@0xsequence/guard 1.4.0 → 1.4.2

package/dist/0xsequence-guard.cjs.dev.js

@@ -2,8 +2,10 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var ethers = require('ethers');
 var core = require('@0xsequence/core');
+var signhub = require('@0xsequence/signhub');
+var utils = require('@0xsequence/utils');
+var ethers = require('ethers');
 
 function _extends() {
   _extends = Object.assign ? Object.assign.bind() : function (target) {
@@ -20,22 +22,6 @@ function _extends() {
   return _extends.apply(this, arguments);
 }
 
-/* eslint-disable */
-// sequence-guard v0.4.0 a29651d1d5f63268e8d03b51e46557e0632c144d
-// --
-// Code generated by webrpc-gen@v0.10.x-dev with typescript generator. DO NOT EDIT.
-//
-// webrpc-gen -schema=guard.ridl -target=typescript -client -out=./clients/guard.gen.ts
-
-// WebRPC description and code-gen version
-const WebRPCVersion = 'v1';
-
-// Schema version of your RIDL schema
-const WebRPCSchemaVersion = 'v0.4.0';
-
-// Schema hash generated from your RIDL schema
-const WebRPCSchemaHash = 'a29651d1d5f63268e8d03b51e46557e0632c144d';
-
 //
 // Types
 //
@@ -99,6 +85,80 @@ class Guard {
         });
       });
     };
+    this.authMethods = (args, headers) => {
+      return this.fetch(this.url('AuthMethods'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {
+            methods: _data.methods,
+            active: _data.active
+          };
+        });
+      });
+    };
+    this.setPIN = (args, headers) => {
+      return this.fetch(this.url('SetPIN'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {};
+        });
+      });
+    };
+    this.resetPIN = (args, headers) => {
+      return this.fetch(this.url('ResetPIN'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {};
+        });
+      });
+    };
+    this.createTOTP = (args, headers) => {
+      return this.fetch(this.url('CreateTOTP'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {
+            uri: _data.uri
+          };
+        });
+      });
+    };
+    this.commitTOTP = (args, headers) => {
+      return this.fetch(this.url('CommitTOTP'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {
+            codes: _data.codes
+          };
+        });
+      });
+    };
+    this.resetTOTP = (args, headers) => {
+      return this.fetch(this.url('ResetTOTP'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {};
+        });
+      });
+    };
+    this.reset2FA = (args, headers) => {
+      return this.fetch(this.url('Reset2FA'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {};
+        });
+      });
+    };
+    this.recoveryCodes = (args, headers) => {
+      return this.fetch(this.url('RecoveryCodes'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {
+            codes: _data.codes
+          };
+        });
+      });
+    };
+    this.resetRecoveryCodes = (args, headers) => {
+      return this.fetch(this.url('ResetRecoveryCodes'), createHTTPRequest(args, headers)).then(res => {
+        return buildResponse(res).then(_data => {
+          return {
+            codes: _data.codes
+          };
+        });
+      });
+    };
     this.hostname = hostname;
     this.fetch = (input, init) => fetch(input, init);
   }
@@ -137,12 +197,10 @@ const buildResponse = res => {
 
 const fetch = typeof global === 'object' ? global.fetch : window.fetch;
 class GuardSigner {
-  constructor(address, url, appendSuffix = false, onError) {
-    this.requests = new Map();
+  constructor(address, url, appendSuffix = false) {
     this.address = address;
     this.url = url;
     this.appendSuffix = appendSuffix;
-    this.onError = onError;
     this.guard = new Guard(url, fetch);
   }
   async getAddress() {
@@ -157,32 +215,18 @@ class GuardSigner {
   async decorateTransactions(bundle, _metadata) {
     return bundle;
   }
-  async requestSignature(id, _message, metadata, callbacks) {
-    if (!core.commons.isWalletSignRequestMetadata(metadata)) {
-      callbacks.onRejection('Expected Sequence-like metadata');
-    } else {
-      // Queue the request first, this method only does that
-      // the requesting to the API is later handled on every status change
-      this.requests.set(id, callbacks);
-    }
-    return true;
-  }
-  notifyStatusChange(id, status, metadata) {
-    if (!this.requests.has(id)) return;
+  async requestSignature(_id, message, metadata, callbacks) {
+    var _metadata$parts;
+    const {
+      onSignature,
+      onRejection
+    } = callbacks;
     if (!core.commons.isWalletSignRequestMetadata(metadata)) {
-      this.requests.get(id).onRejection('Expected Sequence-like metadata (status update)');
-      return;
+      onRejection('expected sequence signature request metadata');
+      return false;
     }
-    this.evaluateRequest(id, status.message, status, metadata);
-  }
-  packMsgAndSig(address, msg, sig, chainId) {
-    return ethers.ethers.utils.defaultAbiCoder.encode(['address', 'uint256', 'bytes', 'bytes'], [address, chainId, msg, sig]);
-  }
-  keyOfRequest(signer, msg, auxData, chainId) {
-    return ethers.ethers.utils.solidityKeccak256(['address', 'uint256', 'bytes', 'bytes'], [signer, chainId, msg, auxData]);
-  }
-  async evaluateRequest(id, message, _, metadata) {
-    var _metadata$parts;
+    const guardTotpCode = metadata.guardTotpCode;
+
     // Building auxData, notice: this uses the old v1 format
     // TODO: We should update the guard API so we can pass the metadata directly
     const coder = core.universal.genericCoderFor(metadata.config.version);
@@ -190,41 +234,253 @@ class GuardSigner {
       encoded
     } = coder.signature.encodeSigners(metadata.config, (_metadata$parts = metadata.parts) != null ? _metadata$parts : new Map(), [], metadata.chainId);
     try {
-      var _this$requests$get;
-      const key = this.keyOfRequest(this.address, message, encoded, metadata.chainId);
-      const lastAttempt = (_this$requests$get = this.requests.get(id)) == null ? void 0 : _this$requests$get.lastAttempt;
-      if (lastAttempt === key) {
-        return;
-      }
-      this.requests.get(id).lastAttempt = key;
-      const result = await this.guard.signWith({
+      const {
+        sig: signature
+      } = await this.guard.signWith({
         signer: this.address,
         request: {
           msg: ethers.ethers.utils.hexlify(message),
           auxData: this.packMsgAndSig(metadata.address, metadata.digest, encoded, metadata.chainId),
-          chainId: ethers.ethers.BigNumber.from(metadata.chainId).toNumber() // TODO: This should be a string (in the API)
-        }
+          chainId: ethers.ethers.BigNumber.from(metadata.chainId).toNumber()
+        },
+        token: guardTotpCode ? {
+          id: AuthMethod.TOTP,
+          token: guardTotpCode
+        } : undefined
       });
-
-      if (ethers.ethers.utils.arrayify(result.sig).length !== 0) {
-        this.requests.get(id).onSignature(result.sig);
-        this.requests.delete(id);
+      if (ethers.ethers.utils.arrayify(signature).length === 0) {
+        throw new Error('guard response contained no signature data');
       }
-    } catch (e) {
-      var _this$onError;
-      // The guard signer may reject the request for a number of reasons
-      // like for example, if it's being the first signer (it waits for other signers to sign first)
-      // We always forward the error here and filter on client side.
-      (_this$onError = this.onError) == null ? void 0 : _this$onError.call(this, e);
+      onSignature(signature);
+      return true;
+    } catch (error) {
+      var _ref, _error$message;
+      onRejection(`unable to request guard signature: ${(_ref = (_error$message = error.message) != null ? _error$message : error.msg) != null ? _ref : error}`);
+      return false;
+    }
+  }
+  notifyStatusChange(_id, _status, _metadata) {}
+  async getAuthMethods(proof) {
+    let response;
+    if ('jwt' in proof) {
+      response = await this.guard.authMethods({}, {
+        Authorization: `BEARER ${proof.jwt}`
+      });
+    } else {
+      const signedProof = await signOwnershipProof(proof);
+      response = await this.guard.authMethods({
+        proof: {
+          wallet: signedProof.walletAddress,
+          timestamp: signedProof.timestamp.getTime(),
+          signer: signedProof.signerAddress,
+          signature: signedProof.signature
+        }
+      });
+    }
+    return response.methods.map(parseAuthMethod);
+  }
+  async setPin(pin, proof) {
+    const signedProof = await signAuthUpdateProof(proof);
+    if (pin === undefined) {
+      await this.guard.resetPIN({
+        timestamp: signedProof.timestamp.getTime(),
+        signature: signedProof.signature
+      }, {
+        Authorization: `BEARER ${proof.jwt}`
+      });
+    } else {
+      await this.guard.setPIN({
+        pin,
+        timestamp: signedProof.timestamp.getTime(),
+        signature: signedProof.signature
+      }, {
+        Authorization: `BEARER ${proof.jwt}`
+      });
     }
   }
+  resetPin(proof) {
+    return this.setPin(undefined, proof);
+  }
+  async createTotp(proof) {
+    const signedProof = await signAuthUpdateProof(proof);
+    const {
+      uri
+    } = await this.guard.createTOTP({
+      timestamp: signedProof.timestamp.getTime(),
+      signature: signedProof.signature
+    }, {
+      Authorization: `BEARER ${proof.jwt}`
+    });
+    return new URL(uri);
+  }
+  async commitTotp(token, jwt) {
+    const {
+      codes
+    } = await this.guard.commitTOTP({
+      token
+    }, {
+      Authorization: `BEARER ${jwt}`
+    });
+    return codes;
+  }
+  async resetTotp(proof) {
+    const signedProof = await signAuthUpdateProof(proof);
+    await this.guard.resetTOTP({
+      timestamp: signedProof.timestamp.getTime(),
+      signature: signedProof.signature
+    }, {
+      Authorization: `BEARER ${proof.jwt}`
+    });
+  }
+  async reset2fa(recoveryCode, proof) {
+    if ('jwt' in proof) {
+      await this.guard.reset2FA({
+        code: recoveryCode
+      }, {
+        Authorization: `BEARER ${proof.jwt}`
+      });
+    } else {
+      const signedProof = await signOwnershipProof(proof);
+      await this.guard.reset2FA({
+        code: recoveryCode,
+        proof: {
+          wallet: signedProof.walletAddress,
+          timestamp: signedProof.timestamp.getTime(),
+          signer: signedProof.signerAddress,
+          signature: signedProof.signature
+        }
+      });
+    }
+  }
+  async getRecoveryCodes(proof) {
+    const signedProof = await signAuthUpdateProof(proof);
+    const {
+      codes
+    } = await this.guard.recoveryCodes({
+      timestamp: signedProof.timestamp.getTime(),
+      signature: signedProof.signature
+    }, {
+      Authorization: `BEARER ${proof.jwt}`
+    });
+    return codes;
+  }
+  async resetRecoveryCodes(proof) {
+    const signedProof = await signAuthUpdateProof(proof);
+    const {
+      codes
+    } = await this.guard.resetRecoveryCodes({
+      timestamp: signedProof.timestamp.getTime(),
+      signature: signedProof.signature
+    }, {
+      Authorization: `BEARER ${proof.jwt}`
+    });
+    return codes;
+  }
+  packMsgAndSig(address, msg, sig, chainId) {
+    return ethers.ethers.utils.defaultAbiCoder.encode(['address', 'uint256', 'bytes', 'bytes'], [address, chainId, msg, sig]);
+  }
   suffix() {
     return this.appendSuffix ? [3] : [];
   }
 }
+let AuthMethod = /*#__PURE__*/function (AuthMethod) {
+  AuthMethod["PIN"] = "PIN";
+  AuthMethod["TOTP"] = "TOTP";
+  return AuthMethod;
+}({});
+function parseAuthMethod(method) {
+  switch (method) {
+    case AuthMethod.PIN:
+    case AuthMethod.TOTP:
+      return method;
+    default:
+      throw new Error(`unknown auth method '${method}'`);
+  }
+}
+function isSignedOwnershipProof(proof) {
+  return 'signerAddress' in proof && typeof proof.signerAddress === 'string';
+}
+async function signOwnershipProof(proof) {
+  if (isSignedOwnershipProof(proof)) {
+    return proof;
+  } else {
+    const signer = signhub.signers.isSapientSigner(proof.signer) ? proof.signer : new signhub.signers.SignerWrapper(proof.signer);
+    const signerAddress = await signer.getAddress();
+    const timestamp = new Date();
+    const typedData = getOwnershipProofTypedData(proof.walletAddress, timestamp);
+    const digest = utils.encodeTypedDataDigest(typedData);
+    const randomId = ethers.ethers.utils.hexlify(ethers.ethers.utils.randomBytes(32));
+    return new Promise((resolve, reject) => signer.requestSignature(randomId, digest, {}, {
+      onSignature(signature) {
+        resolve({
+          walletAddress: proof.walletAddress,
+          timestamp,
+          signerAddress,
+          signature: ethers.ethers.utils.hexlify(signature)
+        });
+      },
+      onRejection: reject,
+      onStatus(_situation) {}
+    }));
+  }
+}
+async function signAuthUpdateProof(proof) {
+  if ('wallet' in proof) {
+    var _typedData$domain$cha;
+    const timestamp = new Date();
+    const typedData = getAuthUpdateProofTypedData(timestamp);
+    const signature = await proof.wallet.signTypedData(typedData.domain, typedData.types, typedData.message, (_typedData$domain$cha = typedData.domain.chainId) != null ? _typedData$domain$cha : 1, 'eip6492');
+    return {
+      jwt: proof.jwt,
+      timestamp,
+      signature
+    };
+  } else {
+    return proof;
+  }
+}
+function getOwnershipProofTypedData(wallet, timestamp) {
+  return {
+    domain,
+    types: {
+      AuthMethods: [{
+        name: 'wallet',
+        type: 'address'
+      }, {
+        name: 'timestamp',
+        type: 'string'
+      }]
+    },
+    message: {
+      wallet: ethers.ethers.utils.getAddress(wallet),
+      timestamp: toUTCString(timestamp)
+    }
+  };
+}
+function getAuthUpdateProofTypedData(timestamp) {
+  return {
+    domain,
+    types: {
+      AuthUpdate: [{
+        name: 'timestamp',
+        type: 'string'
+      }]
+    },
+    message: {
+      timestamp: toUTCString(timestamp)
+    }
+  };
+}
+const domain = {
+  name: 'Sequence Guard',
+  version: '1',
+  chainId: 1
+};
+function toUTCString(date) {
+  return date.toUTCString().replace('GMT', 'UTC');
+}
 
-exports.Guard = Guard;
+exports.AuthMethod = AuthMethod;
 exports.GuardSigner = GuardSigner;
-exports.WebRPCSchemaHash = WebRPCSchemaHash;
-exports.WebRPCSchemaVersion = WebRPCSchemaVersion;
-exports.WebRPCVersion = WebRPCVersion;
+exports.getAuthUpdateProofTypedData = getAuthUpdateProofTypedData;
+exports.getOwnershipProofTypedData = getOwnershipProofTypedData;