silkey-sdk 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 151c068dbbeccc6d242140bbf755dbc2d7ac783de3c0fa9f8bed08828c875011
-  data.tar.gz: '09c21b562b50c1a66c9d72d2fd0042e6a30549941017e1e7fff4e4644bbdcfef'
+  metadata.gz: ac39da25efe706b56abfda8f580295dc0d0c7734ce83ccc13130b85cce5a1e22
+  data.tar.gz: 86744220f6d4e5ee274c1c451cc5be9591a60f240a5a2fc871d5fc3794d71988
 SHA512:
-  metadata.gz: f7505da37a916d4e26d7ebd896a432ff901ae3ee805707e924e34a832643d52fe6ddb7a52f3a0676d7170976a6cdfeb469327b8c99fd8292136313324cbfba08
-  data.tar.gz: 1f346357fc4623f9cfb54c93cbd68e000a2a4597374a3f5c39f037907da4aa1d4003611e09a6b52386816a27d481bd200b644472416e6db9adb48fcc96e01c92
+  metadata.gz: b634f6d573b002484a32a02059b730b5cd9184d93de5aaa67d9df981d833269845df561394444d239ea327ac653e68d2ffda4fa36a05e680b73e34d67384a065
+  data.tar.gz: 4024009b029a6d8aa45b7beb9d79a2d61c677d761d94ba79234539dc1aac9fe43e729735bd2df58b86cdfdcb8085c2fbbf70018624fbbb5504d9c85132c0ed22

data/.gitignore

@@ -7,6 +7,7 @@
 /tmp/
 .idea/
 pkg/
+doc/
 
 *.gem
 # rspec failure tracking

data/.rubocop.yml

@@ -32,7 +32,7 @@ Metrics/BlockLength:
   ExcludedMethods: ['describe', 'context', 'let']
 
 Layout/LineLength:
-  Max: 100
+  Max: 120
 
 Metrics/ClassLength:
   Max: 150

data/.yardopts

@@ -0,0 +1,14 @@
+--no-private
+--title "Silkey SDK for Ruby"
+--exclude Gemfile
+--exclude Gemfile.lock
+--exclude registry_contract_abi.json
+--exclude setup
+--exclude Rakefile
+--exclude DEVELOPMENT.md
+--exclude lib/silkey/factories/*
+--exclude lib/silkey/registry_contract/*
+--exclude lib/silkey/services/*
+--exclude lib/silkey/contract.rb
+--exclude lib/silkey/utils.rb
+--exclude lib/silkey/version.rb

data/CHANGELOG.md

@@ -4,6 +4,51 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [0.1.0] - 2021-01-03
+### Added
+- additional verification for token:
+    - verify token age
+    - verify sso params
+    - website signature
+- support for migration
+- settings model for jwt and sso params
+
+### Changed
+- all SSO params have prefix `sso`
+
+### Removed
+- `refId` is not longer part of token
+
+## [0.0.5] - 2020-12-15
+### Changed
+- add `0x` to signature to be compatible with JS and not throw `signature missing v and recoveryParam` error
+
+## [0.0.4] - 2020-11-26
+### Added
+- `generate_sso_request_params` throws on empty PK
+
+### Changed
+- join operator for `message_to_sign` is now `&`
+- `message_to_sign` ignores data that are not set
+
+### Fixed
+- ensure testing `throws` is working correctly
+- rubocop offences
+
+## [0.0.3] - 2020-11-25
+### Added
+- Logo and badges to README
+
+## [0.0.2] 2020-11-23
+### Added
+- add support for `redirectMethod`
+
+### Changed
+- `generate_sso_request_params` raises error when missing required params
+
+### Removed
+- html doc files from repo
+
+## [0.0.1] 2020-11-20
 ### Added:
 - initial version

data/DEVELOPMENT.md

@@ -1,9 +1,5 @@
 # Silkey-SDK for Ruby
 
-[logo]
-
-[slogan]
-
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies.  
@@ -13,7 +9,7 @@ You can also run `bin/console` for an interactive prompt that will allow you to
 
 ```
 rm -rf doc/
-bundle exec rdoc --main README.rdoc -x Gemfile -x Gemfile.lock -x registry_contract_abi.json -x setup -x Rakefile -x DEVELOPMENT.md
+bundle exec yardoc 
 
 bundle exec gem build
 
@@ -51,6 +47,7 @@ Silkey::RegistryContract.get_address('Name')
 ```bash
 bundle exec rspec
 bundle exec rubocop --fix
+bundle exec rubocop --auto-correct-all
 ```
 
 #### Init setup environment

data/Gemfile

@@ -1,13 +1,5 @@
 source 'https://rubygems.org'
 
-# git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in andromeda.gemspec
-
-#source 'https://hwGZD769AGZu5Wyzp87F@repo.fury.io/silkey/' do
-#  gem 'ethereum.rb', '~> 2.2.3'
-#end
-
 gemspec
 
-gem "rspec"
+gem "rspec"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    silkey-sdk (0.0.1)
+    silkey-sdk (0.1.0)
       activesupport (~> 6.0)
       eth (~> 0.4.12)
       ethereum.rb (~> 2.5)
@@ -108,6 +108,7 @@ GEM
       descendants_tracker (~> 0.0, >= 0.0.3)
       equalizer (~> 0.0, >= 0.0.9)
     virtus_convert (0.1.0)
+    yard (0.9.25)
     zeitwerk (2.4.1)
 
 PLATFORMS
@@ -123,6 +124,7 @@ DEPENDENCIES
   rubocop (~> 1.3)
   rubocop-performance (~> 1.8)
   silkey-sdk!
+  yard (~> 0.9.25)
 
 BUNDLED WITH
    2.1.4

data/README.md

@@ -1,9 +1,9 @@
-# Silkey-SDK for Ruby
+# Silkey SDK for Ruby
 
-[logo]
-
-[slogan]
+![Silkey Logo](https://raw.githubusercontent.com/Silkey-Team/brand/master/silkey-word-black.png)
 
+[![GitHub version](https://badge.fury.io/gh/Silkey-Team%2Fsilkey-sdk.svg)](https://badge.fury.io/gh/Silkey-Team%2Fsilkey-sdk)
+[![Gem Version](https://badge.fury.io/rb/silkey-sdk.svg)](https://badge.fury.io/rb/silkey-sdk)
 
 ## Integration
 
@@ -11,36 +11,59 @@
 
 ```rb
 Silkey::Configuration.setup do |config|
-  config.client_url =  'http://localhost:8545'              # for local development
-  config.client_url =  'https://kovan.infura.io/v3/:id'     # for real
-  config.registry_contract_address =  '--silky-registry-contrract-address--'
+  # for local development, use local provider url eg 'http://localhost:8545'
+  # for testing, we recommend using infura.io:
+  # - for sandbox: https://rinkeby.infura.io/v3/:id 
+  # - for production: https://mainnet.infura.io/v3/:id 
+  config.client_url =  'http://localhost:8545'
+  config.registry_contract_address =  '--silky-registry-contract-address--'
   config.enable_logs = false
 end
 ```
 
-[List of Silkey contract address.](https://github.com/Silkey-Team/silkey-sdk#silkey-sdk) 
+[List of Silkey smart contract addresses.](https://github.com/Silkey-Team/silkey-sdk#smart-contracts) 
 
 ### Sign In with Silkey
 
 #### Making request
 
-[List of request parameters.](https://github.com/Silkey-Team/silkey-sdk#silkey-sdk) 
+| Parameter         | Required  | Type     | Desc 
+| ----------------- |:---------:| -------- | ----- 
+| ssoSignature      | yes       | string   | Domain owner signature
+| ssoTimestamp      | yes       | number   | Time of signing SSO request
+| ssoRedirectUrl    | yes       | string   | Where to redirect user with token after sign in
+| ssoCancelUrl      | yes       | string   | Where to redirect user on error
+| ssoRedirectMethod | no        | GET/POST | How to redirect user after sign in, default is POST
+| ssoRefId          | no        | string   | Any value, you may use it to identify request
+| ssoScope          | no        | string   | Scope of data to return in a token payload: `id` (default) returns only user address, `email` returns address + email
 
 
 ```rb
-- Silkey::SDK.message_to_sign({params})
-- Silkey::SDK.generate_sso_request_params(private_key, hash)
+params = { ssoRedirectUrl: 'https://your-website', ssoRefId: '12ab' }
+sso_params = Silkey::SDK.generate_sso_request_params(private_key, params)
 ```
 
 #### On request callback page
 
-`token` - get if from request params (it can be send either via POST or GET) 
+Callback will be done via POST (default) or GET, based on `ssoRedirectMethod`.
+
+Callback params contains:
+- sso parameters that were used to make SSO call
+- `token`.
+
+`token` - get if from request params
+
+`ssoRequestParams` - get if from request params (it can be send via POST or GET, based on `ssoRedirectMethod`)
 
 ```rb
-silkey_public_key = Silkey::SDK.fetch_silkey_public_key
-Silkey::SDK.token_payload_verifier(token, silkey_public_key)
+silkey_eth_address = Silkey::SDK.fetch_silkey_eth_address
+Silkey::SDK.token_payload_verifier(token, silkey_eth_address)
 ```
 
+## Recommendations and Migration
+
+See [recommendation and migration](https://github.com/Silkey-Team/silkey-sdk#recommendations) sections on main SDK package.
+
 ## License
 
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/lib/silkey-sdk.rb

@@ -1,14 +1,10 @@
 require 'eth'
 require 'ethereum.rb'
-# require 'json'
 require 'jwt'
 require 'logger'
 require 'pry'
-#require 'active_support'
-#require 'active_support/core_ext/module'
 require 'virtus_convert'
 require 'virtus'
-# require 'retriable'
 require 'silkey'
 
 require_relative 'silkey/contract'
@@ -16,7 +12,10 @@ require_relative 'silkey/configuration'
 require_relative 'silkey/factories/client_factory'
 require_relative 'silkey/factories/contract_factory'
 require_relative 'silkey/models/jwt_payload'
+require_relative 'silkey/models/settings'
+require_relative 'silkey/models/sso_params'
 require_relative 'silkey/services/logger_service'
+require_relative 'silkey/services/verifier'
 require_relative 'silkey/sdk'
 require_relative 'silkey/utils'
 

data/lib/silkey/models/jwt_payload.rb

@@ -2,28 +2,36 @@
 
 module Silkey
   module Models
+    ##
+    # Generates message to sign based on plain object data (keys => values)
+    #
+    # @param email [string] verified email of the user
+    #   IMPORTANT: if email in user profile is different, you should always update it with this one.
+    #
+    # @param scope [string]
+    # @param address [string] ID of the user, this is also valid ethereum address, use this to identify user
+    # @param userSignature [string] proof that request came from the user
+    # @param userSignatureTimestamp [number] time when signature was crated
+    # @param silkeySignature [string] proof that Silkey verified the email
+    # @param silkeySignatureTimestamp [number] time when signature was crated
+    # @param migration [boolean] true if user started migration to Silkey
+    #
     class JwtPayload
       include Virtus.model
 
-      SCOPE_DIVIDER = ','
-
       # rubocop:disable Style/HashSyntax
-      attribute :address, String, :writer => :private
       attribute :email, String, :writer => :private
+      attribute :_scope, {}, :writer => :private, :reader => :private
+      attribute :address, String, :writer => :private
       attribute :silkey_signature, String, :writer => :private
-      attribute :silkey_signature_timestamp, Integer
+      attribute :silkey_signature_timestamp, Integer, :default => 0
       attribute :user_signature, String, :writer => :private
-      attribute :user_signature_timestamp, Integer
-      attribute :ref_id, String, :writer => :private
-      attribute :_scope, {}, :writer => :private, :reader => :private
+      attribute :user_signature_timestamp, Integer, :default => 0
+      attribute :migration, Boolean, :writer => :private, :default => false
       # rubocop:enable Style/HashSyntax
 
       def scope
-        _scope.keys.sort.join(SCOPE_DIVIDER)
-      end
-
-      def scope_divider
-        SCOPE_DIVIDER
+        _scope.keys.sort.join(Silkey::Settings.SCOPE_DIVIDER)
       end
 
       # rubocop:disable Naming/AccessorMethodName
@@ -46,8 +54,8 @@ module Silkey
         self
       end
 
-      def set_ref_id(ref_id)
-        self.ref_id = ref_id
+      def set_migrations(migrating)
+        self.migration = migrating
         self
       end
 
@@ -68,31 +76,24 @@ module Silkey
         self.silkey_signature_timestamp = timestamp
         self
       end
-
       # rubocop:enable Naming/AccessorMethodName
 
+      # rubocop:disable Metrics/AbcSize
+      #
       ##
       #  Creates message that's need to be sign by user
       def message_to_sign_by_user
-        if !Silkey::Utils.empty?(address) && Silkey::Utils.empty?(user_signature_timestamp)
-          self.user_signature_timestamp = Silkey::Utils.current_timestamp
-        end
-
-        str1_hex = 'address'.unpack('H*')[0]
-        adr_hex = Silkey::Utils.remove0x(address).downcase
-
-        str2_hex = [
-          'refId', ref_id.to_s,
-          'scope', scope,
-          'userSignatureTimestamp'
-        ].map { |str| str.to_s.unpack('H*') }.join('')
-
-        str_hex = "#{str1_hex}#{adr_hex}#{str2_hex}"
-
-        return str_hex if Silkey::Utils.empty?(user_signature_timestamp)
-
-        "#{str_hex}#{Silkey::Utils.int_to_hex(user_signature_timestamp.to_s)}"
+        data = {
+          address: Silkey::Utils.strings_to_hex(['address']) + Silkey::Utils.remove0x(address).downcase,
+          migration: Silkey::Utils.strings_to_hex(['migration']) + (migration ? '01' : '00'),
+          scope: Silkey::Utils.strings_to_hex(['scope', scope]),
+          userSignatureTimestamp: Silkey::Utils.strings_to_hex(['userSignatureTimestamp']) +
+                                  Silkey::Utils.int_to_hex(user_signature_timestamp)
+        }
+
+        data.keys.sort.map { |k| data[k] }.join('')
       end
+      # rubocop:enable Metrics/AbcSize
 
       def message_to_sign_by_silkey
         return '' if Silkey::Utils.empty?(email)
@@ -101,36 +102,31 @@ module Silkey
           self.silkey_signature_timestamp = Silkey::Utils.current_timestamp
         end
 
-        str_hex = [
-          'email', email,
-          'silkeySignatureTimestamp'
-        ].map { |str| str.to_s.unpack('H*') }.join('')
-
-        "#{str_hex}#{Silkey::Utils.int_to_hex(silkey_signature_timestamp.to_s)}"
+        "#{email.to_s.unpack('H*')[0]}#{Silkey::Utils.int_to_hex(silkey_signature_timestamp)}"
       end
 
       def validate
         raise "address is invalid: #{address}" unless Silkey::Utils.ethereum_address?(address)
 
-        unless Silkey::Utils.signature?(user_signature)
-          raise "user_signature is invalid: #{user_signature}"
-        end
+        raise "user_signature is invalid: #{user_signature}" unless Silkey::Utils.signature?(user_signature)
 
-        raise 'user_signature_timestamp is empty' if Silkey::Utils.empty?(user_signature_timestamp)
+        raise 'user_signature_timestamp is invalid' unless Silkey::Utils.timestamp?(user_signature_timestamp)
 
         return self if Silkey::Utils.empty?(scope) || scope == 'id'
 
         validate_scope_email
       end
 
-      def import(hash)
-        hash.each do |k, v|
+      def import(data = {})
+        return data if data.is_a?(Silkey::Models::JwtPayload)
+
+        data.each do |k, v|
           var = k.to_s.underscore
 
-          if k == 'scope'
+          if var == 'scope'
             set_scope(v)
           else
-            self.instance_variable_set("@#{var}", v)
+            instance_variable_set("@#{var}", v)
           end
         end
 
@@ -139,16 +135,24 @@ module Silkey
 
       private
 
+      def pack_payload_to_hex
+        str1_hex = 'address'.unpack('H*')[0]
+        adr_hex = Silkey::Utils.remove0x(address).downcase
+
+        str2_hex = [
+          'scope', scope,
+          'userSignatureTimestamp'
+        ].map { |str| str.to_s.unpack('H*') }.join('')
+
+        "#{str1_hex}#{adr_hex}#{str2_hex}"
+      end
+
       def validate_scope_email
         raise 'email is empty' if Silkey::Utils.empty?(email)
 
-        unless Silkey::Utils.signature?(silkey_signature)
-          raise "silkey_signature is invalid: #{silkey_signature}"
-        end
+        raise "silkey_signature is invalid: #{silkey_signature}" unless Silkey::Utils.signature?(silkey_signature)
 
-        if Silkey::Utils.empty?(silkey_signature_timestamp)
-          raise 'silkey_signature_timestamp is empty'
-        end
+        raise 'silkey_signature_timestamp is invalid' unless Silkey::Utils.timestamp?(silkey_signature_timestamp)
 
         self
       end