activated", true).toString());
+
+    } catch (final Exception e) {
+      LogManager.instance().log(this, Level.WARNING, "AI activation error: %s", e.getMessage());
+      return new ExecutionResponse(500, errorJson("Activation failed: " + e.getMessage()));
+    }
+  }
+
+  /**
+   * Generates a hardware fingerprint by hashing MAC addresses + hostname.
+   * This provides a stable identifier for the server without exposing raw MAC addresses.
+   */
+  static String getHardwareId() {
+    try {
+      final StringBuilder raw = new StringBuilder();
+
+      // Collect all non-loopback MAC addresses
+      final Enumeration<NetworkInterface> interfaces = NetworkInterface.getNetworkInterfaces();
+      while (interfaces.hasMoreElements()) {
+        final NetworkInterface ni = interfaces.nextElement();
+        if (ni.isLoopback() || ni.isVirtual())
+          continue;
+        final byte[] mac = ni.getHardwareAddress();
+        if (mac != null) {
+          for (final byte b : mac)
+            raw.append(String.format("%02x", b));
+          raw.append("|");
+        }
+      }
+
+      // Add hostname for extra uniqueness
+      raw.append(InetAddress.getLocalHost().getHostName());
+
+      // Hash it to produce a stable, non-reversible fingerprint
+      final MessageDigest digest = MessageDigest.getInstance("SHA-256");
+      final byte[] hash = digest.digest(raw.toString().getBytes());
+      final StringBuilder hex = new StringBuilder();
+      for (int i = 0; i < 16; i++) // Use first 16 bytes (128 bits) for a shorter ID
+        hex.append(String.format("%02x", hash[i]));
+      return hex.toString();
+    } catch (final Exception e) {
+      LogManager.instance().log(AiActivateHandler.class, Level.FINE, "Could not generate hardware ID: %s", e.getMessage());
+      return "unknown";
+    }
+  }
+
+  private static String getClientIp(final HttpServerExchange exchange) {
+    // Check for X-Forwarded-For (reverse proxy)
+    final String forwarded = exchange.getRequestHeaders().getFirst("X-Forwarded-For");
+    if (forwarded != null && !forwarded.isEmpty())
+      return forwarded.split(",")[0].trim();
+    return exchange.getSourceAddress().getAddress().getHostAddress();
+  }
+
+  private static String errorJson(final String message) {
+    return new JSONObject().put("error", message).toString();
+  }
+}

server/src/main/java/com/arcadedb/server/ai/AiChatHandler.java

@@ -18,6 +18,7 @@
  */
 package com.arcadedb.server.ai;
 
+import com.arcadedb.Constants;
 import com.arcadedb.log.LogManager;
 import com.arcadedb.serializer.json.JSONArray;
 import com.arcadedb.serializer.json.JSONObject;
@@ -31,10 +32,14 @@
 import com.arcadedb.server.security.ServerSecurityUser;
 import io.undertow.server.HttpServerExchange;
 
+import java.io.IOException;
+import java.net.ConnectException;
 import java.net.URI;
 import java.net.http.HttpClient;
+import java.net.http.HttpConnectTimeoutException;
 import java.net.http.HttpRequest;
 import java.net.http.HttpResponse;
+import java.net.http.HttpTimeoutException;
 import java.time.Duration;
 import java.util.logging.Level;
 
@@ -125,6 +130,8 @@ protected ExecutionResponse execute(final HttpServerExchange exchange, final Ser
       gatewayRequest.put("message", message);
       gatewayRequest.put("history", history);
       gatewayRequest.put("database", database);
+      gatewayRequest.put("hardwareId", AiActivateHandler.getHardwareId());
+      gatewayRequest.put("serverVersion", Constants.getVersion());
 
       final JSONObject gatewayResponse = callGateway(gatewayRequest);
 
@@ -156,9 +163,27 @@ protected ExecutionResponse execute(final HttpServerExchange exchange, final Ser
 
     } catch (final SecurityException e) {
       throw e; // Let AbstractServerHttpHandler handle security exceptions
+    } catch (final AiTokenException e) {
+      return new ExecutionResponse(e.getHttpStatus(), e.getJsonResponse());
+    } catch (final ConnectException | HttpConnectTimeoutException e) {
+      LogManager.instance().log(this, Level.WARNING, "AI gateway unreachable: %s", e.getMessage());
+      return new ExecutionResponse(503, new JSONObject()//
+          .put("error", "AI service is temporarily unreachable. Please try again later.")//
+          .put("code", "gateway_unreachable").toString());
+    } catch (final HttpTimeoutException e) {
+      LogManager.instance().log(this, Level.WARNING, "AI gateway timeout: %s", e.getMessage());
+      return new ExecutionResponse(504, new JSONObject()//
+          .put("error", "AI service took too long to respond. Please try again later.")//
+          .put("code", "gateway_timeout").toString());
+    } catch (final IOException e) {
+      LogManager.instance().log(this, Level.WARNING, "AI gateway I/O error: %s", e.getMessage());
+      return new ExecutionResponse(503, new JSONObject()//
+          .put("error", "AI service is temporarily unavailable. Please try again later.")//
+          .put("code", "gateway_unreachable").toString());
     } catch (final Exception e) {
       LogManager.instance().log(this, Level.WARNING, "Error processing AI chat request: %s", e.getMessage());
-      return new ExecutionResponse(500, new JSONObject().put("error", "Failed to process AI request: " + e.getMessage()).toString());
+      return new ExecutionResponse(500, new JSONObject()//
+          .put("error", "An unexpected error occurred. Please try again later.").toString());
     }
   }
 
@@ -173,8 +198,16 @@ private JSONObject callGateway(final JSONObject requestBody) throws Exception {
 
     final HttpResponse<String> response = httpClient.send(request, HttpResponse.BodyHandlers.ofString());
 
-    if (response.statusCode() == 401 || response.statusCode() == 403)
-      throw new SecurityException("Invalid or expired subscription token");
+    if (response.statusCode() == 401 || response.statusCode() == 403) {
+      // Parse the gateway error to get the specific code (token_invalid, token_expired, etc.)
+      final JSONObject errBody = new JSONObject(response.body());
+      final String code = errBody.getString("code", "token_invalid");
+      final String errorMsg = errBody.getString("error", "Invalid or expired subscription token");
+      final JSONObject errorResponse = new JSONObject();
+      errorResponse.put("error", errorMsg);
+      errorResponse.put("code", code);
+      throw new AiTokenException(response.statusCode(), errorResponse.toString());
+    }
 
     if (response.statusCode() != 200)
       throw new RuntimeException("Gateway returned status " + response.statusCode() + ": " + response.body());

server/src/main/java/com/arcadedb/server/ai/AiChatsHandler.java

@@ -33,6 +33,7 @@
  * Handles chat CRUD operations:
  * - GET /api/v1/ai/chats - list all chats for the current user
  * - GET /api/v1/ai/chats/{id} - get a specific chat
+ * - PUT /api/v1/ai/chats/{id} - update chat messages (e.g., after deleting a message)
  * - DELETE /api/v1/ai/chats/{id} - delete a specific chat
  */
 public class AiChatsHandler extends AbstractServerHttpHandler {
@@ -56,6 +57,11 @@ protected ExecutionResponse execute(final HttpServerExchange exchange, final Ser
         return getChat(username, chatId);
       else
         return listChats(username);
+    } else if ("PUT".equals(method)) {
+      if (chatId != null)
+        return updateChat(username, chatId, payload);
+      else
+        return new ExecutionResponse(400, errorJson("Chat ID is required for PUT"));
     } else if ("DELETE".equals(method)) {
       if (chatId != null)
         return deleteChat(username, chatId);
@@ -80,6 +86,24 @@ private ExecutionResponse getChat(final String username, final String chatId) {
     return new ExecutionResponse(200, chat.toString());
   }
 
+  private ExecutionResponse updateChat(final String username, final String chatId, final JSONObject payload) {
+    if (payload == null)
+      return new ExecutionResponse(400, errorJson("Request body is required"));
+
+    final JSONObject chat = chatStorage.getChat(username, chatId);
+    if (chat == null)
+      return new ExecutionResponse(404, errorJson("Chat not found"));
+
+    final JSONArray messages = payload.getJSONArray("messages", null);
+    if (messages != null) {
+      chat.put("messages", messages);
+      chat.put("updated", java.time.Instant.now().toString());
+      chatStorage.saveChat(username, chat);
+    }
+
+    return new ExecutionResponse(200, chat.toString());
+  }
+
   private ExecutionResponse deleteChat(final String username, final String chatId) {
     final boolean deleted = chatStorage.deleteChat(username, chatId);
     if (!deleted)

server/src/main/java/com/arcadedb/server/ai/AiConfiguration.java

@@ -22,6 +22,8 @@
 import com.arcadedb.serializer.json.JSONObject;
 
 import java.io.File;
+import java.io.FileOutputStream;
+import java.io.OutputStreamWriter;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Paths;
@@ -37,6 +39,10 @@ public class AiConfiguration {
 
   private volatile String subscriptionToken = "";
   private volatile String gatewayUrl        = DEFAULT_GATEWAY_URL;
+  private volatile String activatedAt       = "";
+  private volatile String activationIp      = "";
+  private volatile String hardwareId        = "";
+  private volatile String serverVersion     = "";
 
   public AiConfiguration(final String rootPath) {
     this.rootPath = rootPath;
@@ -53,11 +59,36 @@ public synchronized void load() {
 
       subscriptionToken = json.getString("subscriptionToken", "");
       gatewayUrl = json.getString("gatewayUrl", DEFAULT_GATEWAY_URL);
+      activatedAt = json.getString("activatedAt", "");
+      activationIp = json.getString("activationIp", "");
+      hardwareId = json.getString("hardwareId", "");
+      serverVersion = json.getString("serverVersion", "");
     } catch (final Exception e) {
       LogManager.instance().log(this, Level.WARNING, "Error loading AI configuration: %s", e.getMessage());
     }
   }
 
+  public synchronized void save() {
+    final File configDir = Paths.get(rootPath, "config").toFile();
+    if (!configDir.exists())
+      configDir.mkdirs();
+
+    try (final OutputStreamWriter writer = new OutputStreamWriter(new FileOutputStream(getConfigFile()), StandardCharsets.UTF_8)) {
+      writer.write(toFullJSON().toString(2));
+    } catch (final Exception e) {
+      LogManager.instance().log(this, Level.WARNING, "Error saving AI configuration: %s", e.getMessage());
+    }
+  }
+
+  public synchronized void activate(final String token, final String ip, final String hwId, final String version) {
+    this.subscriptionToken = token;
+    this.activatedAt = java.time.Instant.now().toString();
+    this.activationIp = ip;
+    this.hardwareId = hwId;
+    this.serverVersion = version;
+    save();
+  }
+
   public boolean isConfigured() {
     return subscriptionToken != null && !subscriptionToken.isEmpty();
   }
@@ -70,13 +101,30 @@ public String getGatewayUrl() {
     return gatewayUrl;
   }
 
+  /**
+   * Returns public config (no token exposed to the browser).
+   */
   public synchronized JSONObject toJSON() {
     final JSONObject json = new JSONObject();
     json.put("configured", isConfigured());
     json.put("gatewayUrl", gatewayUrl);
     return json;
   }
 
+  /**
+   * Returns full config for persistence.
+   */
+  private JSONObject toFullJSON() {
+    final JSONObject json = new JSONObject();
+    json.put("subscriptionToken", subscriptionToken);
+    json.put("gatewayUrl", gatewayUrl);
+    json.put("activatedAt", activatedAt);
+    json.put("activationIp", activationIp);
+    json.put("hardwareId", hardwareId);
+    json.put("serverVersion", serverVersion);
+    return json;
+  }
+
   private File getConfigFile() {
     return Paths.get(rootPath, "config", "ai.json").toFile();
   }