siwe 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ee917f6a6a6cfe1877f32dd8c70cd2628b745c6a941f7d6bcaebd1e0c19c592
-  data.tar.gz: 4162a2428f5a0efce7d190a1ca1bbff06c3574447853fa9dfae183301f084ab7
+  metadata.gz: 9ce4aaa56993884786c2eb990729406a1ae4e0cb99d43f5dbcc6b3e0c8e0af67
+  data.tar.gz: 4dbcb76592a3c0bd4eed2e53e3a739fe9461f185772fdb70fa06dfcd43f7adec
 SHA512:
-  metadata.gz: 648ec9080c223f0ffea368c522f4a29aa5f9b3203fe91a090133ca4143d7d637bd9b7f586de5883a2ed3e9a06473aaedb8e57ff94aa67ffc45462681cb259500
-  data.tar.gz: e3212a3795f6dd22d584d77d59eacfa3150aa0ddf284f30f85ea129253f1f3d77afe4c1d049df8f655f50f3dafbe2748ce0df7468af562aa9f69768dd858da9d
+  metadata.gz: fb5e213eb8d8f50f6cf9a4c00be528bd0a5a9afdc806f95d2714534f629f3ea538bc79655330fc313b01ff85f7ac93550f2447c84baa1f5996eaf6617543630c
+  data.tar.gz: ddf5168c793f6342f9f2e49ac8112dca937832fd7e6a42fb8362250cb6c8798ddb26bf444514064f25fa29ea09ad06d1827cdfc5a1ba696667448d04eb05eee6

data/README.md

@@ -1,2 +1,107 @@
 # siwe-ruby
-A ruby implementation of Sign-In with Ethereum
+A Ruby implementation of EIP-4361: Sign In With Ethereum.
+
+## Getting started
+### Dependencies
+Additional packages may be required to install the gem:
+
+### macOS
+```bash
+brew install automake openssl libtool pkg-config gmp libffi
+```
+
+### Linux
+```bash
+sudo apt-get install build-essential automake pkg-config libtool \
+                     libffi-dev libssl-dev libgmp-dev python-dev
+```
+
+After installing any required dependencies SIWE can be easily installed with:
+```bash
+gem install siwe
+```
+
+## Usage
+SIWE provides a Message class which implements EIP-4361.
+### Creating a SIWE Message
+
+```ruby
+require 'siwe'
+require 'time'
+
+# Only the mandatory arguments
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1")
+
+# Complete SIWE message with default values
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1", {
+                                   issued_at: Time.now.utc.iso8601,
+                                   statement: "Example statement for SIWE",
+                                   nonce: Siwe::Util.generate_nonce,
+                                   chain_id: "1",
+                                   expiration_time: "",
+                                   not_before: "",
+                                   request_id: "",
+                                   resources: []
+                                 })
+```
+
+### Parsing a SIWE Message
+To parse from EIP-4361 use `Siwe::Message.from_message`
+
+```ruby
+require 'siwe'
+
+Siwe::Message.from_message "domain.example wants you to sign in with your Ethereum account:\n0x9D85ca56217D2bb651b00f15e694EB7E713637D4\n\nExample statement for SIWE\n\nURI: some.uri\nVersion: 1\nChain ID: 1\nNonce: k1Ne4KWzBHYEFQo8\nIssued At: 2022-02-03T20:06:19Z"
+```
+
+Messages can be parsed to and from JSON strings, using Siwe::Message.from_json_string and Siwe::Message.to_json_string respectively:
+
+```ruby
+require 'siwe'
+
+Siwe::Message.from_json_string "{\"domain\":\"domain.example\",\"address\":\"0x9D85ca56217D2bb651b00f15e694EB7E713637D4\",\"uri\":\"some.uri\",\"version\":\"1\",\"chain_id\":\"1\",\"nonce\":\"k1Ne4KWzBHYEFQo8\",\"issued_at\":\"2022-02-03T20:06:19Z\",\"statement\":\"Example statement for SIWE\",\"expiration_time\":\"\",\"not_before\":\"\",\"request_id\":\"\",\"resources\":[]}"
+
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1").to_json_string
+```
+
+## Verifying and Authenticating a SIWE Message
+Verification and authentication is performed via EIP-191, using the address field of the SiweMessage as the expected signer. The validate method checks message structural integrity, signature address validity, and time-based validity attributes.
+
+```ruby
+begin
+    message.validate(signature) # returns true if valid throws otherwise
+rescue Siwe::ExpiredMessage
+    # Used when the message is already expired. (Expires At < Time.now)
+rescue Siwe::NotValidMessage
+    # Used when the message is not yet valid. (Not Before > Time.now)
+rescue Siwe::InvalidSignature
+    # Used when the signature doesn't correspond to the address of the message.
+end
+```
+
+## Serialization of a SIWE Message
+`Siwe::Message` instances can also be serialized as their EIP-4361 string representations via the `Siwe::Message.prepare_message` method:
+
+```ruby
+require 'siwe'
+
+Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1").prepare_message
+```
+
+## Example
+Parsing and verifying a `Siwe::Message`:
+```ruby
+require 'siwe'
+
+begin
+    message = Siwe::Message.from_message "https://example.com wants you to sign in with your Ethereum account:\n0xA712a0AFBFA8656581BfA96352c9EdFc519e9cad\n\n\nURI: https://example.com\nVersion: 1\nChain ID: 1\nNonce: 9WrH24z8zpiYOoBQ\nIssued At: 2022-02-04T15:52:03Z"
+    message.validate "aca5e5649a357cee608ecbd1a8455b4143311381636b88a66ec7bcaf64b3a4743ff2c7cc18501a3401e182f79233dc73fc56d01506a6098d5e7e4d881bbb02921c"
+    puts "Congrats, your message is valid"
+rescue Siwe::ExpiredMessage
+    # Used when the message is already expired. (Expires At < Time.now)
+rescue Siwe::NotValidMessage
+    # Used when the message is not yet valid. (Not Before > Time.now)
+rescue Siwe::InvalidSignature
+    # Used when the signature doesn't correspond to the address of the message.
+end
+```

data/lib/siwe/exceptions.rb

@@ -8,6 +8,13 @@ module Siwe
     end
   end
 
+  # Used when the address does not conform to EIP-55 or is invalid.
+  class InvalidAddress < StandardError
+    def initialize(msg = "Adress does not conform to EIP-55 or is invalid.")
+      super
+    end
+  end
+
   # Used when the message is not yet valid. (Not Before > Time.now)
   class NotValidMessage < StandardError
     def initialize(msg = "Message not yet valid.")

data/lib/siwe/message.rb

@@ -76,10 +76,15 @@ module Siwe
 
     def initialize(domain, address, uri, version, options = {})
       @domain = domain
-      @address = address
+      begin
+        @address = Eth::Address.new(address).to_s
+      rescue StandardError
+        raise Siwe::InvalidAddress
+      end
+      raise Siwe::InvalidAddress unless @address.eql? address
+
       @uri = uri
       @version = version
-
       @statement = options.fetch :statement, ""
       @issued_at = options.fetch :issued_at, Time.now.utc.iso8601
       @nonce = options.fetch :nonce, Siwe::Util.generate_nonce
@@ -94,7 +99,7 @@ module Siwe
       if (message = msg.match SIWE_MESSAGE)
         new(
           message[:domain],
-          message[:address],
+          Eth::Address.new(message[:address]).to_s,
           message[:uri],
           message[:version],
           {
@@ -117,7 +122,7 @@ module Siwe
     def to_json_string
       obj = {
         domain: @domain,
-        address: @address,
+        address: Eth::Address.new(@address).to_s,
         uri: @uri,
         version: @version,
         chain_id: @chain_id,

data/lib/siwe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Siwe
-  VERSION = "1.0.0"
+  VERSION = "1.1.0"
 end

data/lib/siwe.rb

@@ -9,6 +9,7 @@ module Siwe
   autoload :ExpiredMessage, "siwe/exceptions"
   autoload :NotValidMessage, "siwe/exceptions"
   autoload :InvalidSignature, "siwe/exceptions"
+  autoload :InvalidAddress, "siwe/exceptions"
 
   class Error < StandardError; end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: siwe
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Spruce Systems Inc.
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-02-03 00:00:00.000000000 Z
+date: 2022-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: eth