@abtnode/auth 1.17.3-beta-20251127-063055-94957209 → 1.17.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/lost-passport.js +21 -2
- package/lib/oauth.js +11 -1
- package/package.json +9 -9
package/lib/lost-passport.js
CHANGED
|
@@ -29,6 +29,8 @@ const { getSourceAppPid, getLoginProvider } = require('@blocklet/sdk/lib/util/lo
|
|
|
29
29
|
const isArray = require('lodash/isArray');
|
|
30
30
|
const { getDeviceData } = require('@abtnode/util/lib/device');
|
|
31
31
|
|
|
32
|
+
const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
|
|
33
|
+
const { sign } = require('@blocklet/sdk/lib/util/csrf');
|
|
32
34
|
const {
|
|
33
35
|
getFederatedMaster,
|
|
34
36
|
shouldSyncFederated,
|
|
@@ -492,14 +494,31 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix, createTok
|
|
|
492
494
|
},
|
|
493
495
|
{ ...sessionConfig, didConnectVersion: getDidConnectVersion(req) }
|
|
494
496
|
);
|
|
495
|
-
|
|
497
|
+
|
|
498
|
+
const nodeInfo = await node.getNodeInfo();
|
|
499
|
+
const accessWallet = getAccessWallet({
|
|
500
|
+
blockletAppDid: blocklet.appDid || blocklet.meta.did,
|
|
501
|
+
serverSecretKey: nodeInfo.sk,
|
|
502
|
+
});
|
|
503
|
+
const csrfToken = sign(accessWallet.secretKey, sessionToken);
|
|
504
|
+
|
|
505
|
+
await updateSession({ sessionToken, refreshToken, csrfToken }, true);
|
|
496
506
|
} else if (type === TEAM_TYPES.NODE) {
|
|
497
507
|
const { sessionToken, refreshToken } = await createToken(userPid, {
|
|
498
508
|
passport,
|
|
499
509
|
role,
|
|
500
510
|
elevated: canSessionBeElevated(role, info),
|
|
501
511
|
});
|
|
502
|
-
|
|
512
|
+
|
|
513
|
+
const blocklet = await request.getBlocklet();
|
|
514
|
+
const nodeInfo = await node.getNodeInfo();
|
|
515
|
+
const accessWallet = getAccessWallet({
|
|
516
|
+
blockletAppDid: blocklet.appDid || blocklet.meta.did,
|
|
517
|
+
serverSecretKey: nodeInfo.sk,
|
|
518
|
+
});
|
|
519
|
+
const csrfToken = sign(accessWallet.secretKey, sessionToken);
|
|
520
|
+
|
|
521
|
+
await updateSession({ sessionToken, refreshToken, csrfToken }, true);
|
|
503
522
|
}
|
|
504
523
|
}
|
|
505
524
|
|
package/lib/oauth.js
CHANGED
|
@@ -8,6 +8,8 @@ const { getBlockletAppIdList } = require('@blocklet/meta/lib/util');
|
|
|
8
8
|
const { LOGIN_PROVIDER } = require('@blocklet/constant');
|
|
9
9
|
const getOrigin = require('@abtnode/util/lib/get-origin');
|
|
10
10
|
|
|
11
|
+
const { getAccessWallet } = require('@abtnode/util/lib/blocklet');
|
|
12
|
+
const { sign } = require('@blocklet/sdk/lib/util/csrf');
|
|
11
13
|
const { getApplicationInfo } = require('./auth');
|
|
12
14
|
|
|
13
15
|
const getSessionConfig = async (req) => {
|
|
@@ -135,7 +137,15 @@ function createPassportSwitcher(node, createToken, mode = 'server') {
|
|
|
135
137
|
{ ...(await getSessionConfig(req)) }
|
|
136
138
|
);
|
|
137
139
|
|
|
138
|
-
|
|
140
|
+
// 生成 csrf token
|
|
141
|
+
const blocklet = await req.getBlocklet();
|
|
142
|
+
const accessWallet = getAccessWallet({
|
|
143
|
+
blockletAppDid: blocklet.appDid || blocklet.meta.did,
|
|
144
|
+
serverSecretKey: info.sk,
|
|
145
|
+
});
|
|
146
|
+
const csrfToken = sign(accessWallet.secretKey, sessionToken);
|
|
147
|
+
|
|
148
|
+
res.status(200).json({ sessionToken, refreshToken, csrfToken });
|
|
139
149
|
};
|
|
140
150
|
}
|
|
141
151
|
|
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"publishConfig": {
|
|
4
4
|
"access": "public"
|
|
5
5
|
},
|
|
6
|
-
"version": "1.17.3
|
|
6
|
+
"version": "1.17.3",
|
|
7
7
|
"description": "Simple lib to manage auth in ABT Node",
|
|
8
8
|
"main": "lib/index.js",
|
|
9
9
|
"files": [
|
|
@@ -18,21 +18,21 @@
|
|
|
18
18
|
"author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
|
|
19
19
|
"license": "Apache-2.0",
|
|
20
20
|
"dependencies": {
|
|
21
|
-
"@abtnode/constant": "1.17.3
|
|
22
|
-
"@abtnode/logger": "1.17.3
|
|
23
|
-
"@abtnode/util": "1.17.3
|
|
21
|
+
"@abtnode/constant": "1.17.3",
|
|
22
|
+
"@abtnode/logger": "1.17.3",
|
|
23
|
+
"@abtnode/util": "1.17.3",
|
|
24
24
|
"@arcblock/did": "^1.27.12",
|
|
25
25
|
"@arcblock/did-connect-js": "^1.27.12",
|
|
26
26
|
"@arcblock/did-ext": "^1.27.12",
|
|
27
27
|
"@arcblock/did-util": "^1.27.12",
|
|
28
28
|
"@arcblock/jwt": "^1.27.12",
|
|
29
|
-
"@arcblock/nft-display": "^3.2.
|
|
29
|
+
"@arcblock/nft-display": "^3.2.11",
|
|
30
30
|
"@arcblock/validator": "^1.27.12",
|
|
31
31
|
"@arcblock/vc": "^1.27.12",
|
|
32
|
-
"@blocklet/constant": "1.17.3
|
|
32
|
+
"@blocklet/constant": "1.17.3",
|
|
33
33
|
"@blocklet/error": "^0.3.3",
|
|
34
|
-
"@blocklet/meta": "1.17.3
|
|
35
|
-
"@blocklet/sdk": "1.17.3
|
|
34
|
+
"@blocklet/meta": "1.17.3",
|
|
35
|
+
"@blocklet/sdk": "1.17.3",
|
|
36
36
|
"@ocap/client": "^1.27.12",
|
|
37
37
|
"@ocap/mcrypto": "^1.27.12",
|
|
38
38
|
"@ocap/util": "^1.27.12",
|
|
@@ -55,5 +55,5 @@
|
|
|
55
55
|
"devDependencies": {
|
|
56
56
|
"axios-mock-adapter": "^2.1.0"
|
|
57
57
|
},
|
|
58
|
-
"gitHead": "
|
|
58
|
+
"gitHead": "20fc4c3b0c0fdf05a91d995e3f6fda0f38fa1133"
|
|
59
59
|
}
|