@abtnode/auth 1.7.6 → 1.7.9

package/lib/auth.js

@@ -6,7 +6,7 @@ const { verifyPresentation, createCredentialList } = require('@arcblock/vc');
 const Mcrypto = require('@ocap/mcrypto');
 const { fromSecretKey, WalletType } = require('@ocap/wallet');
 const getBlockletInfo = require('@blocklet/meta/lib/info');
-const { PASSPORT_STATUS, VC_TYPE_NODE_PASSPORT } = require('@abtnode/constant');
+const { PASSPORT_STATUS, VC_TYPE_NODE_PASSPORT, ROLES } = require('@abtnode/constant');
 const axios = require('@abtnode/util/lib/axios');
 const logger = require('./logger');
 const verifySignature = require('./util/verify-signature');
@@ -47,6 +47,10 @@ const messages = {
   },
 
   // error
+  actionForbidden: {
+    en: 'You are not allowed perform this action',
+    zh: '你没有权限执行此操作',
+  },
 
   notInitialized: {
     en: 'This node is not initialized, login is disabled',
@@ -92,12 +96,16 @@ const messages = {
     en: 'The account does not match the owner account of this passport, please use the DID wallet that contains the owner account of this passport to receive.',
     zh: '该账号与此通行证的所有者账号不匹配，请使用包含此通行证所有者账号的 DID 钱包领取。',
   },
+  userMismatch: {
+    en: 'User mismatch, please use connected DID wallet to continue.',
+    zh: '用户不匹配，请使用当前会话连接的钱包操作',
+  },
   lowVersion: {
     en: 'Your DID wallet version is too low, please upgrade to the latest version',
     zh: '你的 DID 钱包版本过低，请升级至最新版本',
   },
   passportStatusCheckFailed: {
-    en: (message) => `Passport status check failed:${message}`,
+    en: (message) => `Passport status check failed: ${message}`,
     zh: (message) => `通行证状态检测失败：${message}`,
   },
   unKnownStatus: {
@@ -229,6 +237,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
   let wallet;
   let description;
   let passportColor;
+  let owner;
 
   if (teamDid === nodeInfo.did) {
     name = nodeInfo.name;
@@ -236,6 +245,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
     wallet = getNodeWallet(nodeInfo.sk);
     type = 'node';
     passportColor = 'default';
+    owner = nodeInfo.nodeOwner;
   } else {
     const blocklet = await node.getBlocklet({ did: teamDid, attachRuntimeInfo: false });
     const blockletInfo = getBlockletInfo(blocklet, nodeInfo.sk);
@@ -244,6 +254,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
     wallet = blockletInfo.wallet;
     passportColor = blockletInfo.passportColor;
     type = 'blocklet';
+    owner = get(blocklet, 'settings.owner');
   }
 
   return {
@@ -253,6 +264,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
     wallet,
     passportColor,
     did: teamDid,
+    owner,
   };
 };
 
@@ -476,7 +488,17 @@ const createIssuePassportRequest = async ({ node, nodeInfo, teamDid, id, locale
     throw new Error('The issuance does not exist or has been used');
   }
 
-  const { name: issuerName, wallet: issuerWallet, passportColor } = await getTeamInfo({ node, nodeInfo, teamDid });
+  const {
+    name: issuerName,
+    wallet: issuerWallet,
+    passportColor,
+    owner: teamOwner,
+  } = await getTeamInfo({ node, nodeInfo, teamDid });
+
+  if (issuanceInfo.name === ROLES.OWNER && !!teamOwner) {
+    throw new Error('Cannot receive owner passport because the owner already exists');
+  }
+
   const user = await getUser(node, teamDid, issuanceInfo.ownerDid);
 
   const passport = await createPassport({
@@ -539,6 +561,7 @@ const handleIssuePassportResponse = async ({
     wallet: issuerWallet,
     type: issuerType,
     passportColor,
+    owner: teamOwner,
   } = await getTeamInfo({ node, nodeInfo, teamDid });
 
   // get issuanceInfo from session
@@ -546,6 +569,10 @@ const handleIssuePassportResponse = async ({
   const issuanceInfo = list.find((x) => x.id === id);
   const { name, ownerDid } = issuanceInfo;
 
+  if (name === ROLES.OWNER && !!teamOwner) {
+    throw new Error('Cannot receive Owner Passport because the owner already exists');
+  }
+
   if (ownerDid !== userDid) {
     throw new Error(messages.notOwner[locale]);
   }
@@ -594,6 +621,11 @@ const handleIssuePassportResponse = async ({
   // delete session
   await node.processPassportIssuance({ teamDid, sessionId: id });
 
+  if (name === ROLES.OWNER && issuerType === 'blocklet') {
+    logger.info('Bind owner for blocklet', { teamDid, userDid });
+    await node.setBlockletInitialized({ did: teamDid, owner: { did: userDid, pk: userPk } });
+  }
+
   return {
     disposition: 'attachment',
     type: 'VerifiableCredential',

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.7.6",
+  "version": "1.7.9",
   "description": "Simple lib to manage auth in ABT Node",
   "main": "lib/index.js",
   "files": [
@@ -20,17 +20,17 @@
   "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/constant": "1.7.6",
-    "@abtnode/logger": "1.7.6",
-    "@abtnode/util": "1.7.6",
-    "@arcblock/did": "^1.16.0",
-    "@arcblock/vc": "^1.16.0",
-    "@blocklet/meta": "1.7.6",
-    "@ocap/client": "1.16.0",
-    "@ocap/mcrypto": "^1.16.0",
-    "@ocap/util": "^1.16.0",
-    "@ocap/wallet": "^1.16.0",
-    "axios": "^0.25.0",
+    "@abtnode/constant": "1.7.9",
+    "@abtnode/logger": "1.7.9",
+    "@abtnode/util": "1.7.9",
+    "@arcblock/did": "^1.16.4",
+    "@arcblock/vc": "^1.16.4",
+    "@blocklet/meta": "1.7.9",
+    "@ocap/client": "1.16.4",
+    "@ocap/mcrypto": "^1.16.4",
+    "@ocap/util": "^1.16.4",
+    "@ocap/wallet": "^1.16.4",
+    "axios": "^0.26.1",
     "joi": "^17.6.0",
     "jsonwebtoken": "^8.5.1",
     "lodash": "^4.17.21",
@@ -40,5 +40,5 @@
   "devDependencies": {
     "jest": "^27.4.5"
   },
-  "gitHead": "47a9dbd6ea74419ff586336824ebb9b2fe7694aa"
+  "gitHead": "285f4fedd41fcb8e1814ce5d8250ac10616e67e0"
 }