RubyGems - siwe - Versions diffs - 0.1.4 → 1.1.0 - Mend

siwe 0.1.4 → 1.1.0

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e8191a3015440c3051896d22edba61a3b9f79d87930ec852e294e020afd29d2
-  data.tar.gz: 5a015d2ed004f3e60b84218167bc9759228de7e0cae49c28eac076c6e2e397bd
+  metadata.gz: 9ce4aaa56993884786c2eb990729406a1ae4e0cb99d43f5dbcc6b3e0c8e0af67
+  data.tar.gz: 4dbcb76592a3c0bd4eed2e53e3a739fe9461f185772fdb70fa06dfcd43f7adec
 SHA512:
-  metadata.gz: 228890a1cd243da5dec618b5a933b911058775fec4a9a0e90266c8a39ec7f80904a11487a810d6aae54badffcde6a09567ec5487f131fb0b3480348d427ece48
-  data.tar.gz: d880c083a7c09042c5b8d1b1a9b9faec683475666f4fe749c78bd25b7d3c2891c0c577eb815b166178461cd6aad0f32f4ad8cc60e2a048649ac3125e8fa5f6cc
+  metadata.gz: fb5e213eb8d8f50f6cf9a4c00be528bd0a5a9afdc806f95d2714534f629f3ea538bc79655330fc313b01ff85f7ac93550f2447c84baa1f5996eaf6617543630c
+  data.tar.gz: ddf5168c793f6342f9f2e49ac8112dca937832fd7e6a42fb8362250cb6c8798ddb26bf444514064f25fa29ea09ad06d1827cdfc5a1ba696667448d04eb05eee6

data/.rubocop.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 2.5
   NewCops: enable
   SuggestExtensions: false
@@ -33,4 +33,4 @@ Style/OptionalBooleanParameter:
   Enabled: false
 Layout/LineLength:
-  Max: 120
+  Max: 120

data/Gemfile.lock CHANGED Viewed

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    siwe (0.1.3)
-      eth (~> 0.4.17)
+    siwe (1.0.0)
+      eth (~> 0.5.1)
 GEM
   remote: https://rubygems.org/
@@ -10,67 +10,75 @@ GEM
     ast (2.4.2)
     backport (1.2.0)
     benchmark (0.2.0)
-    diff-lcs (1.4.4)
+    diff-lcs (1.5.0)
     e2mmap (0.1.0)
-    eth (0.4.17)
-      ffi (~> 1.15)
+    eth (0.5.1)
       keccak (~> 1.3)
-      money-tree (~> 0.10)
-      rlp (~> 0.7)
+      konstructor (~> 1.0)
+      openssl (~> 2.2)
+      rbsecp256k1 (~> 5.1)
       scrypt (~> 3.0)
-    ffi (1.15.4)
+    ffi (1.15.5)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
+    ipaddr (1.2.3)
     jaro_winkler (1.5.4)
     keccak (1.3.0)
+    konstructor (1.0.2)
     kramdown (2.3.1)
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
-    money-tree (0.10.0)
-      ffi
-    nokogiri (1.12.5-x86_64-linux)
+    mini_portile2 (2.7.1)
+    nokogiri (1.13.1-x86_64-linux)
       racc (~> 1.4)
+    openssl (2.2.1)
+      ipaddr
     parallel (1.21.0)
-    parser (3.0.3.1)
+    parser (3.1.0.0)
       ast (~> 2.4.1)
+    pkg-config (1.4.7)
     racc (1.6.0)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (13.0.6)
-    regexp_parser (2.1.1)
+    rbsecp256k1 (5.1.0)
+      mini_portile2 (~> 2.7)
+      pkg-config (~> 1.4)
+      rubyzip (~> 2.3)
+    regexp_parser (2.2.0)
     reverse_markdown (2.1.1)
       nokogiri
     rexml (3.2.5)
-    rlp (0.7.3)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
       rspec-mocks (~> 3.10.0)
     rspec-core (3.10.1)
       rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rspec-expectations (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-mocks (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.3)
-    rubocop (1.23.0)
+    rubocop (1.25.0)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 1.12.0, < 2.0)
+      rubocop-ast (>= 1.15.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.13.0)
+    rubocop-ast (1.15.1)
       parser (>= 3.0.1.1)
     ruby-progressbar (1.11.0)
+    rubyzip (2.3.2)
     scrypt (3.0.7)
       ffi-compiler (>= 1.0, < 2.0)
-    solargraph (0.44.2)
+    solargraph (0.44.3)
       backport (~> 1.2)
       benchmark
       bundler (>= 1.17.2)
@@ -85,7 +93,7 @@ GEM
       thor (~> 1.0)
       tilt (~> 2.0)
       yard (~> 0.9, >= 0.9.24)
-    thor (1.1.0)
+    thor (1.2.1)
     tilt (2.0.10)
     unicode-display_width (2.1.0)
     webrick (1.7.0)

data/README.md CHANGED Viewed

@@ -1,2 +1,107 @@
 # siwe-ruby
-A ruby implementation of Sign-In with Ethereum
+A Ruby implementation of EIP-4361: Sign In With Ethereum.
+## Getting started
+### Dependencies
+Additional packages may be required to install the gem:
+### macOS
+```bash
+brew install automake openssl libtool pkg-config gmp libffi
+```
+### Linux
+```bash
+sudo apt-get install build-essential automake pkg-config libtool \
+                     libffi-dev libssl-dev libgmp-dev python-dev
+```
+After installing any required dependencies SIWE can be easily installed with:
+```bash
+gem install siwe
+```
+## Usage
+SIWE provides a Message class which implements EIP-4361.
+### Creating a SIWE Message
+```ruby
+require 'siwe'
+require 'time'
+# Only the mandatory arguments
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1")
+# Complete SIWE message with default values
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1", {
+                                   issued_at: Time.now.utc.iso8601,
+                                   statement: "Example statement for SIWE",
+                                   nonce: Siwe::Util.generate_nonce,
+                                   chain_id: "1",
+                                   expiration_time: "",
+                                   not_before: "",
+                                   request_id: "",
+                                   resources: []
+                                 })
+```
+### Parsing a SIWE Message
+To parse from EIP-4361 use `Siwe::Message.from_message`
+```ruby
+require 'siwe'
+Siwe::Message.from_message "domain.example wants you to sign in with your Ethereum account:\n0x9D85ca56217D2bb651b00f15e694EB7E713637D4\n\nExample statement for SIWE\n\nURI: some.uri\nVersion: 1\nChain ID: 1\nNonce: k1Ne4KWzBHYEFQo8\nIssued At: 2022-02-03T20:06:19Z"
+```
+Messages can be parsed to and from JSON strings, using Siwe::Message.from_json_string and Siwe::Message.to_json_string respectively:
+```ruby
+require 'siwe'
+Siwe::Message.from_json_string "{\"domain\":\"domain.example\",\"address\":\"0x9D85ca56217D2bb651b00f15e694EB7E713637D4\",\"uri\":\"some.uri\",\"version\":\"1\",\"chain_id\":\"1\",\"nonce\":\"k1Ne4KWzBHYEFQo8\",\"issued_at\":\"2022-02-03T20:06:19Z\",\"statement\":\"Example statement for SIWE\",\"expiration_time\":\"\",\"not_before\":\"\",\"request_id\":\"\",\"resources\":[]}"
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1").to_json_string
+```
+## Verifying and Authenticating a SIWE Message
+Verification and authentication is performed via EIP-191, using the address field of the SiweMessage as the expected signer. The validate method checks message structural integrity, signature address validity, and time-based validity attributes.
+```ruby
+begin
+    message.validate(signature) # returns true if valid throws otherwise
+rescue Siwe::ExpiredMessage
+    # Used when the message is already expired. (Expires At < Time.now)
+rescue Siwe::NotValidMessage
+    # Used when the message is not yet valid. (Not Before > Time.now)
+rescue Siwe::InvalidSignature
+    # Used when the signature doesn't correspond to the address of the message.
+end
+```
+## Serialization of a SIWE Message
+`Siwe::Message` instances can also be serialized as their EIP-4361 string representations via the `Siwe::Message.prepare_message` method:
+```ruby
+require 'siwe'
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1").prepare_message
+```
+## Example
+Parsing and verifying a `Siwe::Message`:
+```ruby
+require 'siwe'
+begin
+    message = Siwe::Message.from_message "https://example.com wants you to sign in with your Ethereum account:\n0xA712a0AFBFA8656581BfA96352c9EdFc519e9cad\n\n\nURI: https://example.com\nVersion: 1\nChain ID: 1\nNonce: 9WrH24z8zpiYOoBQ\nIssued At: 2022-02-04T15:52:03Z"
+    message.validate "aca5e5649a357cee608ecbd1a8455b4143311381636b88a66ec7bcaf64b3a4743ff2c7cc18501a3401e182f79233dc73fc56d01506a6098d5e7e4d881bbb02921c"
+    puts "Congrats, your message is valid"
+rescue Siwe::ExpiredMessage
+    # Used when the message is already expired. (Expires At < Time.now)
+rescue Siwe::NotValidMessage
+    # Used when the message is not yet valid. (Not Before > Time.now)
+rescue Siwe::InvalidSignature
+    # Used when the signature doesn't correspond to the address of the message.
+end
+```

data/lib/siwe/exceptions.rb ADDED Viewed

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+module Siwe
+  # Used when the message is already expired. (Expires At < Time.now)
+  class ExpiredMessage < StandardError
+    def initialize(msg = "Message expired.")
+      super
+    end
+  end
+  # Used when the address does not conform to EIP-55 or is invalid.
+  class InvalidAddress < StandardError
+    def initialize(msg = "Adress does not conform to EIP-55 or is invalid.")
+      super
+    end
+  end
+  # Used when the message is not yet valid. (Not Before > Time.now)
+  class NotValidMessage < StandardError
+    def initialize(msg = "Message not yet valid.")
+      super
+    end
+  end
+  # Used when the signature doesn't correspond to the address of the message.
+  class InvalidSignature < StandardError
+    def initialize(msg = "Signature doesn't match message.")
+      super
+    end
+  end
+end

data/lib/siwe/message.rb CHANGED Viewed

@@ -74,15 +74,17 @@ module Siwe
     # expressed as RFC 3986 URIs separated by `\n- `.
     attr_accessor :resources
-    # Signature of the message signed by the wallet.
-    attr_accessor :signature
     def initialize(domain, address, uri, version, options = {})
       @domain = domain
-      @address = address
+      begin
+        @address = Eth::Address.new(address).to_s
+      rescue StandardError
+        raise Siwe::InvalidAddress
+      end
+      raise Siwe::InvalidAddress unless @address.eql? address
       @uri = uri
       @version = version
       @statement = options.fetch :statement, ""
       @issued_at = options.fetch :issued_at, Time.now.utc.iso8601
       @nonce = options.fetch :nonce, Siwe::Util.generate_nonce
@@ -91,15 +93,13 @@ module Siwe
       @not_before = options.fetch :not_before, ""
       @request_id = options.fetch :request_id, ""
       @resources = options.fetch :resources, []
-      @signature = options.fetch :signature, ""
-      validate(true)
     end
     def self.from_message(msg)
       if (message = msg.match SIWE_MESSAGE)
-        msg = new(
+        new(
           message[:domain],
-          message[:address],
+          Eth::Address.new(message[:address]).to_s,
           message[:uri],
           message[:version],
           {
@@ -113,8 +113,7 @@ module Siwe
             resources: message[:resources]&.split("\n- ")&.drop(1) || []
           }
         )
-        msg.validate(true)
-        msg
       else
         throw "Invalid message input."
       end
@@ -123,7 +122,7 @@ module Siwe
     def to_json_string
       obj = {
         domain: @domain,
-        address: @address,
+        address: Eth::Address.new(@address).to_s,
         uri: @uri,
         version: @version,
         chain_id: @chain_id,
@@ -133,15 +132,14 @@ module Siwe
         expiration_time: @expiration_time,
         not_before: @not_before,
         request_id: @request_id,
-        resources: @resources,
-        signature: @signature
+        resources: @resources
       }
       obj.to_json
     end
     def self.from_json_string(str)
       obj = JSON.parse str, { symbolize_names: true }
-      msg = Siwe::Message.new(
+      Siwe::Message.new(
         obj[:domain],
         obj[:address],
         obj[:uri],
@@ -153,30 +151,30 @@ module Siwe
           expiration_time: obj[:expiration_time],
           not_before: obj[:not_before],
           request_id: obj[:request_id],
-          resources: obj[:resources],
-          signature: obj[:signature]
+          resources: obj[:resources]
         }
       )
-      msg.validate(true)
-      msg
     end
-    def validate(skip_signature = false)
-      raise "Message expired." if !@expiration_time.empty? && Time.now.utc > Time.parse(@expiration_time)
-      raise "Message not yet valid." if !@not_before.empty? && Time.now.utc < Time.parse(@not_before)
+    def validate(signature)
+      raise Siwe::ExpiredMessage if !@expiration_time.empty? && Time.now.utc > Time.parse(@expiration_time)
+      raise Siwe::NotValidMessage if !@not_before.empty? && Time.now.utc < Time.parse(@not_before)
-      unless skip_signature
-        raise "Missing signature field." if @signature.empty?
+      raise Siwe::InvalidSignature if signature.empty?
-        pub_key = Eth::Key.personal_recover personal_sign, @signature
-        signature_address = Eth::Utils.public_key_to_address pub_key
-        raise "Signature doesn't match message." unless signature_address.downcase.eql? @address.downcase
+      begin
+        pub_key = Eth::Signature.personal_recover prepare_message, signature
+        signature_address = Eth::Util.public_key_to_address pub_key
+      rescue StandardError
+        raise Siwe::InvalidSignature
       end
+      raise Siwe::InvalidSignature unless signature_address.to_s.downcase.eql? @address.to_s.downcase
       true
     end
-    def personal_sign
+    def prepare_message
       greeting = "#{@domain} wants you to sign in with your Ethereum account:"
       address = @address
       statement = "\n#{@statement}\n"

data/lib/siwe/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Siwe
-  VERSION = "0.1.4"
+  VERSION = "1.1.0"
 end

data/lib/siwe.rb CHANGED Viewed

@@ -6,6 +6,10 @@ require_relative "siwe/version"
 module Siwe
   autoload :Message, "siwe/message"
   autoload :Util, "siwe/util"
+  autoload :ExpiredMessage, "siwe/exceptions"
+  autoload :NotValidMessage, "siwe/exceptions"
+  autoload :InvalidSignature, "siwe/exceptions"
+  autoload :InvalidAddress, "siwe/exceptions"
   class Error < StandardError; end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: siwe
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 1.1.0
 platform: ruby
 authors:
 - Spruce Systems Inc.
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-12-09 00:00:00.000000000 Z
+date: 2022-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: eth
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.17
+        version: 0.5.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.17
+        version: 0.5.1
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -101,6 +101,7 @@ files:
 - bin/console
 - bin/setup
 - lib/siwe.rb
+- lib/siwe/exceptions.rb
 - lib/siwe/message.rb
 - lib/siwe/util.rb
 - lib/siwe/version.rb
@@ -117,7 +118,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="