npm - @abtnode/auth - Versions diffs - 1.17.3-beta-20251125-042047-1bcefd39 → 1.17.3-beta-20251127-063055-94957209 - Mend

@abtnode/auth 1.17.3-beta-20251125-042047-1bcefd39 → 1.17.3-beta-20251127-063055-94957209

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/auth.js CHANGED Viewed

@@ -15,7 +15,6 @@ const { fromBase58, toAddress } = require('@ocap/util');
 const { toTypeInfo, isFromPublicKey } = require('@arcblock/did');
 const { getRandomBytes } = require('@ocap/mcrypto');
 const { getBlockletInfo } = require('@blocklet/meta/lib/info');
-const { getApplicationWallet } = require('@blocklet/meta/lib/wallet');
 const {
   PASSPORT_STATUS,
   VC_TYPE_NODE_PASSPORT,
@@ -36,6 +35,7 @@ const { LOGIN_PROVIDER } = require('@blocklet/constant');
 const dayjs = require('@abtnode/util/lib/dayjs');
 const { omit } = require('lodash');
+const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
 const logger = require('./logger');
 const verifySignature = require('./util/verify-signature');
 const { getEmailServiceProvider } = require('./email');
@@ -292,7 +292,10 @@ const getApplicationInfo = async ({ node, nodeInfo = {}, teamDid, baseUrl = '' }
     secret = blockletInfo.secret;
     logo = getAppAvatarUrl(baseUrl || blockletInfo.appUrl);
     appUrl = blockletInfo.appUrl;
-    accessWallet = getApplicationWallet(blocklet.appDid || blocklet.meta.did, nodeInfo.sk, undefined, 2);
+    accessWallet = getAccessWallet({
+      serverSecretKey: nodeInfo.sk,
+      blockletAppDid: blocklet.appDid || blocklet.meta.did,
+    });
   }
   return {

package/lib/passkey.js CHANGED Viewed

@@ -19,6 +19,8 @@ const {
 const { updateConnectedAccount, getAvatarByEmail, extractUserAvatar } = require('@abtnode/util/lib/user');
 const getOrigin = require('@abtnode/util/lib/get-origin');
+const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
+const { sign } = require('@blocklet/sdk/lib/util/csrf');
 const { getApplicationInfo, handleInvitationReceive, canSessionBeElevated } = require('./auth');
 const { validateVerifyDestroyRequest } = require('./server');
 const { getLastUsedPassport } = require('./passport');
@@ -534,7 +536,7 @@ function createPasskeyHandlers(node, mode, createToken) {
   };
   const handleAuthResponse = async (req, res) => {
-    const { body, passkeySession } = req;
+    const { body, passkeySession, blocklet } = req;
     // ensure the passkey is registered someway
     const info = await node.getNodeInfo({ useCache: true });
@@ -671,6 +673,10 @@ function createPasskeyHandlers(node, mode, createToken) {
       // Generate new session token that client can save to localStorage
       logger.info('passkey.auth.generateNewSessionToken', { teamDid, action: passkeySession.data.action });
+      const { targetAppPid } = req.query;
+      // FIXME: @zhanghan 这里目前只是一个 hack 的方式，passkey 和 federated 结合的流程需要重新梳理优化
+      const isFederatedHack = targetAppPid && targetAppPid !== teamDid;
+      const findMemberSite = findFederatedSite(blocklet, targetAppPid);
       if (
         [
           PASSKEY_ACTIONS.login,
@@ -678,11 +684,7 @@ function createPasskeyHandlers(node, mode, createToken) {
           PASSKEY_ACTIONS['connect-to-did-domain'],
         ].includes(passkeySession.data.action)
       ) {
-        const { targetAppPid } = req.query;
-        // FIXME: @zhanghan 这里目前只是一个 hack 的方式，passkey 和 federated 结合的流程需要重新梳理优化
-        const isFederatedHack = targetAppPid && targetAppPid !== teamDid;
         if (mode === 'service' && isFederatedHack) {
-          const findMemberSite = findFederatedSite(req.blocklet, targetAppPid);
           if (findMemberSite) {
             const postUser = pick(user, ['did', 'pk', 'fullName', 'locale', 'inviter', 'generation']);
             postUser.lastLoginAt = getRequestIP(req);
@@ -861,6 +863,13 @@ function createPasskeyHandlers(node, mode, createToken) {
       }
       logger.info('passkey.auth.result', { action: passkeySession.data.action, teamDid, userDid: user.did });
+      const accessWallet = getAccessWallet({
+        blockletAppDid: findMemberSite?.appId || blocklet.appDid || blocklet.meta.did,
+        serverSecretKey: info.sk,
+      });
+      result.csrfToken = await sign(accessWallet.secretKey, result.sessionToken);
       return res.send(result);
     } catch (error) {
       logger.error('passkey.auth.handleAuthResponse.error', { error });

package/lib/server.js CHANGED Viewed

@@ -197,11 +197,13 @@ const authenticateByVc = async ({
       role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
     } else {
       // map external passport to local role
-      const { mappings = [] } = (info.trustedPassports || []).find((x) => x.issuerDid === issuerId) || {};
+      const trustedPassports =
+        blocklet?.trustedPassports?.length > 0 ? blocklet?.trustedPassports : info.trustedPassports || [];
+      const { mappings = [] } = trustedPassports.find((x) => x.issuerDid === issuerId) || {};
       role = await getRoleFromExternalPassport({
         passport: get(vc, 'credentialSubject.passport'),
         node,
-        teamDid,
+        teamDid: issuerId,
         locale,
         mappings,
       });

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.17.3-beta-20251125-042047-1bcefd39",
+  "version": "1.17.3-beta-20251127-063055-94957209",
   "description": "Simple lib to manage auth in ABT Node",
   "main": "lib/index.js",
   "files": [
@@ -18,25 +18,25 @@
   "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/constant": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@abtnode/logger": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@abtnode/util": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@arcblock/did": "^1.27.7",
-    "@arcblock/did-connect-js": "^1.27.7",
-    "@arcblock/did-ext": "^1.27.7",
-    "@arcblock/did-util": "^1.27.7",
-    "@arcblock/jwt": "^1.27.7",
-    "@arcblock/nft-display": "^3.2.6",
-    "@arcblock/validator": "^1.27.7",
-    "@arcblock/vc": "^1.27.7",
-    "@blocklet/constant": "1.17.3-beta-20251125-042047-1bcefd39",
+    "@abtnode/constant": "1.17.3-beta-20251127-063055-94957209",
+    "@abtnode/logger": "1.17.3-beta-20251127-063055-94957209",
+    "@abtnode/util": "1.17.3-beta-20251127-063055-94957209",
+    "@arcblock/did": "^1.27.12",
+    "@arcblock/did-connect-js": "^1.27.12",
+    "@arcblock/did-ext": "^1.27.12",
+    "@arcblock/did-util": "^1.27.12",
+    "@arcblock/jwt": "^1.27.12",
+    "@arcblock/nft-display": "^3.2.10",
+    "@arcblock/validator": "^1.27.12",
+    "@arcblock/vc": "^1.27.12",
+    "@blocklet/constant": "1.17.3-beta-20251127-063055-94957209",
     "@blocklet/error": "^0.3.3",
-    "@blocklet/meta": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@blocklet/sdk": "1.17.3-beta-20251125-042047-1bcefd39",
-    "@ocap/client": "^1.27.7",
-    "@ocap/mcrypto": "^1.27.7",
-    "@ocap/util": "^1.27.7",
-    "@ocap/wallet": "^1.27.7",
+    "@blocklet/meta": "1.17.3-beta-20251127-063055-94957209",
+    "@blocklet/sdk": "1.17.3-beta-20251127-063055-94957209",
+    "@ocap/client": "^1.27.12",
+    "@ocap/mcrypto": "^1.27.12",
+    "@ocap/util": "^1.27.12",
+    "@ocap/wallet": "^1.27.12",
     "@simplewebauthn/server": "^13.1.1",
     "axios": "^1.7.9",
     "flat": "^5.0.2",
@@ -55,5 +55,5 @@
   "devDependencies": {
     "axios-mock-adapter": "^2.1.0"
   },
-  "gitHead": "aa12c79fd75c9e7e06c3f3255bb73e278eec02d4"
+  "gitHead": "80dac020e9642b7e51c6a142c526cdecb75217a9"
 }