@abtnode/auth 1.5.0 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/lib/auth.js +62 -9
  2. package/lib/lost-passport.js +11 -4
  3. package/lib/passport.js +3 -2
  4. package/package.json +11 -11
package/lib/auth.js CHANGED
@@ -36,6 +36,10 @@ const messages = {
36
36
  en: 'Please provide passport',
37
37
  zh: '请提供通行证',
38
38
  },
39
+ requestBlockletNft: {
40
+ en: 'Please provide Blocklet Purchase NFT',
41
+ zh: '请提供 Blocklet Purchase NFT',
42
+ },
39
43
  receivePassport: {
40
44
  en: 'Please sign the text to get passport',
41
45
  ah: '请对文本签名以获取通行证',
@@ -59,6 +63,10 @@ const messages = {
59
63
  en: 'Credential is not provided',
60
64
  zh: '请提供凭证',
61
65
  },
66
+ missingBlockletCredentialClaim: {
67
+ en: 'Blocklet credential is not provided',
68
+ zh: '请提供 Blocklet 凭证',
69
+ },
62
70
  missingChallenge: {
63
71
  en: 'Credential presentation does not include valid challenge',
64
72
  zh: '凭证中缺少正确的随机因子',
@@ -111,6 +119,26 @@ const messages = {
111
119
  en: 'User not found',
112
120
  zh: '用户不存在',
113
121
  },
122
+ notAuthorized: {
123
+ en: '没有执行此操作的权限',
124
+ zh: 'No permission to perform this operation',
125
+ },
126
+ invalidParams: {
127
+ en: 'Invalid Params',
128
+ zh: '无效的参数',
129
+ },
130
+ invalidBlocklet: {
131
+ en: 'Invalid Blocklet',
132
+ zh: '无效的 Blocklet',
133
+ },
134
+ blockletExists: {
135
+ en: 'The blocklet already exists',
136
+ zh: '应用已安装',
137
+ },
138
+ invalidBlockletVc: {
139
+ en: 'Invalid Blocklet VC',
140
+ zh: '无效的 Blocklet VC',
141
+ },
114
142
  };
115
143
 
116
144
  const PASSPORT_STATUS_KEY = 'passport-status';
@@ -170,6 +198,7 @@ const getIssuer = async ({ node, nodeInfo, teamDid }) => {
170
198
 
171
199
  const createAuthToken = ({ did, passport, role, secret, expiresIn } = {}) => {
172
200
  const payload = {
201
+ type: 'user',
173
202
  did,
174
203
  role,
175
204
  };
@@ -185,6 +214,15 @@ const createAuthToken = ({ did, passport, role, secret, expiresIn } = {}) => {
185
214
  return token;
186
215
  };
187
216
 
217
+ const createAuthTokenByOwnershipNFT = ({ role, secret, expiresIn } = {}) => {
218
+ const payload = {
219
+ type: 'ownership_nft',
220
+ role,
221
+ };
222
+
223
+ return jwt.sign(payload, secret, { expiresIn });
224
+ };
225
+
188
226
  const getUser = async (node, teamDid, userDid) => {
189
227
  const user = await node.getUser({ teamDid, user: { did: userDid } });
190
228
  return user;
@@ -227,7 +265,7 @@ const createInvitationRequest = async ({ node, nodeInfo, teamDid, inviteId, loca
227
265
  type: 'mime:text/plain',
228
266
  display: JSON.stringify({
229
267
  type: 'svg',
230
- content: createPassportSvg({ issuer: issuerName, title: passport.title, issuerDid: issuerWallet.toAddress() }),
268
+ content: createPassportSvg({ issuer: issuerName, title: passport.title, issuerDid: issuerWallet.address }),
231
269
  }),
232
270
  };
233
271
  };
@@ -251,11 +289,11 @@ const handleInvitationResponse = async ({
251
289
  const claim = claims.find((x) => x.type === 'signature');
252
290
  verifySignature(claim, userDid, userPk, locale);
253
291
 
254
- const { issuerName, issuerWallet } = await getIssuer({ node, nodeInfo, teamDid });
292
+ const { issuerName, issuerWallet, issuerType } = await getIssuer({ node, nodeInfo, teamDid });
255
293
 
256
294
  const inviteInfo = await node.processInvitation({ teamDid, inviteId });
257
295
 
258
- const vc = createPassportVC({
296
+ const vcParams = {
259
297
  issuerName,
260
298
  issuerWallet,
261
299
  ownerDid: userDid,
@@ -272,7 +310,13 @@ const handleInvitationResponse = async ({
272
310
  teamDid,
273
311
  }),
274
312
  types: teamDid === nodeInfo.did ? [NFT_TYPE_NODE_PASSPORT] : [],
275
- });
313
+ };
314
+
315
+ if (issuerType === 'node') {
316
+ vcParams.tag = nodeInfo.did;
317
+ }
318
+
319
+ const vc = createPassportVC(vcParams);
276
320
 
277
321
  const role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
278
322
  const passport = createUserPassport(vc, { role });
@@ -361,7 +405,7 @@ const createIssuePassportRequest = async ({ node, nodeInfo, teamDid, id, locale
361
405
  type: 'mime:text/plain',
362
406
  display: JSON.stringify({
363
407
  type: 'svg',
364
- content: createPassportSvg({ issuer: issuerName, title: passport.title, issuerDid: issuerWallet.toAddress() }),
408
+ content: createPassportSvg({ issuer: issuerName, title: passport.title, issuerDid: issuerWallet.address }),
365
409
  }),
366
410
  };
367
411
  };
@@ -396,7 +440,7 @@ const handleIssuePassportResponse = async ({
396
440
  );
397
441
  }
398
442
 
399
- const { issuerName, issuerWallet } = await getIssuer({ node, nodeInfo, teamDid });
443
+ const { issuerName, issuerWallet, issuerType } = await getIssuer({ node, nodeInfo, teamDid });
400
444
 
401
445
  // get issuanceInfo from session
402
446
  const list = await node.getPassportIssuances({ teamDid });
@@ -407,7 +451,7 @@ const handleIssuePassportResponse = async ({
407
451
  throw new Error(messages.notOwner[locale]);
408
452
  }
409
453
 
410
- const vc = createPassportVC({
454
+ const vcParams = {
411
455
  issuerName,
412
456
  issuerWallet,
413
457
  ownerDid: userDid,
@@ -424,7 +468,13 @@ const handleIssuePassportResponse = async ({
424
468
  teamDid,
425
469
  }),
426
470
  types: teamDid === nodeInfo.did ? [NFT_TYPE_NODE_PASSPORT] : [],
427
- });
471
+ };
472
+
473
+ if (issuerType === 'node') {
474
+ vcParams.tag = nodeInfo.did;
475
+ }
476
+
477
+ const vc = createPassportVC(vcParams);
428
478
 
429
479
  const role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
430
480
  const passport = createUserPassport(vc, { role });
@@ -451,7 +501,9 @@ const handleIssuePassportResponse = async ({
451
501
  };
452
502
 
453
503
  const getVCFromClaims = async ({ claims, challenge, trustedIssuers, vcTypes, locale = 'en' }) => {
454
- const credential = claims.find((x) => x.type === 'verifiableCredential');
504
+ const credential = claims.find(
505
+ (x) => x.type === 'verifiableCredential' && vcTypes.some((item) => x.item.includes(item))
506
+ );
455
507
 
456
508
  if (!credential || !credential.presentation) {
457
509
  return {};
@@ -607,6 +659,7 @@ const validatePassportStatus = async ({ vcId, endpoint, locale = 'en' }) => {
607
659
  module.exports = {
608
660
  getUser,
609
661
  createAuthToken,
662
+ createAuthTokenByOwnershipNFT,
610
663
  beforeInvitationRequest,
611
664
  createInvitationRequest,
612
665
  handleInvitationResponse,
package/lib/lost-passport.js CHANGED
@@ -39,7 +39,7 @@ const getTeamInfo = async ({ type, node, req }) => {
39
39
  teamDid = req.headers['x-blocklet-did'];
40
40
  const blocklet = await node.getBlocklet({ did: teamDid, attachRuntimeInfo: false });
41
41
  const { wallet } = getBlockletInfo(blocklet, info.sk);
42
- issuerDid = wallet.toAddress();
42
+ issuerDid = wallet.address;
43
43
  issuerName = blocklet.meta.title || blocklet.meta.name;
44
44
  issuerWallet = wallet;
45
45
  } else {
@@ -215,7 +215,7 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix }) => ({
215
215
  );
216
216
  }
217
217
 
218
- const vc = createPassportVC({
218
+ const vcParams = {
219
219
  issuerName,
220
220
  issuerWallet,
221
221
  ownerDid: userDid,
@@ -231,8 +231,15 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix }) => ({
231
231
  userDid,
232
232
  teamDid,
233
233
  }),
234
- types: type === TEAM_TYPES.NODE ? [NFT_TYPE_NODE_PASSPORT] : [],
235
- });
234
+ types: [],
235
+ };
236
+
237
+ if (type === TEAM_TYPES.NODE) {
238
+ vcParams.types = [NFT_TYPE_NODE_PASSPORT];
239
+ vcParams.tag = teamDid;
240
+ }
241
+
242
+ const vc = createPassportVC(vcParams);
236
243
 
237
244
  const role = getRoleFromLocalPassport(get(vc, 'credentialSubject.passport'));
238
245
 
package/lib/passport.js CHANGED
@@ -72,7 +72,7 @@ const createPassportSvg = ({
72
72
  </svg>
73
73
  `;
74
74
 
75
- const createPassportVC = ({ issuerWallet, issuerName, ownerDid, passport, endpoint, types = [] } = {}) => {
75
+ const createPassportVC = ({ issuerWallet, issuerName, ownerDid, passport, endpoint, types = [], tag } = {}) => {
76
76
  validatePassport(passport);
77
77
 
78
78
  return createVC({
@@ -86,10 +86,11 @@ const createPassportVC = ({ issuerWallet, issuerName, ownerDid, passport, endpoi
86
86
  passport,
87
87
  display: {
88
88
  type: 'svg',
89
- content: createPassportSvg({ issuer: issuerName, issuerDid: issuerWallet.toAddress(), title: passport.title }),
89
+ content: createPassportSvg({ issuer: issuerName, issuerDid: issuerWallet.address, title: passport.title }),
90
90
  },
91
91
  },
92
92
  endpoint,
93
+ tag,
93
94
  });
94
95
  };
95
96
 
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "publishConfig": {
4
4
  "access": "public"
5
5
  },
6
- "version": "1.5.0",
6
+ "version": "1.5.4",
7
7
  "description": "Simple lib to manage auth in ABT Node",
8
8
  "main": "lib/index.js",
9
9
  "files": [
@@ -20,15 +20,15 @@
20
20
  "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
21
21
  "license": "MIT",
22
22
  "dependencies": {
23
- "@abtnode/constant": "1.5.0",
24
- "@abtnode/logger": "1.5.0",
25
- "@abtnode/util": "1.5.0",
26
- "@arcblock/did": "^1.13.16",
27
- "@arcblock/vc": "^1.13.16",
28
- "@blocklet/meta": "1.5.0",
29
- "@ocap/mcrypto": "^1.13.16",
30
- "@ocap/util": "^1.13.16",
31
- "@ocap/wallet": "^1.13.16",
23
+ "@abtnode/constant": "1.5.4",
24
+ "@abtnode/logger": "1.5.4",
25
+ "@abtnode/util": "1.5.4",
26
+ "@arcblock/did": "^1.13.28",
27
+ "@arcblock/vc": "^1.13.28",
28
+ "@blocklet/meta": "1.5.4",
29
+ "@ocap/mcrypto": "^1.13.28",
30
+ "@ocap/util": "^1.13.28",
31
+ "@ocap/wallet": "^1.13.28",
32
32
  "axios": "^0.21.4",
33
33
  "joi": "^17.4.0",
34
34
  "jsonwebtoken": "^8.5.1",
@@ -39,5 +39,5 @@
39
39
  "devDependencies": {
40
40
  "jest": "^26.4.2"
41
41
  },
42
- "gitHead": "bc78f2a10de0ccc7ae23b6b6f259c05606bad8f5"
42
+ "gitHead": "8856a7eae8ebd3e09ca11214892f57fb522f9b45"
43
43
  }