npm - @abtnode/auth - Versions diffs - 1.17.3-beta-20251126-121502-d0926972 → 1.17.3-beta-20251128-095123-a76cb6bc - Mend

@abtnode/auth 1.17.3-beta-20251126-121502-d0926972 → 1.17.3-beta-20251128-095123-a76cb6bc

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/lost-passport.js CHANGED Viewed

@@ -29,6 +29,8 @@ const { getSourceAppPid, getLoginProvider } = require('@blocklet/sdk/lib/util/lo
 const isArray = require('lodash/isArray');
 const { getDeviceData } = require('@abtnode/util/lib/device');
+const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
+const { sign } = require('@blocklet/sdk/lib/util/csrf');
 const {
   getFederatedMaster,
   shouldSyncFederated,
@@ -492,14 +494,31 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix, createTok
           },
           { ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
         );
-        await updateSession({ sessionToken, refreshToken }, true);
+        const nodeInfo = await node.getNodeInfo();
+        const accessWallet = getAccessWallet({
+          blockletAppDid: blocklet.appDid || blocklet.meta.did,
+          serverSecretKey: nodeInfo.sk,
+        });
+        const csrfToken = sign(accessWallet.secretKey, sessionToken);
+        await updateSession({ sessionToken, refreshToken, csrfToken }, true);
       } else if (type === TEAM_TYPES.NODE) {
         const { sessionToken, refreshToken } = await createToken(userPid, {
           passport,
           role,
           elevated: canSessionBeElevated(role, info),
         });
-        await updateSession({ sessionToken, refreshToken }, true);
+        const blocklet = await request.getBlocklet();
+        const nodeInfo = await node.getNodeInfo();
+        const accessWallet = getAccessWallet({
+          blockletAppDid: blocklet.appDid || blocklet.meta.did,
+          serverSecretKey: nodeInfo.sk,
+        });
+        const csrfToken = sign(accessWallet.secretKey, sessionToken);
+        await updateSession({ sessionToken, refreshToken, csrfToken }, true);
       }
     }

package/lib/oauth.js CHANGED Viewed

@@ -8,6 +8,8 @@ const { getBlockletAppIdList } = require('@blocklet/meta/lib/util');
 const { LOGIN_PROVIDER } = require('@blocklet/constant');
 const getOrigin = require('@abtnode/util/lib/get-origin');
+const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
+const { sign } = require('@blocklet/sdk/lib/util/csrf');
 const { getApplicationInfo } = require('./auth');
 const getSessionConfig = async (req) => {
@@ -135,7 +137,15 @@ function createPassportSwitcher(node, createToken, mode = 'server') {
       { ...(await getSessionConfig(req)) }
     );
-    res.status(200).json({ sessionToken, refreshToken });
+    // 生成 csrf token
+    const blocklet = await req.getBlocklet();
+    const accessWallet = getAccessWallet({
+      blockletAppDid: blocklet.appDid || blocklet.meta.did,
+      serverSecretKey: info.sk,
+    });
+    const csrfToken = sign(accessWallet.secretKey, sessionToken);
+    res.status(200).json({ sessionToken, refreshToken, csrfToken });
   };
 }

package/lib/server.js CHANGED Viewed

@@ -197,11 +197,13 @@ const authenticateByVc = async ({
       role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
     } else {
       // map external passport to local role
-      const { mappings = [] } = (info.trustedPassports || []).find((x) => x.issuerDid === issuerId) || {};
+      const trustedPassports =
+        blocklet?.trustedPassports?.length > 0 ? blocklet?.trustedPassports : info.trustedPassports || [];
+      const { mappings = [] } = trustedPassports.find((x) => x.issuerDid === issuerId) || {};
       role = await getRoleFromExternalPassport({
         passport: get(vc, 'credentialSubject.passport'),
         node,
-        teamDid,
+        teamDid: issuerId,
         locale,
         mappings,
       });

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.17.3-beta-20251126-121502-d0926972",
+  "version": "1.17.3-beta-20251128-095123-a76cb6bc",
   "description": "Simple lib to manage auth in ABT Node",
   "main": "lib/index.js",
   "files": [
@@ -18,21 +18,21 @@
   "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/constant": "1.17.3-beta-20251126-121502-d0926972",
-    "@abtnode/logger": "1.17.3-beta-20251126-121502-d0926972",
-    "@abtnode/util": "1.17.3-beta-20251126-121502-d0926972",
+    "@abtnode/constant": "1.17.3-beta-20251128-095123-a76cb6bc",
+    "@abtnode/logger": "1.17.3-beta-20251128-095123-a76cb6bc",
+    "@abtnode/util": "1.17.3-beta-20251128-095123-a76cb6bc",
     "@arcblock/did": "^1.27.12",
     "@arcblock/did-connect-js": "^1.27.12",
     "@arcblock/did-ext": "^1.27.12",
     "@arcblock/did-util": "^1.27.12",
     "@arcblock/jwt": "^1.27.12",
-    "@arcblock/nft-display": "^3.2.10",
+    "@arcblock/nft-display": "^3.2.11",
     "@arcblock/validator": "^1.27.12",
     "@arcblock/vc": "^1.27.12",
-    "@blocklet/constant": "1.17.3-beta-20251126-121502-d0926972",
+    "@blocklet/constant": "1.17.3-beta-20251128-095123-a76cb6bc",
     "@blocklet/error": "^0.3.3",
-    "@blocklet/meta": "1.17.3-beta-20251126-121502-d0926972",
-    "@blocklet/sdk": "1.17.3-beta-20251126-121502-d0926972",
+    "@blocklet/meta": "1.17.3-beta-20251128-095123-a76cb6bc",
+    "@blocklet/sdk": "1.17.3-beta-20251128-095123-a76cb6bc",
     "@ocap/client": "^1.27.12",
     "@ocap/mcrypto": "^1.27.12",
     "@ocap/util": "^1.27.12",
@@ -55,5 +55,5 @@
   "devDependencies": {
     "axios-mock-adapter": "^2.1.0"
   },
-  "gitHead": "7039cacaad2a14a9573371e24e57cbbd6b6525c8"
+  "gitHead": "8d279ee5bfc3d025f164664bc43a16ff60860297"
 }