@abtnode/auth 1.8.69-beta-76f8a46f → 1.8.69-beta-650a290b

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/lib/auth.js +4 -0
  2. package/lib/lost-passport.js +10 -5
  3. package/lib/server.js +33 -13
  4. package/package.json +14 -14
package/lib/auth.js CHANGED
@@ -184,6 +184,10 @@ const messages = {
184
184
  en: 'Invalid Blocklet VC',
185
185
  zh: '无效的 Blocklet VC',
186
186
  },
187
+ invalidAppVersion: {
188
+ en: 'App key-pair rotating can only be performed on the latest version',
189
+ zh: '只有最新版应用可以变更钥匙对',
190
+ },
187
191
 
188
192
  // NFT related
189
193
  missingProfileClaim: {
package/lib/lost-passport.js CHANGED
@@ -1,11 +1,12 @@
1
1
  const path = require('path');
2
2
  const joinUrl = require('url-join');
3
3
  const uniqBy = require('lodash/uniqBy');
4
+ const uniq = require('lodash/uniq');
4
5
  const getBlockletInfo = require('@blocklet/meta/lib/info');
5
6
  const formatContext = require('@abtnode/util/lib/format-context');
6
7
  const getRandomMessage = require('@abtnode/util/lib/get-random-message');
7
8
  const getNodeWallet = require('@abtnode/util/lib/get-app-wallet');
8
- const { getDisplayName } = require('@blocklet/meta/lib/util');
9
+ const { getDisplayName, getBlockletAppIdList } = require('@blocklet/meta/lib/util');
9
10
  const { VC_TYPE_NODE_PASSPORT, PASSPORT_STATUS, NODE_DATA_DIR_NAME } = require('@abtnode/constant');
10
11
  const get = require('lodash/get');
11
12
  const { parseUserAvatar } = require('@abtnode/util/lib/user-avatar');
@@ -31,6 +32,7 @@ const TEAM_TYPES = {
31
32
  const getTeamInfo = async ({ type, node, req }) => {
32
33
  let teamDid;
33
34
  let issuerDid;
35
+ let issuerDidList;
34
36
  let issuerName;
35
37
  let issuerWallet;
36
38
  let passportColor;
@@ -40,6 +42,7 @@ const getTeamInfo = async ({ type, node, req }) => {
40
42
  if (type === TEAM_TYPES.NODE) {
41
43
  teamDid = info.did;
42
44
  issuerDid = info.did;
45
+ issuerDidList = [info.did];
43
46
  issuerName = info.name;
44
47
  issuerWallet = getNodeWallet(info.sk);
45
48
  passportColor = 'default';
@@ -49,6 +52,7 @@ const getTeamInfo = async ({ type, node, req }) => {
49
52
  const blocklet = await node.getBlocklet({ did: teamDid, attachRuntimeInfo: false });
50
53
  const blockletInfo = getBlockletInfo(blocklet, info.sk);
51
54
  issuerDid = blockletInfo.wallet.address;
55
+ issuerDidList = uniq([blockletInfo.wallet.address, ...getBlockletAppIdList(blocklet)]);
52
56
  issuerName = getDisplayName(blocklet, true);
53
57
  issuerWallet = blockletInfo.wallet;
54
58
  passportColor = blockletInfo.passportColor;
@@ -60,6 +64,7 @@ const getTeamInfo = async ({ type, node, req }) => {
60
64
  return {
61
65
  teamDid,
62
66
  issuerDid,
67
+ issuerDidList,
63
68
  issuerName,
64
69
  issuerWallet,
65
70
  passportColor,
@@ -95,7 +100,7 @@ const createLostPassportListRoute = ({ node, type }) => ({
95
100
  onAuth: async ({ userDid, extraParams, updateSession, req }) => {
96
101
  const { locale } = extraParams;
97
102
 
98
- const { teamDid, issuerDid, dataDir } = await getTeamInfo({ node, req, type });
103
+ const { teamDid, issuerDidList, dataDir } = await getTeamInfo({ node, req, type });
99
104
 
100
105
  // check user approved
101
106
  const user = await getUser(node, teamDid, userDid);
@@ -114,7 +119,7 @@ const createLostPassportListRoute = ({ node, type }) => ({
114
119
  return false;
115
120
  }
116
121
 
117
- if (x.issuer.id !== issuerDid) {
122
+ if (!issuerDidList.includes(x.issuer.id)) {
118
123
  return false;
119
124
  }
120
125
  return !(x.expirationDate && Date.now() > new Date(x.expirationDate).getTime());
@@ -193,7 +198,7 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix }) => ({
193
198
  onAuth: async ({ claims, userDid, userPk, extraParams, updateSession, baseUrl, req }) => {
194
199
  const { locale = 'en', receiverDid, passportName } = extraParams;
195
200
 
196
- const { teamDid, issuerDid, issuerName, issuerWallet, passportColor, dataDir } = await getTeamInfo({
201
+ const { teamDid, issuerDidList, issuerName, issuerWallet, passportColor, dataDir } = await getTeamInfo({
197
202
  node,
198
203
  req,
199
204
  type,
@@ -226,7 +231,7 @@ const createLostPassportIssueRoute = ({ node, type, authServicePrefix }) => ({
226
231
  (x) =>
227
232
  x.name === passportName &&
228
233
  x.status === PASSPORT_STATUS.VALID &&
229
- x.issuer.id === issuerDid &&
234
+ issuerDidList.includes(x.issuer.id) &&
230
235
  (!x.expirationDate || Date.now() > new Date(x.expirationDate).getTime())
231
236
  );
232
237
  if (!exist) {
package/lib/server.js CHANGED
@@ -21,6 +21,7 @@ const {
21
21
  SERVER_ROLES,
22
22
  NFT_TYPE_SERVERLESS,
23
23
  MAIN_CHAIN_ENDPOINT,
24
+ APP_STRUCT_VERSION,
24
25
  } = require('@abtnode/constant');
25
26
  const {
26
27
  messages,
@@ -290,7 +291,7 @@ const getAuthNFTClaim =
290
291
  };
291
292
 
292
293
  const getKeyPairClaim =
293
- (node) =>
294
+ (node, declare = true) =>
294
295
  async ({ extraParams: { locale, appDid, title }, context: { didwallet } }) => {
295
296
  checkWalletVersion({ didwallet, locale });
296
297
 
@@ -319,6 +320,7 @@ const getKeyPairClaim =
319
320
  mfa: !process.env.DID_CONNECT_MFA_DISABLED,
320
321
  description: description[locale] || description.en,
321
322
  moniker: (urlFriendly(slugify(appName)) || 'application').toLowerCase(),
323
+ declare: !!declare,
322
324
  migrateFrom,
323
325
  targetType: {
324
326
  role: 'application',
@@ -334,7 +336,7 @@ const getRotateKeyPairClaims = (node) => {
334
336
  {
335
337
  authPrincipal: async ({ extraParams: { locale, appDid } }) => {
336
338
  const description = {
337
- en: 'Please select ',
339
+ en: 'Please create a new key-pair for this application',
338
340
  zh: '请为应用创建新的钥匙对',
339
341
  };
340
342
 
@@ -348,6 +350,9 @@ const getRotateKeyPairClaims = (node) => {
348
350
  if (!blocklet) {
349
351
  throw new Error(messages.invalidBlocklet[locale]);
350
352
  }
353
+ if (blocklet.structVersion !== APP_STRUCT_VERSION) {
354
+ throw new Error(messages.invalidAppVersion[locale]);
355
+ }
351
356
 
352
357
  // Try to use blocklet chain config if possible
353
358
  // Since migration happens on the chain the app holds some actual assets
@@ -388,18 +393,33 @@ const getLaunchBlockletClaims = (node, authMethod) => {
388
393
  return claims;
389
394
  };
390
395
 
391
- // FIXME: @wangshijun should be changed to blocklet appSK owner claim?
392
- const getSetupBlockletClaims = (node, authMethod, blocklet) => {
393
- const claims = {};
394
-
395
- if (authMethod === 'vc') {
396
- claims.serverPassport = ['verifiableCredential', getAuthVcClaim({ node, blocklet })];
397
- }
398
- if (authMethod === 'nft') {
399
- claims.serverNFT = ['asset', getAuthNFTClaim({ node })];
400
- }
396
+ const getSetupBlockletClaims = () => {
397
+ const description = {
398
+ en: 'Sign following message to prove that you are the owner of the app',
399
+ zh: '签名如下消息以证明你是应用的拥有者',
400
+ };
401
401
 
402
- return claims;
402
+ return [
403
+ {
404
+ authPrincipal: async ({ context, extraParams: { locale } }) => {
405
+ const blocklet = await context.request.getBlocklet();
406
+ return {
407
+ description: description[locale] || description.en,
408
+ target: blocklet.appDid,
409
+ };
410
+ },
411
+ },
412
+ {
413
+ signature: async ({ context, extraParams: { locale } }) => {
414
+ const blocklet = await context.request.getBlocklet();
415
+ return {
416
+ description: messages.receivePassport[locale],
417
+ data: `I am the owner of app ${blocklet.appDid}`,
418
+ type: 'mime:text/plain',
419
+ };
420
+ },
421
+ },
422
+ ];
403
423
  };
404
424
 
405
425
  const getOwnershipNFTClaim = async (node, locale) => {
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "publishConfig": {
4
4
  "access": "public"
5
5
  },
6
- "version": "1.8.69-beta-76f8a46f",
6
+ "version": "1.8.69-beta-650a290b",
7
7
  "description": "Simple lib to manage auth in ABT Node",
8
8
  "main": "lib/index.js",
9
9
  "files": [
@@ -20,18 +20,18 @@
20
20
  "author": "linchen <linchen1987@foxmail.com> (http://github.com/linchen1987)",
21
21
  "license": "MIT",
22
22
  "dependencies": {
23
- "@abtnode/constant": "1.8.69-beta-76f8a46f",
24
- "@abtnode/logger": "1.8.69-beta-76f8a46f",
25
- "@abtnode/util": "1.8.69-beta-76f8a46f",
26
- "@arcblock/did": "1.18.58",
27
- "@arcblock/jwt": "^1.18.58",
28
- "@arcblock/vc": "1.18.58",
29
- "@blocklet/constant": "1.8.69-beta-76f8a46f",
30
- "@blocklet/meta": "1.8.69-beta-76f8a46f",
31
- "@ocap/client": "1.18.58",
32
- "@ocap/mcrypto": "1.18.58",
33
- "@ocap/util": "1.18.58",
34
- "@ocap/wallet": "1.18.58",
23
+ "@abtnode/constant": "1.8.69-beta-650a290b",
24
+ "@abtnode/logger": "1.8.69-beta-650a290b",
25
+ "@abtnode/util": "1.8.69-beta-650a290b",
26
+ "@arcblock/did": "1.18.59",
27
+ "@arcblock/jwt": "^1.18.59",
28
+ "@arcblock/vc": "1.18.59",
29
+ "@blocklet/constant": "1.8.69-beta-650a290b",
30
+ "@blocklet/meta": "1.8.69-beta-650a290b",
31
+ "@ocap/client": "1.18.59",
32
+ "@ocap/mcrypto": "1.18.59",
33
+ "@ocap/util": "1.18.59",
34
+ "@ocap/wallet": "1.18.59",
35
35
  "axios": "^0.27.2",
36
36
  "joi": "17.7.0",
37
37
  "jsonwebtoken": "^9.0.0",
@@ -43,5 +43,5 @@
43
43
  "devDependencies": {
44
44
  "jest": "^27.5.1"
45
45
  },
46
- "gitHead": "07415e674443b85648ea80b734f7a3690abfc15e"
46
+ "gitHead": "a33c9ce6a52b8d522d13860e85809dcbba236712"
47
47
  }