stellar-sdk 0.25.0 → 0.26.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -2
- data/lib/stellar/sdk/version.rb +1 -1
- data/lib/stellar/sep10.rb +39 -15
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1aeddb0019aa2152cb8f2112664943cf897288eca35a0ca3695ef2e5a7de72e1
|
|
4
|
+
data.tar.gz: bb08abb87f75f176105075d0b47bd85138a0692779cf9612d212227c7aca72c5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 951727a0f57f612b86cf58f9fbcf8f801202279a33ee33d6d152f9c0e9b05a45a67330113b844f0538563f491becc7a05b9a1086be303bc3f98e2b337a01cf6c
|
|
7
|
+
data.tar.gz: c0247f20caeb1f6247cd7c9c558b8e4fc03aeb7db7723ccc592650628db5adccef6548ae254a185a4eb30b8a1f2c7edc6f411eab4196202c6395281ad1a9d7c7
|
data/CHANGELOG.md
CHANGED
|
@@ -4,9 +4,17 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
|
5
5
|
and this project adheres to [Semantic Versioning](http://semver.org/).
|
|
6
6
|
|
|
7
|
-
## [Unreleased](https://github.com/stellar/ruby-stellar-sdk/compare/v0.
|
|
7
|
+
## [Unreleased](https://github.com/stellar/ruby-stellar-sdk/compare/v0.26.0...master)
|
|
8
8
|
|
|
9
|
-
## [0.
|
|
9
|
+
## [0.26.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.25.0...v0.26.0) - 2021-02-05
|
|
10
|
+
### Changed
|
|
11
|
+
- `Stellar::SEP10` is updated to comply with SEP10 v3.0.0 and v3.1.0
|
|
12
|
+
- `read_challenge_tx`` now verifies `domain` in challenge auth operation, as per SEP10 v3.0.0
|
|
13
|
+
- it is now possible to provide `auth_domain` parameter to enforce auth server domain verification:
|
|
14
|
+
- `build_challenge_tx` will encode the extra auth domain operation into the challenge tx
|
|
15
|
+
- `read_challenge_tx` will verify that the challenge includes the correct auth domain operation
|
|
16
|
+
|
|
17
|
+
## [0.25.0](https://github.com/stellar/ruby-stellar-sdk/compare/v0.24.0...v0.25.0) - 2020-10-30
|
|
10
18
|
### Changed
|
|
11
19
|
- `Stellar::SEP10` is updated to comply with SEP10 v2.1.0
|
|
12
20
|
- `build_challenge_tx` now accepts `domain` instead of `anchor_name`, using the
|
data/lib/stellar/sdk/version.rb
CHANGED
data/lib/stellar/sep10.rb
CHANGED
|
@@ -30,10 +30,6 @@ module Stellar
|
|
|
30
30
|
MSG
|
|
31
31
|
domain = options[:anchor_name]
|
|
32
32
|
end
|
|
33
|
-
# The value must be 64 bytes long. It contains a 48 byte
|
|
34
|
-
# cryptographic-quality random string encoded using base64 (for a total of
|
|
35
|
-
# 64 bytes after encoding).
|
|
36
|
-
value = SecureRandom.base64(48)
|
|
37
33
|
|
|
38
34
|
now = Time.now.to_i
|
|
39
35
|
time_bounds = Stellar::TimeBounds.new(
|
|
@@ -41,19 +37,34 @@ module Stellar
|
|
|
41
37
|
max_time: now + timeout
|
|
42
38
|
)
|
|
43
39
|
|
|
44
|
-
|
|
40
|
+
tb = Stellar::TransactionBuilder.new(
|
|
45
41
|
source_account: server,
|
|
46
42
|
sequence_number: 0,
|
|
47
43
|
time_bounds: time_bounds
|
|
48
|
-
)
|
|
44
|
+
)
|
|
45
|
+
|
|
46
|
+
# The value must be 64 bytes long. It contains a 48 byte
|
|
47
|
+
# cryptographic-quality random string encoded using base64 (for a total of
|
|
48
|
+
# 64 bytes after encoding).
|
|
49
|
+
tb.add_operation(
|
|
49
50
|
Stellar::Operation.manage_data(
|
|
50
51
|
name: "#{domain} auth",
|
|
51
|
-
value:
|
|
52
|
+
value: SecureRandom.base64(48),
|
|
52
53
|
source_account: client
|
|
53
54
|
)
|
|
54
|
-
)
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
if options.key?(:auth_domain)
|
|
58
|
+
tb.add_operation(
|
|
59
|
+
Stellar::Operation.manage_data(
|
|
60
|
+
name: "web_auth_domain",
|
|
61
|
+
value: options[:auth_domain],
|
|
62
|
+
source_account: server
|
|
63
|
+
)
|
|
64
|
+
)
|
|
65
|
+
end
|
|
55
66
|
|
|
56
|
-
|
|
67
|
+
tb.build.to_envelope(server).to_xdr(:base64)
|
|
57
68
|
end
|
|
58
69
|
|
|
59
70
|
# Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
|
|
@@ -68,8 +79,8 @@ module Stellar
|
|
|
68
79
|
# @example
|
|
69
80
|
# sep10 = Stellar::SEP10
|
|
70
81
|
# server = Stellar::KeyPair.random # this should be the SIGNING_KEY from your stellar.toml
|
|
71
|
-
# challenge = sep10.build_challenge_tx(server: server, client: user,
|
|
72
|
-
# envelope, client_address = sep10.read_challenge_tx(server: server,
|
|
82
|
+
# challenge = sep10.build_challenge_tx(server: server, client: user, domain: domain, timeout: timeout)
|
|
83
|
+
# envelope, client_address = sep10.read_challenge_tx(server: server, challenge_xdr: challenge)
|
|
73
84
|
#
|
|
74
85
|
# @param challenge_xdr [String] SEP0010 transaction challenge in base64.
|
|
75
86
|
# @param server [Stellar::KeyPair] keypair for server where the challenge was generated.
|
|
@@ -94,7 +105,9 @@ module Stellar
|
|
|
94
105
|
auth_op, *rest_ops = transaction.operations
|
|
95
106
|
client_account_id = auth_op.source_account
|
|
96
107
|
|
|
97
|
-
|
|
108
|
+
auth_op_body = auth_op.body.value
|
|
109
|
+
|
|
110
|
+
if client_account_id.blank?
|
|
98
111
|
raise InvalidSep10ChallengeError, "The transaction's operation should contain a source account"
|
|
99
112
|
end
|
|
100
113
|
|
|
@@ -102,15 +115,26 @@ module Stellar
|
|
|
102
115
|
raise InvalidSep10ChallengeError, "The transaction's first operation should be manageData"
|
|
103
116
|
end
|
|
104
117
|
|
|
105
|
-
if
|
|
118
|
+
if options.key?(:domain) && auth_op_body.data_name != "#{options[:domain]} auth"
|
|
119
|
+
raise InvalidSep10ChallengeError, "The transaction's operation data name is invalid"
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
if auth_op_body.data_value.unpack1("m").size != 48
|
|
106
123
|
raise InvalidSep10ChallengeError, "The transaction's operation value should be a 64 bytes base64 random string"
|
|
107
124
|
end
|
|
108
125
|
|
|
109
126
|
rest_ops.each do |op|
|
|
110
|
-
|
|
127
|
+
body = op.body
|
|
128
|
+
|
|
129
|
+
if body.arm != :manage_data_op
|
|
111
130
|
raise InvalidSep10ChallengeError, "The transaction has operations that are not of type 'manageData'"
|
|
112
131
|
elsif op.source_account != server.muxed_account
|
|
113
132
|
raise InvalidSep10ChallengeError, "The transaction has operations that are unrecognized"
|
|
133
|
+
else
|
|
134
|
+
op_params = body.value
|
|
135
|
+
if op_params.data_name == "web_auth_domain" && options.key?(:auth_domain) && op_params.data_value != options[:auth_domain]
|
|
136
|
+
raise InvalidSep10ChallengeError, "The transaction has 'manageData' operation with 'web_auth_domain' key and invalid value"
|
|
137
|
+
end
|
|
114
138
|
end
|
|
115
139
|
end
|
|
116
140
|
|
|
@@ -121,7 +145,7 @@ module Stellar
|
|
|
121
145
|
time_bounds = transaction.time_bounds
|
|
122
146
|
now = Time.now.to_i
|
|
123
147
|
|
|
124
|
-
if time_bounds.
|
|
148
|
+
if time_bounds.blank? || !now.between?(time_bounds.min_time, time_bounds.max_time)
|
|
125
149
|
raise InvalidSep10ChallengeError, "The transaction has expired"
|
|
126
150
|
end
|
|
127
151
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: stellar-sdk
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.26.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Scott Fleckenstein
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: exe
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2021-02-05 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: stellar-base
|
|
@@ -18,14 +18,14 @@ dependencies:
|
|
|
18
18
|
requirements:
|
|
19
19
|
- - '='
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: 0.
|
|
21
|
+
version: 0.26.0
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
25
|
requirements:
|
|
26
26
|
- - '='
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
version: 0.
|
|
28
|
+
version: 0.26.0
|
|
29
29
|
- !ruby/object:Gem::Dependency
|
|
30
30
|
name: activesupport
|
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -173,9 +173,9 @@ licenses:
|
|
|
173
173
|
- Apache-2.0
|
|
174
174
|
metadata:
|
|
175
175
|
github_repo: ssh://github.com/astroband/ruby-stellar-sdk
|
|
176
|
-
documentation_uri: https://rubydoc.info/gems/stellar-sdk/0.
|
|
177
|
-
changelog_uri: https://github.com/astroband/ruby-stellar-sdk/blob/v0.
|
|
178
|
-
source_code_uri: https://github.com/astroband/ruby-stellar-sdk/tree/v0.
|
|
176
|
+
documentation_uri: https://rubydoc.info/gems/stellar-sdk/0.26.0/
|
|
177
|
+
changelog_uri: https://github.com/astroband/ruby-stellar-sdk/blob/v0.26.0/sdk/CHANGELOG.md
|
|
178
|
+
source_code_uri: https://github.com/astroband/ruby-stellar-sdk/tree/v0.26.0/sdk
|
|
179
179
|
post_install_message:
|
|
180
180
|
rdoc_options: []
|
|
181
181
|
require_paths:
|