@abtnode/auth 1.7.7 → 1.7.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/auth.js +35 -3
- package/package.json +13 -13
package/lib/auth.js
CHANGED
|
@@ -6,7 +6,7 @@ const { verifyPresentation, createCredentialList } = require('@arcblock/vc');
|
|
|
6
6
|
const Mcrypto = require('@ocap/mcrypto');
|
|
7
7
|
const { fromSecretKey, WalletType } = require('@ocap/wallet');
|
|
8
8
|
const getBlockletInfo = require('@blocklet/meta/lib/info');
|
|
9
|
-
const { PASSPORT_STATUS, VC_TYPE_NODE_PASSPORT } = require('@abtnode/constant');
|
|
9
|
+
const { PASSPORT_STATUS, VC_TYPE_NODE_PASSPORT, ROLES } = require('@abtnode/constant');
|
|
10
10
|
const axios = require('@abtnode/util/lib/axios');
|
|
11
11
|
const logger = require('./logger');
|
|
12
12
|
const verifySignature = require('./util/verify-signature');
|
|
@@ -47,6 +47,10 @@ const messages = {
|
|
|
47
47
|
},
|
|
48
48
|
|
|
49
49
|
// error
|
|
50
|
+
actionForbidden: {
|
|
51
|
+
en: 'You are not allowed perform this action',
|
|
52
|
+
zh: '你没有权限执行此操作',
|
|
53
|
+
},
|
|
50
54
|
|
|
51
55
|
notInitialized: {
|
|
52
56
|
en: 'This node is not initialized, login is disabled',
|
|
@@ -92,12 +96,16 @@ const messages = {
|
|
|
92
96
|
en: 'The account does not match the owner account of this passport, please use the DID wallet that contains the owner account of this passport to receive.',
|
|
93
97
|
zh: '该账号与此通行证的所有者账号不匹配,请使用包含此通行证所有者账号的 DID 钱包领取。',
|
|
94
98
|
},
|
|
99
|
+
userMismatch: {
|
|
100
|
+
en: 'User mismatch, please use connected DID wallet to continue.',
|
|
101
|
+
zh: '用户不匹配,请使用当前会话连接的钱包操作',
|
|
102
|
+
},
|
|
95
103
|
lowVersion: {
|
|
96
104
|
en: 'Your DID wallet version is too low, please upgrade to the latest version',
|
|
97
105
|
zh: '你的 DID 钱包版本过低,请升级至最新版本',
|
|
98
106
|
},
|
|
99
107
|
passportStatusCheckFailed: {
|
|
100
|
-
en: (message) => `Passport status check failed
|
|
108
|
+
en: (message) => `Passport status check failed: ${message}`,
|
|
101
109
|
zh: (message) => `通行证状态检测失败:${message}`,
|
|
102
110
|
},
|
|
103
111
|
unKnownStatus: {
|
|
@@ -229,6 +237,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
|
|
|
229
237
|
let wallet;
|
|
230
238
|
let description;
|
|
231
239
|
let passportColor;
|
|
240
|
+
let owner;
|
|
232
241
|
|
|
233
242
|
if (teamDid === nodeInfo.did) {
|
|
234
243
|
name = nodeInfo.name;
|
|
@@ -236,6 +245,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
|
|
|
236
245
|
wallet = getNodeWallet(nodeInfo.sk);
|
|
237
246
|
type = 'node';
|
|
238
247
|
passportColor = 'default';
|
|
248
|
+
owner = nodeInfo.nodeOwner;
|
|
239
249
|
} else {
|
|
240
250
|
const blocklet = await node.getBlocklet({ did: teamDid, attachRuntimeInfo: false });
|
|
241
251
|
const blockletInfo = getBlockletInfo(blocklet, nodeInfo.sk);
|
|
@@ -244,6 +254,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
|
|
|
244
254
|
wallet = blockletInfo.wallet;
|
|
245
255
|
passportColor = blockletInfo.passportColor;
|
|
246
256
|
type = 'blocklet';
|
|
257
|
+
owner = get(blocklet, 'settings.owner');
|
|
247
258
|
}
|
|
248
259
|
|
|
249
260
|
return {
|
|
@@ -253,6 +264,7 @@ const getTeamInfo = async ({ node, nodeInfo, teamDid }) => {
|
|
|
253
264
|
wallet,
|
|
254
265
|
passportColor,
|
|
255
266
|
did: teamDid,
|
|
267
|
+
owner,
|
|
256
268
|
};
|
|
257
269
|
};
|
|
258
270
|
|
|
@@ -476,7 +488,17 @@ const createIssuePassportRequest = async ({ node, nodeInfo, teamDid, id, locale
|
|
|
476
488
|
throw new Error('The issuance does not exist or has been used');
|
|
477
489
|
}
|
|
478
490
|
|
|
479
|
-
const {
|
|
491
|
+
const {
|
|
492
|
+
name: issuerName,
|
|
493
|
+
wallet: issuerWallet,
|
|
494
|
+
passportColor,
|
|
495
|
+
owner: teamOwner,
|
|
496
|
+
} = await getTeamInfo({ node, nodeInfo, teamDid });
|
|
497
|
+
|
|
498
|
+
if (issuanceInfo.name === ROLES.OWNER && !!teamOwner) {
|
|
499
|
+
throw new Error('Cannot receive owner passport because the owner already exists');
|
|
500
|
+
}
|
|
501
|
+
|
|
480
502
|
const user = await getUser(node, teamDid, issuanceInfo.ownerDid);
|
|
481
503
|
|
|
482
504
|
const passport = await createPassport({
|
|
@@ -539,6 +561,7 @@ const handleIssuePassportResponse = async ({
|
|
|
539
561
|
wallet: issuerWallet,
|
|
540
562
|
type: issuerType,
|
|
541
563
|
passportColor,
|
|
564
|
+
owner: teamOwner,
|
|
542
565
|
} = await getTeamInfo({ node, nodeInfo, teamDid });
|
|
543
566
|
|
|
544
567
|
// get issuanceInfo from session
|
|
@@ -546,6 +569,10 @@ const handleIssuePassportResponse = async ({
|
|
|
546
569
|
const issuanceInfo = list.find((x) => x.id === id);
|
|
547
570
|
const { name, ownerDid } = issuanceInfo;
|
|
548
571
|
|
|
572
|
+
if (name === ROLES.OWNER && !!teamOwner) {
|
|
573
|
+
throw new Error('Cannot receive Owner Passport because the owner already exists');
|
|
574
|
+
}
|
|
575
|
+
|
|
549
576
|
if (ownerDid !== userDid) {
|
|
550
577
|
throw new Error(messages.notOwner[locale]);
|
|
551
578
|
}
|
|
@@ -594,6 +621,11 @@ const handleIssuePassportResponse = async ({
|
|
|
594
621
|
// delete session
|
|
595
622
|
await node.processPassportIssuance({ teamDid, sessionId: id });
|
|
596
623
|
|
|
624
|
+
if (name === ROLES.OWNER && issuerType === 'blocklet') {
|
|
625
|
+
logger.info('Bind owner for blocklet', { teamDid, userDid });
|
|
626
|
+
await node.setBlockletInitialized({ did: teamDid, owner: { did: userDid, pk: userPk } });
|
|
627
|
+
}
|
|
628
|
+
|
|
597
629
|
return {
|
|
598
630
|
disposition: 'attachment',
|
|
599
631
|
type: 'VerifiableCredential',
|
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"publishConfig": {
|
|
4
4
|
"access": "public"
|
|
5
5
|
},
|
|
6
|
-
"version": "1.7.
|
|
6
|
+
"version": "1.7.10",
|
|
7
7
|
"description": "Simple lib to manage auth in ABT Node",
|
|
8
8
|
"main": "lib/index.js",
|
|
9
9
|
"files": [
|
|
@@ -20,17 +20,17 @@
|
|
|
20
20
|
"author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
|
|
21
21
|
"license": "MIT",
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@abtnode/constant": "1.7.
|
|
24
|
-
"@abtnode/logger": "1.7.
|
|
25
|
-
"@abtnode/util": "1.7.
|
|
26
|
-
"@arcblock/did": "^1.16.
|
|
27
|
-
"@arcblock/vc": "^1.16.
|
|
28
|
-
"@blocklet/meta": "1.7.
|
|
29
|
-
"@ocap/client": "1.16.
|
|
30
|
-
"@ocap/mcrypto": "^1.16.
|
|
31
|
-
"@ocap/util": "^1.16.
|
|
32
|
-
"@ocap/wallet": "^1.16.
|
|
33
|
-
"axios": "^0.
|
|
23
|
+
"@abtnode/constant": "1.7.10",
|
|
24
|
+
"@abtnode/logger": "1.7.10",
|
|
25
|
+
"@abtnode/util": "1.7.10",
|
|
26
|
+
"@arcblock/did": "^1.16.5",
|
|
27
|
+
"@arcblock/vc": "^1.16.5",
|
|
28
|
+
"@blocklet/meta": "1.7.10",
|
|
29
|
+
"@ocap/client": "1.16.5",
|
|
30
|
+
"@ocap/mcrypto": "^1.16.5",
|
|
31
|
+
"@ocap/util": "^1.16.5",
|
|
32
|
+
"@ocap/wallet": "^1.16.5",
|
|
33
|
+
"axios": "^0.26.1",
|
|
34
34
|
"joi": "^17.6.0",
|
|
35
35
|
"jsonwebtoken": "^8.5.1",
|
|
36
36
|
"lodash": "^4.17.21",
|
|
@@ -40,5 +40,5 @@
|
|
|
40
40
|
"devDependencies": {
|
|
41
41
|
"jest": "^27.4.5"
|
|
42
42
|
},
|
|
43
|
-
"gitHead": "
|
|
43
|
+
"gitHead": "8eab10fd39b6183a2fa4d2706f52e8b2ecaa059a"
|
|
44
44
|
}
|