@abtnode/blocklet-services 1.16.30 → 1.16.31-beta-4246ab25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api/libs/connect/session.js +365 -374
- package/api/routes/federated.js +13 -1
- package/api/routes/oauth.js +10 -4
- package/api/routes/user-session.js +1 -1
- package/api/routes/user.js +14 -24
- package/api/services/auth/connect/issue-passport.js +2 -1
- package/api/services/auth/connect/login.js +2 -1
- package/api/util/federated.js +1 -1
- package/api/validators/login.js +3 -0
- package/dist/assets/{Add-DV9cHTiI.js → Add-CtuOts08.js} +1 -1
- package/dist/assets/{AddBox-DjGRetT1.js → AddBox-BEozRxtr.js} +1 -1
- package/dist/assets/{Alert-BriK3hjA.js → Alert-C8bmV94C.js} +1 -1
- package/dist/assets/{ArrowDropDown-DX29Pf8V.js → ArrowDropDown-BXgf18Oe.js} +1 -1
- package/dist/assets/{Avatar-CpQhQmV4.js → Avatar-BFetDMjX.js} +1 -1
- package/dist/assets/{ButtonGroup-BPdi_2z2.js → ButtonGroup-4rs4O4kq.js} +1 -1
- package/dist/assets/{CheckCircle-DwkE-k6U.js → CheckCircle-DTVdjeqk.js} +1 -1
- package/dist/assets/{ChevronRight-BHXal2s_.js → ChevronRight-DJc4PiWZ.js} +1 -1
- package/dist/assets/{Close-BtG4tyUL.js → Close-CQy5q5kE.js} +1 -1
- package/dist/assets/CloseOutlined-9hT_S7vV.js +1 -0
- package/dist/assets/{Delete-rvy-F0hT.js → Delete-v2KnFPpc.js} +1 -1
- package/dist/assets/{DeleteOutline-C36lJe42.js → DeleteOutline-D-H_BT5g.js} +1 -1
- package/dist/assets/{Done-n1c-sUsw.js → Done-Cg0F76Fb.js} +1 -1
- package/dist/assets/{Download-DuCZFVPl.js → Download-xUlajQ0m.js} +1 -1
- package/dist/assets/{Edit-BrAk9NBL.js → Edit-CLeS4wAm.js} +1 -1
- package/dist/assets/{EditIcon-CPgYqcwg.js → EditIcon-Bv8uXQxv.js} +1 -1
- package/dist/assets/{Error-g7gK9Wfp.js → Error-ke6eGotz.js} +1 -1
- package/dist/assets/{ExpandMore-DpLFPsWa.js → ExpandMore-C2VxPPft.js} +1 -1
- package/dist/assets/{FilterList-BpmYd7MC.js → FilterList-Bm69psLt.js} +1 -1
- package/dist/assets/{FormControl-Dq6XW9kS.js → FormControl-BsXCFEZS.js} +1 -1
- package/dist/assets/{FormControlLabel-CQnpTkDU.js → FormControlLabel-DImktg38.js} +1 -1
- package/dist/assets/{FormGroup-C8sAhYQk.js → FormGroup-DaX4v3-4.js} +1 -1
- package/dist/assets/{Google-C3cw6Unp.js → Google-TWzgXpTH.js} +1 -1
- package/dist/assets/{Hidden-c0nvbE8_.js → Hidden-cGmlvPpU.js} +1 -1
- package/dist/assets/{InfoOutlined-DEt-KJ8v.js → InfoOutlined-B8pG85_Z.js} +1 -1
- package/dist/assets/{InputAdornment-Dr1oU3Hs.js → InputAdornment-C6qOb1bH.js} +1 -1
- package/dist/assets/{InputLabel-DYr7To9X.js → InputLabel-CgXPR_2f.js} +1 -1
- package/dist/assets/{LastPage-DV14H4DC.js → LastPage-DJY3kolG.js} +1 -1
- package/dist/assets/{Launch-DSSRxyd1.js → Launch-CMhSFuNV.js} +1 -1
- package/dist/assets/{LaunchOutlined-DOGa7uCZ.js → LaunchOutlined-DSyzpk6k.js} +1 -1
- package/dist/assets/{Link-BzeSWqDp.js → Link-DOOEUv0s.js} +1 -1
- package/dist/assets/{ListItemText-BWMpM4cA.js → ListItemText-EkATTCYw.js} +1 -1
- package/dist/assets/{LoadingButton-IrsPdnhT.js → LoadingButton-Cbp2GFzD.js} +1 -1
- package/dist/assets/{LockIcon-Cx_TySkG.js → LockIcon-BEU0_8Ic.js} +1 -1
- package/dist/assets/{Loop-CSmyyk97.js → Loop-BueHJmrR.js} +1 -1
- package/dist/assets/{MoreHoriz-B_IgZ_Tw.js → MoreHoriz-Drbf_Pvd.js} +1 -1
- package/dist/assets/{MoreVert-BQD92YJp.js → MoreVert-C7sQuxig.js} +1 -1
- package/dist/assets/{OpenInNew-Ba4HupG6.js → OpenInNew-C4QXGxL_.js} +1 -1
- package/dist/assets/{Pagination-g_z2fX8D.js → Pagination-B8kJW6gb.js} +1 -1
- package/dist/assets/{PlayArrow-CvyM0yMY.js → PlayArrow-CYrln-Kc.js} +1 -1
- package/dist/assets/{QuestionMarkCircle-B_wELYAO.js → QuestionMarkCircle-DTOYeWeD.js} +1 -1
- package/dist/assets/{RadioGroup-BSqtRWJR.js → RadioGroup-CmTDruGg.js} +1 -1
- package/dist/assets/{Search-D_9DtKpx.js → Search-CZ97KNMp.js} +1 -1
- package/dist/assets/{Select-CMM8MR9i.js → Select-CiXWOKZU.js} +1 -1
- package/dist/assets/{ServerLogo-Ds39xok2.js → ServerLogo-Cr53R7IJ.js} +1 -1
- package/dist/assets/{Skeleton-d-rA8WB_.js → Skeleton-HvFaI-R8.js} +1 -1
- package/dist/assets/{Slider-Cv9IlmAx.js → Slider-BUNOUzy3.js} +1 -1
- package/dist/assets/{Stepper-X4KYPIVJ.js → Stepper-B-zipvzv.js} +1 -1
- package/dist/assets/{TextField-BYelVRF_.js → TextField-Cb2e0-k4.js} +1 -1
- package/dist/assets/{Toolbar-DI2YKZS2.js → Toolbar-CmSNHGuN.js} +1 -1
- package/dist/assets/{ViewList-DWZsPuDR.js → ViewList-DzP1BYln.js} +1 -1
- package/dist/assets/{access-control-Deg0Ez_v.js → access-control-fQTJIcIl.js} +1 -1
- package/dist/assets/{actions-Dv2KmWA_.js → actions-Db7l4CqQ.js} +1 -1
- package/dist/assets/add-component-core-DkGv9RyG.js +979 -0
- package/dist/assets/{add-resource-B2YCggbD.js → add-resource-B8-Fd7hl.js} +1 -1
- package/dist/assets/{addon-B-L0-6EM.js → addon-D3OhbJEi.js} +1 -1
- package/dist/assets/{analytics-B3U8I3AQ.js → analytics-BNwjU7d3.js} +1 -1
- package/dist/assets/api-8rjdlHSp.js +1 -0
- package/dist/assets/{audit-logs-Dt1zBSaX.js → audit-logs-CxzQNS32.js} +1 -1
- package/dist/assets/{button-BotQVFjI.js → button-BSfqa6UD.js} +1 -1
- package/dist/assets/click-to-copy-DdF2xqop.js +1 -0
- package/dist/assets/{complete-BfHgp0O7.js → complete-DvEcFSqc.js} +2 -2
- package/dist/assets/{component-BziFLYA3.js → component-B8W7o8FZ.js} +1 -1
- package/dist/assets/{config-BqLTd80Y.js → config-D7luuyWR.js} +1 -1
- package/dist/assets/{config-navigation-1U4iVdBl.js → config-navigation-asIRdIHI.js} +1 -1
- package/dist/assets/{config-BcfULTik.js → config-qbPWLYt1.js} +2 -2
- package/dist/assets/{confirm-BWW215hi.js → confirm-BMHhcHat.js} +1 -1
- package/dist/assets/{connect-CfBbqaTr.js → connect-BiWyubdJ.js} +1 -1
- package/dist/assets/{connect-DC7BGJJv.js → connect-hN5_Shp6.js} +1 -1
- package/dist/assets/{connect-to-CHo6hM6n.js → connect-to-DfkUklQ5.js} +1 -1
- package/dist/assets/{content-layout-BP4bsvx7.js → content-layout-DiWC1J4K.js} +1 -1
- package/dist/assets/{dashboard-BWG8DtF1.js → dashboard-XyLI0qCZ.js} +3 -3
- package/dist/assets/{did-address-TSZ5XRBj.js → did-address-DpvI-gvi.js} +1 -1
- package/dist/assets/{domain-B0bCdxTC.js → domain-BSIv0NhM.js} +1 -1
- package/dist/assets/{domain-list-A5SqLbLS.js → domain-list-DuyWKGsk.js} +2 -2
- package/dist/assets/{exchange-passport-CBjbwwA6.js → exchange-passport-texx7vZK.js} +1 -1
- package/dist/assets/{fallback-Dz8ZuYD5.js → fallback-BwmWTfvT.js} +1 -1
- package/dist/assets/{format-error-DQS9AwZv.js → format-error-Cly-PKJi.js} +1 -1
- package/dist/assets/{fuel-BP12PtJ1.js → fuel-CxlptVAT.js} +1 -1
- package/dist/assets/{fullpage-DXFbt1Ve.js → fullpage-BS2tcmjR.js} +1 -1
- package/dist/assets/{home-Cx9PAId-.js → home--VzEOnFl.js} +1 -1
- package/dist/assets/{iframe-CO-VEhes.js → iframe-DlpSvIZn.js} +1 -1
- package/dist/assets/{index-CFQwbx1S.js → index-B2WTvZE_.js} +1 -1
- package/dist/assets/{index-D-GkMvG_.js → index-B3lhXfcq.js} +1 -1
- package/dist/assets/{index-COZKzHiS.js → index-B4CQ80Yw.js} +1 -1
- package/dist/assets/{index-BcFOSrVl.js → index-B4uw4r9c.js} +1 -1
- package/dist/assets/{index-VIHj0M7P.js → index-B5nEIEWt.js} +1 -1
- package/dist/assets/{index-CQU16qpp.js → index-B8xBf8Wa.js} +1 -1
- package/dist/assets/{index-ByYl1QnH.js → index-BB6k-EGG.js} +1 -1
- package/dist/assets/{index-zQvc8SIq.js → index-BDMqvDjm.js} +1 -1
- package/dist/assets/{index-DCMTEGgZ.js → index-BIzJJSjX.js} +1 -1
- package/dist/assets/{index-B0wa_Sca.js → index-BKSYmDJM.js} +1 -1
- package/dist/assets/{index-BmHPL-9s.js → index-BTAdP21P.js} +3 -3
- package/dist/assets/{index-46Rvg-Bo.js → index-BoqN1cez.js} +1 -1
- package/dist/assets/{index-MoRwjSwP.js → index-BqSFfNnu.js} +1 -1
- package/dist/assets/index-BquWLMx9.js +262 -0
- package/dist/assets/{index-B5Pm_bPi.js → index-C1caLcNJ.js} +1 -1
- package/dist/assets/{index-D5PXuh6o.js → index-CIqhUvIF.js} +11 -11
- package/dist/assets/{index-D_u35EkG.js → index-CVRkgzxH.js} +6 -6
- package/dist/assets/{index-DtAm5Ed6.js → index-CbGiX9t1.js} +1 -1
- package/dist/assets/{index-BJDKEH0b.js → index-CieFHkS_.js} +5 -5
- package/dist/assets/{index-Bwzls06Y.js → index-Cw44iEdL.js} +1 -1
- package/dist/assets/{index--YUaVsoq.js → index-D1pqWkt2.js} +17 -17
- package/dist/assets/{index-ChpB_Xok.js → index-DCGVoYKL.js} +1 -1
- package/dist/assets/index-DEPlCG8R.js +16 -0
- package/dist/assets/{index-B22_1WOD.js → index-DXtRwHZx.js} +1 -1
- package/dist/assets/{index-TTSckhl8.js → index-DiJCHCJQ.js} +1 -1
- package/dist/assets/{index-BqmsKa7O.js → index-DlGzjxDp.js} +1 -1
- package/dist/assets/{index-ozDSMBYi.js → index-DuAuh_Qj.js} +1 -1
- package/dist/assets/{index-BsjCwHmK.js → index-N3bV1fPM.js} +1 -1
- package/dist/assets/{index-DU7LqWjQ.js → index-SOr8TZG4.js} +1 -1
- package/dist/assets/{index-BSHfXuRt.js → index-b39g55oS.js} +1 -1
- package/dist/assets/index-mD8SG0jv.js +1287 -0
- package/dist/assets/{index-Du6azec5.js → index-pO1GnrcK.js} +1 -1
- package/dist/assets/{index.es-CYl4P_xg.js → index.es-Dn-9AeYW.js} +1 -1
- package/dist/assets/{index.esm-DDyWFyUp.js → index.esm-BoTu77Ll.js} +1 -1
- package/dist/assets/{invitation-YCFRX3K4.js → invitation-CjSjQDE9.js} +1 -1
- package/dist/assets/{invite-BVqEvYi7.js → invite-BqTMGcAv.js} +1 -1
- package/dist/assets/{issue-passport-Bt2ICeaH.js → issue-passport-C-_NcTdl.js} +1 -1
- package/dist/assets/{item-DmDrPoAj.js → item-BbixSUZ4.js} +1 -1
- package/dist/assets/{jss-plugin-props-sort.esm-B9z92TrV.js → jss-plugin-props-sort.esm-DZWDNslx.js} +1 -1
- package/dist/assets/{launch-result-message-DpNOYW9u.js → launch-result-message-t8NtPfuc.js} +1 -1
- package/dist/assets/{layout-D41GSjev.js → layout-CsM3bk7r.js} +1 -1
- package/dist/assets/{list-header-cw9lRKSX.js → list-header-DXbrT6CB.js} +1 -1
- package/dist/assets/localization-BbbfeFcx.js +1 -0
- package/dist/assets/{log-DVDRYSeA.js → log-BWAyxwAa.js} +1 -1
- package/dist/assets/login-KizuTJVS.js +1 -0
- package/dist/assets/{login-oauth-callback--4mls_Fw.js → login-oauth-callback-BhWnqy5G.js} +1 -1
- package/dist/assets/{logo-uploader-CHBeSau3.js → logo-uploader-B4fp_c-2.js} +3 -3
- package/dist/assets/{lost-passport-6PNRRlCd.js → lost-passport-5g_wfjCg.js} +3 -3
- package/dist/assets/{lottie-C16LOHrZ.js → lottie-CoQLIbP3.js} +1 -1
- package/dist/assets/{notifications-DHYTuxQt.js → notifications-BZOTKwjU.js} +1 -1
- package/dist/assets/{open-window-CEqHc-YI.js → open-window-OYk_-NDp.js} +1 -1
- package/dist/assets/{overview-jW78KQ6d.js → overview-BdlskfN-.js} +2 -2
- package/dist/assets/{page-header-Bjl7D46v.js → page-header-T1Bp_mgt.js} +1 -1
- package/dist/assets/{permission-BK9x4qjQ.js → permission-Bg73hR5s.js} +1 -1
- package/dist/assets/{preferences-4fQh6PBV.js → preferences-CWItrONZ.js} +1 -1
- package/dist/assets/publish-resource-Q0hqmXfS.js +1 -0
- package/dist/assets/{react-DCoycSH4.js → react-DXe505Vk.js} +19 -19
- package/dist/assets/{redux-Xix6UYN5.js → redux-t7duEter.js} +1 -1
- package/dist/assets/resource-dialog-BbVyEJK6.js +57 -0
- package/dist/assets/sdk-BsJqLCFt.js +1 -0
- package/dist/assets/{selector-BcHp8r2b.js → selector-G5cR85qZ.js} +1 -1
- package/dist/assets/session-t0W8qYc5.js +1 -0
- package/dist/assets/{setup-DXuWRjLR.js → setup-CokXt_nD.js} +3 -3
- package/dist/assets/{shorten-label-DZ5n7VkB.js → shorten-label-EXwW2h8a.js} +1 -1
- package/dist/assets/{slicedToArray-DiN6EoYj.js → slicedToArray-Bt_4hqVg.js} +2 -2
- package/dist/assets/{spaces-DBKeHx91.js → spaces-DlyQ1uJX.js} +1 -1
- package/dist/assets/{start-C4mLiamV.js → start-BxnAS7F4.js} +1 -1
- package/dist/assets/{step-actions-NyA7AGpj.js → step-actions-Dj2gkAXe.js} +1 -1
- package/dist/assets/{studio-CC7YQ-9Q.js → studio-B28kKr7m.js} +1 -1
- package/dist/assets/{switch-control-VH3u6pwk.js → switch-control-DuZuSueD.js} +1 -1
- package/dist/assets/{toUpper-D8eon-dl.js → toUpper-DPQf9Liw.js} +1 -1
- package/dist/assets/{transfer-Dp36g86n.js → transfer-Z8bjhog8.js} +1 -1
- package/dist/assets/{uniqBy-Cev3lMnU.js → uniqBy-Bdhm211i.js} +1 -1
- package/dist/assets/{unsubscribe-Be0k3pAZ.js → unsubscribe-DJEG2TOy.js} +1 -1
- package/dist/assets/{url-join-B-UX0vQK.js → url-join-vYtMsJoM.js} +1 -1
- package/dist/assets/use-blocklet-info-for-connect-did-spaces-CoBB3cqW.js +1 -0
- package/dist/assets/{use-mobile-BLqjm-5m.js → use-mobile-Bgh27XUZ.js} +1 -1
- package/dist/assets/{useAsync-PE3W-DLW.js → useAsync-BLR1bit_.js} +1 -1
- package/dist/assets/{useFormControl-DMGx-jdt.js → useFormControl-CJQAQwNi.js} +1 -1
- package/dist/assets/{useLocalStorage-eP0cInBT.js → useLocalStorage-BqRSbLpZ.js} +1 -1
- package/dist/assets/{useSetState-DEVLe2Fz.js → useSetState-Bgiqtk4Z.js} +1 -1
- package/dist/assets/{useSlot-BrU8y60n.js → useSlot-CgMgJNqB.js} +1 -1
- package/dist/assets/{useSlotProps-fP10cTIP.js → useSlotProps-2VUaV6ss.js} +1 -1
- package/dist/assets/{useThemeProps-C59Glnbx.js → useThemeProps-aetSbjSK.js} +1 -1
- package/dist/assets/user-center-B1Gsfz8w.js +1 -0
- package/dist/assets/{user-sessions-C8nlOE7U.js → user-sessions-DlIZI2bO.js} +1 -1
- package/dist/assets/{util-yXMDVjHb.js → util-BrJI9hcg.js} +1 -1
- package/dist/assets/{wrap-locale-DL11xPuS.js → wrap-locale-DSIbwxKJ.js} +1 -1
- package/dist/index.html +1 -1
- package/dist/service-worker.js +1 -1
- package/package.json +38 -38
- package/dist/assets/CloseOutlined-CYZb8eDz.js +0 -1
- package/dist/assets/add-component-core-CGy2QLvt.js +0 -979
- package/dist/assets/api-DJ1sjN9o.js +0 -1
- package/dist/assets/click-to-copy-C932KUDy.js +0 -1
- package/dist/assets/index-CTFO1wAr.js +0 -262
- package/dist/assets/index-CaLGv6xG.js +0 -1293
- package/dist/assets/index-CndSwPzI.js +0 -16
- package/dist/assets/localization-9mzelGR9.js +0 -1
- package/dist/assets/login-BLIQel5D.js +0 -1
- package/dist/assets/publish-resource-RsLy3V3l.js +0 -1
- package/dist/assets/resource-dialog-CMS1eEc0.js +0 -57
- package/dist/assets/sdk-B75CkXUw.js +0 -1
- package/dist/assets/session-AqfK0jLG.js +0 -1
- package/dist/assets/use-blocklet-info-for-connect-did-spaces-DF1lby8c.js +0 -1
- package/dist/assets/user-center-CkHZ_2ui.js +0 -1
|
@@ -331,422 +331,391 @@ module.exports = {
|
|
|
331
331
|
return claims;
|
|
332
332
|
},
|
|
333
333
|
|
|
334
|
-
onApprove:
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
* @return {*}
|
|
355
|
-
*/
|
|
356
|
-
async ({
|
|
357
|
-
node,
|
|
358
|
-
request,
|
|
359
|
-
locale,
|
|
360
|
-
challenge,
|
|
361
|
-
userDid,
|
|
362
|
-
userPk,
|
|
363
|
-
claims,
|
|
364
|
-
baseUrl,
|
|
365
|
-
createSessionToken,
|
|
366
|
-
componentId,
|
|
367
|
-
action,
|
|
368
|
-
visitorId,
|
|
369
|
-
}) => {
|
|
370
|
-
/** @type {import('@abtnode/client').BlockletState} */
|
|
371
|
-
const blocklet = await request.getBlocklet();
|
|
372
|
-
const blockletInfo = await request.getBlockletInfo();
|
|
373
|
-
const { wallet, secret, name, passportColor, did: teamDid } = blockletInfo;
|
|
374
|
-
const sourceAppPid = getSourceAppPid(request);
|
|
375
|
-
|
|
376
|
-
// Check user approved
|
|
377
|
-
const currentUser = await getUserWithinFederated(
|
|
378
|
-
{ sourceAppPid, teamDid, userDid, userPk },
|
|
379
|
-
{ node, blocklet }
|
|
380
|
-
);
|
|
381
|
-
if (currentUser && !currentUser.approved) {
|
|
382
|
-
throw new Error(messages.notAllowedAppUser[locale]);
|
|
383
|
-
}
|
|
334
|
+
onApprove: async ({
|
|
335
|
+
node,
|
|
336
|
+
request,
|
|
337
|
+
locale,
|
|
338
|
+
challenge,
|
|
339
|
+
userDid,
|
|
340
|
+
userPk,
|
|
341
|
+
claims,
|
|
342
|
+
baseUrl,
|
|
343
|
+
createSessionToken,
|
|
344
|
+
componentId,
|
|
345
|
+
action,
|
|
346
|
+
visitorId,
|
|
347
|
+
inviter,
|
|
348
|
+
}) => {
|
|
349
|
+
/** @type {import('@abtnode/client').BlockletState} */
|
|
350
|
+
const blocklet = await request.getBlocklet();
|
|
351
|
+
const blockletInfo = await request.getBlockletInfo();
|
|
352
|
+
const { wallet, secret, name, passportColor, did: teamDid } = blockletInfo;
|
|
353
|
+
const sourceAppPid = getSourceAppPid(request);
|
|
384
354
|
|
|
385
|
-
|
|
386
|
-
|
|
355
|
+
// Check user approved
|
|
356
|
+
const currentUser = await getUserWithinFederated({ sourceAppPid, teamDid, userDid, userPk }, { node, blocklet });
|
|
357
|
+
if (currentUser && !currentUser.approved) {
|
|
358
|
+
throw new Error(messages.notAllowedAppUser[locale]);
|
|
359
|
+
}
|
|
387
360
|
|
|
388
|
-
|
|
389
|
-
|
|
361
|
+
const realDid = currentUser?.did || userDid;
|
|
362
|
+
const realPk = currentUser?.pk || userPk;
|
|
390
363
|
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
let invitedUserOnly = false;
|
|
394
|
-
let defaultRole = ROLES.GUEST;
|
|
395
|
-
let defaultTtl = 0;
|
|
396
|
-
let defaultTtlPolicy = 'never';
|
|
397
|
-
let issuePassport = false;
|
|
364
|
+
// Get auth config
|
|
365
|
+
const authConfig = (await request.getServiceConfig(NODE_SERVICES.AUTH, { componentId })) || {};
|
|
398
366
|
|
|
399
|
-
|
|
400
|
-
|
|
367
|
+
let vc;
|
|
368
|
+
let nftState;
|
|
369
|
+
let invitedUserOnly = false;
|
|
370
|
+
let defaultRole = ROLES.GUEST;
|
|
371
|
+
let defaultTtl = 0;
|
|
372
|
+
let defaultTtlPolicy = 'never';
|
|
373
|
+
let issuePassport = false;
|
|
401
374
|
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
vc = await getPassportVc({
|
|
405
|
-
blocklet,
|
|
406
|
-
claims,
|
|
407
|
-
challenge,
|
|
408
|
-
locale,
|
|
409
|
-
sourceAppPid,
|
|
410
|
-
});
|
|
411
|
-
[invitedUserOnly, defaultRole, issuePassport] = await isInvitedUserOnly(authConfig, node, teamDid);
|
|
412
|
-
if (invitedUserOnly && !vc) {
|
|
413
|
-
throw new Error(messages.missingCredentialClaim[locale]);
|
|
414
|
-
}
|
|
415
|
-
} else if (action === 'exchangePassport') {
|
|
416
|
-
const claim = claims.find((x) => x.type === 'asset');
|
|
417
|
-
const isConnected = await node.isConnectedAccount({ teamDid, did: claim.asset });
|
|
418
|
-
if (isConnected) {
|
|
419
|
-
throw new Error(messages.nftAlreadyUsed[locale]);
|
|
420
|
-
}
|
|
375
|
+
const provider = getLoginProvider(request);
|
|
376
|
+
const masterSite = getFederatedMaster(blocklet);
|
|
421
377
|
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
378
|
+
// Get passport vc
|
|
379
|
+
if (action === 'login') {
|
|
380
|
+
vc = await getPassportVc({
|
|
381
|
+
blocklet,
|
|
382
|
+
claims,
|
|
383
|
+
challenge,
|
|
384
|
+
locale,
|
|
385
|
+
sourceAppPid,
|
|
386
|
+
});
|
|
387
|
+
[invitedUserOnly, defaultRole, issuePassport] = await isInvitedUserOnly(authConfig, node, teamDid);
|
|
388
|
+
if (invitedUserOnly && !vc) {
|
|
389
|
+
throw new Error(messages.missingCredentialClaim[locale]);
|
|
390
|
+
}
|
|
391
|
+
} else if (action === 'exchangePassport') {
|
|
392
|
+
const claim = claims.find((x) => x.type === 'asset');
|
|
393
|
+
const isConnected = await node.isConnectedAccount({ teamDid, did: claim.asset });
|
|
394
|
+
if (isConnected) {
|
|
395
|
+
throw new Error(messages.nftAlreadyUsed[locale]);
|
|
396
|
+
}
|
|
427
397
|
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
398
|
+
nftState = await verifyNFT({ claims, challenge, locale, chainHost: MAIN_CHAIN_ENDPOINT });
|
|
399
|
+
const matchFactory = blocklet.trustedFactories.find((x) => x.factoryAddress === nftState.parent);
|
|
400
|
+
if (!matchFactory) {
|
|
401
|
+
throw new Error(messages.invalidNftParent[locale]);
|
|
432
402
|
}
|
|
433
403
|
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
}
|
|
440
|
-
if (defaultTtlPolicy === 'exchange') {
|
|
441
|
-
expirationDate = +new Date() + defaultTtl;
|
|
442
|
-
}
|
|
443
|
-
}
|
|
404
|
+
defaultRole = matchFactory.passport.role;
|
|
405
|
+
defaultTtl = matchFactory.passport.ttl;
|
|
406
|
+
defaultTtlPolicy = matchFactory.passport.ttlPolicy;
|
|
407
|
+
issuePassport = true;
|
|
408
|
+
}
|
|
444
409
|
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
}
|
|
410
|
+
if (issuePassport) {
|
|
411
|
+
let expirationDate;
|
|
412
|
+
if (nftState && defaultTtl) {
|
|
413
|
+
if (defaultTtlPolicy === 'mint') {
|
|
414
|
+
expirationDate = +new Date(nftState.context.genesisTime) + defaultTtl;
|
|
415
|
+
}
|
|
416
|
+
if (defaultTtlPolicy === 'exchange') {
|
|
417
|
+
expirationDate = +new Date() + defaultTtl;
|
|
418
|
+
}
|
|
419
|
+
}
|
|
451
420
|
|
|
452
|
-
|
|
421
|
+
logger.info(`issue passport to user at the ${action} workflow`, {
|
|
422
|
+
role: defaultRole,
|
|
423
|
+
expire: expirationDate,
|
|
424
|
+
policy: defaultTtlPolicy,
|
|
425
|
+
ttl: defaultTtl,
|
|
426
|
+
});
|
|
453
427
|
|
|
454
|
-
|
|
455
|
-
issuerName: name,
|
|
456
|
-
issuerWallet: wallet,
|
|
457
|
-
issuerAvatarUrl: getAppAvatarUrl(baseUrl),
|
|
458
|
-
ownerDid: realDid,
|
|
459
|
-
passport: await createPassport({
|
|
460
|
-
name: defaultRole,
|
|
461
|
-
node,
|
|
462
|
-
teamDid,
|
|
463
|
-
locale,
|
|
464
|
-
endpoint: baseUrl,
|
|
465
|
-
}),
|
|
466
|
-
endpoint: getPassportStatusEndpoint({
|
|
467
|
-
baseUrl: joinURL(baseUrl, WELLKNOWN_SERVICE_PATH_PREFIX),
|
|
468
|
-
userDid: realDid,
|
|
469
|
-
teamDid,
|
|
470
|
-
}),
|
|
471
|
-
ownerProfile: profile,
|
|
472
|
-
preferredColor: passportColor,
|
|
473
|
-
expirationDate: expirationDate ? new Date(expirationDate).toISOString() : undefined,
|
|
474
|
-
});
|
|
475
|
-
}
|
|
428
|
+
const profile = claims.find((x) => x.type === 'profile');
|
|
476
429
|
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
|
|
430
|
+
vc = createPassportVC({
|
|
431
|
+
issuerName: name,
|
|
432
|
+
issuerWallet: wallet,
|
|
433
|
+
issuerAvatarUrl: getAppAvatarUrl(baseUrl),
|
|
434
|
+
ownerDid: realDid,
|
|
435
|
+
passport: await createPassport({
|
|
436
|
+
name: defaultRole,
|
|
437
|
+
node,
|
|
438
|
+
teamDid,
|
|
439
|
+
locale,
|
|
440
|
+
endpoint: baseUrl,
|
|
441
|
+
}),
|
|
442
|
+
endpoint: getPassportStatusEndpoint({
|
|
443
|
+
baseUrl: joinURL(baseUrl, WELLKNOWN_SERVICE_PATH_PREFIX),
|
|
444
|
+
userDid: realDid,
|
|
445
|
+
teamDid,
|
|
446
|
+
}),
|
|
447
|
+
ownerProfile: profile,
|
|
448
|
+
preferredColor: passportColor,
|
|
449
|
+
expirationDate: expirationDate ? new Date(expirationDate).toISOString() : undefined,
|
|
450
|
+
});
|
|
451
|
+
}
|
|
482
452
|
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
453
|
+
// Get user passport from vc
|
|
454
|
+
let passport = vc ? createUserPassport(vc) : null;
|
|
455
|
+
if (currentUser && passport && isUserPassportRevoked(currentUser, passport)) {
|
|
456
|
+
throw new Error(messages.passportRevoked[locale](passport.title, name));
|
|
457
|
+
}
|
|
486
458
|
|
|
487
|
-
|
|
459
|
+
// Get role
|
|
460
|
+
const role = await getRoleFromVC({ vc, node, locale, blocklet, teamDid, sourceAppPid });
|
|
461
|
+
await validateRole({ role, authConfig, locale, node, teamDid });
|
|
488
462
|
|
|
489
|
-
|
|
490
|
-
passport = vc ? createUserPassport(vc, { role }) : null;
|
|
463
|
+
checkAppOwner({ role, blocklet, userDid, locale });
|
|
491
464
|
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
? {
|
|
495
|
-
provider: LOGIN_PROVIDER.NFT,
|
|
496
|
-
did: nftState.address,
|
|
497
|
-
owner: nftState.owner,
|
|
498
|
-
firstLoginAt: now,
|
|
499
|
-
lastLoginAt: now,
|
|
500
|
-
}
|
|
501
|
-
: null;
|
|
465
|
+
// Recreate passport with correct role
|
|
466
|
+
passport = vc ? createUserPassport(vc, { role }) : null;
|
|
502
467
|
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
468
|
+
const now = new Date().toISOString();
|
|
469
|
+
const connectedNft = nftState
|
|
470
|
+
? {
|
|
471
|
+
provider: LOGIN_PROVIDER.NFT,
|
|
472
|
+
did: nftState.address,
|
|
473
|
+
owner: nftState.owner,
|
|
474
|
+
firstLoginAt: now,
|
|
475
|
+
lastLoginAt: now,
|
|
476
|
+
}
|
|
477
|
+
: null;
|
|
506
478
|
|
|
507
|
-
|
|
479
|
+
let fullName = currentUser?.fullName;
|
|
480
|
+
// Update profile
|
|
481
|
+
const passportForLog = passport || { name: 'Guest', role: 'guest' };
|
|
508
482
|
|
|
509
|
-
|
|
510
|
-
const profile = claims.find((x) => x.type === 'profile');
|
|
483
|
+
const connectAccount = { provider, did: userDid, pk: userPk };
|
|
511
484
|
|
|
512
|
-
|
|
513
|
-
|
|
514
|
-
}
|
|
485
|
+
let updatedUser;
|
|
486
|
+
const profile = claims.find((x) => x.type === 'profile');
|
|
515
487
|
|
|
516
|
-
|
|
517
|
-
|
|
518
|
-
|
|
519
|
-
user: {
|
|
520
|
-
did: currentUser.did,
|
|
521
|
-
pk: currentUser.pk,
|
|
522
|
-
locale,
|
|
523
|
-
passport,
|
|
524
|
-
sourceAppPid,
|
|
525
|
-
lastLoginIp: getRequestIP(request),
|
|
526
|
-
connectedAccount: [connectAccount, connectedNft],
|
|
527
|
-
...profile,
|
|
528
|
-
avatar: await extractUserAvatar(get(profile, 'avatar'), {
|
|
529
|
-
dataDir: blocklet.env.dataDir,
|
|
530
|
-
}),
|
|
531
|
-
},
|
|
532
|
-
});
|
|
533
|
-
await node.createAuditLog(
|
|
534
|
-
{
|
|
535
|
-
action,
|
|
536
|
-
args: { teamDid, userDid: realDid, passport: passportForLog, provider, sourceAppPid },
|
|
537
|
-
context: formatContext(Object.assign(request, { user: updatedUser })),
|
|
538
|
-
result: updatedUser,
|
|
539
|
-
},
|
|
540
|
-
node
|
|
541
|
-
);
|
|
542
|
-
} else {
|
|
543
|
-
// Create user
|
|
544
|
-
fullName = profile.fullName;
|
|
488
|
+
if (profile) {
|
|
489
|
+
profile.url = profile?.url || '';
|
|
490
|
+
}
|
|
545
491
|
|
|
546
|
-
|
|
547
|
-
|
|
548
|
-
user: {
|
|
549
|
-
...profile,
|
|
550
|
-
avatar: await extractUserAvatar(get(profile, 'avatar'), {
|
|
551
|
-
dataDir: blocklet.env.dataDir,
|
|
552
|
-
}),
|
|
553
|
-
did: realDid,
|
|
554
|
-
pk: realPk,
|
|
555
|
-
locale,
|
|
556
|
-
passport,
|
|
557
|
-
sourceAppPid,
|
|
558
|
-
lastLoginIp: getRequestIP(request),
|
|
559
|
-
connectedAccount: [connectAccount, connectedNft],
|
|
560
|
-
},
|
|
561
|
-
});
|
|
562
|
-
await node.createAuditLog(
|
|
563
|
-
{
|
|
564
|
-
action: 'addUser',
|
|
565
|
-
args: {
|
|
566
|
-
teamDid,
|
|
567
|
-
userDid: realDid,
|
|
568
|
-
sourceAppPid,
|
|
569
|
-
provider,
|
|
570
|
-
reason: `first login as ${passportForLog.role}`,
|
|
571
|
-
},
|
|
572
|
-
context: formatContext(Object.assign(request, { user: updatedUser })),
|
|
573
|
-
result: updatedUser,
|
|
574
|
-
},
|
|
575
|
-
node
|
|
576
|
-
);
|
|
577
|
-
}
|
|
578
|
-
const lastLoginIp = getRequestIP(request);
|
|
579
|
-
const walletDeviceMessageToken = request.get('wallet-device-message-token');
|
|
580
|
-
const walletDeviceId = request.get('wallet-device-id');
|
|
581
|
-
const ua = request.get('user-agent');
|
|
582
|
-
// request.context.store.connectedWallet
|
|
583
|
-
const walletOS = request.context.didwallet.os;
|
|
584
|
-
|
|
585
|
-
const userSessionDoc = await node.upsertUserSession({
|
|
492
|
+
if (currentUser) {
|
|
493
|
+
updatedUser = await node.loginUser({
|
|
586
494
|
teamDid,
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
495
|
+
user: {
|
|
496
|
+
did: currentUser.did,
|
|
497
|
+
pk: currentUser.pk,
|
|
498
|
+
locale,
|
|
499
|
+
passport,
|
|
500
|
+
sourceAppPid,
|
|
501
|
+
lastLoginIp: getRequestIP(request),
|
|
502
|
+
connectedAccount: [connectAccount, connectedNft],
|
|
503
|
+
...profile,
|
|
504
|
+
avatar: await extractUserAvatar(get(profile, 'avatar'), {
|
|
505
|
+
dataDir: blocklet.env.dataDir,
|
|
506
|
+
}),
|
|
598
507
|
},
|
|
599
508
|
});
|
|
600
|
-
|
|
601
|
-
|
|
509
|
+
await node.createAuditLog(
|
|
510
|
+
{
|
|
511
|
+
action,
|
|
512
|
+
args: { teamDid, userDid: realDid, passport: passportForLog, provider, sourceAppPid },
|
|
513
|
+
context: formatContext(Object.assign(request, { user: updatedUser })),
|
|
514
|
+
result: updatedUser,
|
|
515
|
+
},
|
|
602
516
|
node
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
|
|
607
|
-
{
|
|
608
|
-
did: updatedUser.did,
|
|
609
|
-
pk: updatedUser.pk,
|
|
610
|
-
fullName: updatedUser.fullName,
|
|
611
|
-
email: updatedUser.email || '',
|
|
612
|
-
avatar: getUserAvatarUrl(updatedUser.avatar, blocklet),
|
|
613
|
-
connectedAccount: [connectAccount, connectedNft],
|
|
614
|
-
action: 'connectAccount',
|
|
615
|
-
sourceAppPid: sourceAppPid || masterSite.appPid,
|
|
616
|
-
},
|
|
617
|
-
],
|
|
618
|
-
},
|
|
619
|
-
})
|
|
620
|
-
.then(() => {
|
|
621
|
-
node.syncUserSession({
|
|
622
|
-
teamDid,
|
|
623
|
-
userDid: realDid,
|
|
624
|
-
visitorId: userSessionDoc.visitorId,
|
|
625
|
-
passportId: passport?.id,
|
|
626
|
-
targetAppPid: sourceAppPid,
|
|
627
|
-
ua,
|
|
628
|
-
lastLoginIp,
|
|
629
|
-
extra: {
|
|
630
|
-
walletOS,
|
|
631
|
-
walletDeviceMessageToken,
|
|
632
|
-
walletDeviceId,
|
|
633
|
-
},
|
|
634
|
-
});
|
|
635
|
-
});
|
|
636
|
-
}
|
|
637
|
-
|
|
638
|
-
// Generate new session token that client can save to localStorage
|
|
639
|
-
const createToken = createTokenFn(createSessionToken);
|
|
640
|
-
const sessionConfig = blocklet.settings?.session || {};
|
|
517
|
+
);
|
|
518
|
+
} else {
|
|
519
|
+
// Create user
|
|
520
|
+
fullName = profile.fullName;
|
|
641
521
|
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
{
|
|
645
|
-
|
|
522
|
+
updatedUser = await node.loginUser({
|
|
523
|
+
teamDid,
|
|
524
|
+
user: {
|
|
525
|
+
...profile,
|
|
526
|
+
avatar: await extractUserAvatar(get(profile, 'avatar'), {
|
|
527
|
+
dataDir: blocklet.env.dataDir,
|
|
528
|
+
}),
|
|
529
|
+
did: realDid,
|
|
530
|
+
pk: realPk,
|
|
531
|
+
locale,
|
|
646
532
|
passport,
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
533
|
+
sourceAppPid,
|
|
534
|
+
lastLoginIp: getRequestIP(request),
|
|
535
|
+
connectedAccount: [connectAccount, connectedNft],
|
|
536
|
+
inviter,
|
|
537
|
+
},
|
|
538
|
+
});
|
|
539
|
+
await node.createAuditLog(
|
|
540
|
+
{
|
|
541
|
+
action: 'addUser',
|
|
542
|
+
args: {
|
|
543
|
+
teamDid,
|
|
544
|
+
userDid: realDid,
|
|
545
|
+
sourceAppPid,
|
|
546
|
+
provider,
|
|
547
|
+
reason: `first login as ${passportForLog.role}`,
|
|
548
|
+
},
|
|
549
|
+
context: formatContext(Object.assign(request, { user: updatedUser })),
|
|
550
|
+
result: updatedUser,
|
|
652
551
|
},
|
|
653
|
-
|
|
552
|
+
node
|
|
654
553
|
);
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
658
|
-
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
|
|
664
|
-
|
|
665
|
-
|
|
554
|
+
}
|
|
555
|
+
const lastLoginIp = getRequestIP(request);
|
|
556
|
+
const walletDeviceMessageToken = request.get('wallet-device-message-token');
|
|
557
|
+
const walletDeviceId = request.get('wallet-device-id');
|
|
558
|
+
const ua = request.get('user-agent');
|
|
559
|
+
// request.context.store.connectedWallet
|
|
560
|
+
const walletOS = request.context.didwallet.os;
|
|
561
|
+
|
|
562
|
+
const userSessionDoc = await node.upsertUserSession({
|
|
563
|
+
teamDid,
|
|
564
|
+
visitorId,
|
|
565
|
+
userDid: realDid,
|
|
566
|
+
appPid: teamDid,
|
|
567
|
+
passportId: passport?.id,
|
|
568
|
+
status: 'online',
|
|
569
|
+
ua,
|
|
570
|
+
lastLoginIp,
|
|
571
|
+
extra: {
|
|
572
|
+
walletOS,
|
|
573
|
+
walletDeviceMessageToken,
|
|
574
|
+
walletDeviceId,
|
|
575
|
+
},
|
|
576
|
+
});
|
|
666
577
|
|
|
667
|
-
|
|
668
|
-
|
|
669
|
-
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
680
|
-
|
|
681
|
-
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
|
|
685
|
-
|
|
686
|
-
},
|
|
687
|
-
verifyNFTParams: {
|
|
688
|
-
claims,
|
|
689
|
-
challenge,
|
|
690
|
-
locale,
|
|
578
|
+
if (shouldSyncFederated(sourceAppPid, blocklet)) {
|
|
579
|
+
node
|
|
580
|
+
.syncFederated({
|
|
581
|
+
did: teamDid,
|
|
582
|
+
data: {
|
|
583
|
+
users: [
|
|
584
|
+
{
|
|
585
|
+
did: updatedUser.did,
|
|
586
|
+
pk: updatedUser.pk,
|
|
587
|
+
fullName: updatedUser.fullName,
|
|
588
|
+
email: updatedUser.email || '',
|
|
589
|
+
avatar: getUserAvatarUrl(updatedUser.avatar, blocklet),
|
|
590
|
+
connectedAccount: [connectAccount, connectedNft],
|
|
591
|
+
action: 'connectAccount',
|
|
592
|
+
sourceAppPid: sourceAppPid || masterSite.appPid,
|
|
593
|
+
inviter: updatedUser.inviter,
|
|
594
|
+
generation: updatedUser.generation,
|
|
595
|
+
},
|
|
596
|
+
],
|
|
691
597
|
},
|
|
598
|
+
})
|
|
599
|
+
.then(() => {
|
|
600
|
+
node.syncUserSession({
|
|
601
|
+
teamDid,
|
|
602
|
+
userDid: realDid,
|
|
603
|
+
visitorId: userSessionDoc.visitorId,
|
|
604
|
+
passportId: passport?.id,
|
|
605
|
+
targetAppPid: sourceAppPid,
|
|
606
|
+
ua,
|
|
607
|
+
lastLoginIp,
|
|
608
|
+
extra: {
|
|
609
|
+
walletOS,
|
|
610
|
+
walletDeviceMessageToken,
|
|
611
|
+
walletDeviceId,
|
|
612
|
+
},
|
|
613
|
+
});
|
|
692
614
|
});
|
|
615
|
+
}
|
|
693
616
|
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
const spaceGateway = {
|
|
698
|
-
did: data.did,
|
|
699
|
-
name: data.name,
|
|
700
|
-
endpoint: data.endpoint,
|
|
701
|
-
url: didSpaceInfo.didSpacesCoreUrl,
|
|
702
|
-
};
|
|
617
|
+
// Generate new session token that client can save to localStorage
|
|
618
|
+
const createToken = createTokenFn(createSessionToken);
|
|
619
|
+
const sessionConfig = blocklet.settings?.session || {};
|
|
703
620
|
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
|
|
709
|
-
|
|
710
|
-
|
|
711
|
-
|
|
712
|
-
|
|
621
|
+
const { sessionToken, refreshToken } = createToken(
|
|
622
|
+
realDid,
|
|
623
|
+
{
|
|
624
|
+
secret,
|
|
625
|
+
passport,
|
|
626
|
+
role,
|
|
627
|
+
fullName,
|
|
628
|
+
// NOTE: token 中存储当前的 login provider
|
|
629
|
+
provider,
|
|
630
|
+
walletOS,
|
|
631
|
+
},
|
|
632
|
+
{ ...sessionConfig, didConnectVersion: getDidConnectVersion(request) }
|
|
633
|
+
);
|
|
634
|
+
logger.info(`${action}.success`, { userDid: realDid, role });
|
|
635
|
+
|
|
636
|
+
if (
|
|
637
|
+
// if user provides owner passport AND app does not have owner, set this user to owner
|
|
638
|
+
(vc && role === ROLES.OWNER && !blocklet.settings?.owner) ||
|
|
639
|
+
// if the user will receive a owner passport AND app does not have owner, set this user to owner
|
|
640
|
+
(issuePassport && defaultRole === ROLES.OWNER && !blocklet.settings?.owner)
|
|
641
|
+
) {
|
|
642
|
+
logger.info('Bind owner for blocklet', { teamDid, userDid: realDid });
|
|
643
|
+
await node.setBlockletInitialized({ did: teamDid, owner: { did: realDid, pk: realPk } });
|
|
644
|
+
}
|
|
713
645
|
|
|
714
|
-
|
|
715
|
-
|
|
716
|
-
|
|
717
|
-
|
|
718
|
-
|
|
719
|
-
|
|
720
|
-
|
|
721
|
-
|
|
646
|
+
// @note: 当第一个用户将要成为 owner 的时候,也是需要绑定 DID Space 的,所以延后执行在此时设置 DID Spaces
|
|
647
|
+
const shouldConnectSpace = claims.some(
|
|
648
|
+
(x) => x?.meta?.purpose === 'DidSpace' && ['asset', 'verifiableCredential'].includes(x.type)
|
|
649
|
+
);
|
|
650
|
+
if (action === 'login' && shouldConnectSpace) {
|
|
651
|
+
const didSpaceInfo = await getDidSpacesInfoByClaims({ claims });
|
|
652
|
+
|
|
653
|
+
const appUrl = getAppUrl(blocklet);
|
|
654
|
+
const { data } = await silentAuthorizationInConnect(didSpaceInfo, {
|
|
655
|
+
appInfo: {
|
|
656
|
+
appDid: blocklet.appDid,
|
|
657
|
+
appName: getAppName(blocklet),
|
|
658
|
+
appDescription: getAppDescription(blocklet),
|
|
659
|
+
appUrl,
|
|
660
|
+
scopes: DID_SPACES.AUTHORIZE.DEFAULT_SCOPE,
|
|
661
|
+
referrer: joinURL(appUrl, '/.well-known/service/connect'),
|
|
662
|
+
metadata: {
|
|
663
|
+
did: blocklet.meta.did,
|
|
722
664
|
},
|
|
723
|
-
}
|
|
724
|
-
|
|
665
|
+
},
|
|
666
|
+
verifyNFTParams: {
|
|
667
|
+
claims,
|
|
668
|
+
challenge,
|
|
669
|
+
locale,
|
|
670
|
+
},
|
|
671
|
+
});
|
|
725
672
|
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
673
|
+
/**
|
|
674
|
+
* @type {Omit<import('@abtnode/client').SpaceGatewayInput, 'protected'>}
|
|
675
|
+
*/
|
|
676
|
+
const spaceGateway = {
|
|
677
|
+
did: data.did,
|
|
678
|
+
name: data.name,
|
|
679
|
+
endpoint: data.endpoint,
|
|
680
|
+
url: didSpaceInfo.didSpacesCoreUrl,
|
|
681
|
+
};
|
|
682
|
+
|
|
683
|
+
const user = await node.getUser({
|
|
730
684
|
teamDid,
|
|
731
|
-
|
|
732
|
-
|
|
685
|
+
user: {
|
|
686
|
+
did: userDid,
|
|
687
|
+
},
|
|
688
|
+
options: {
|
|
689
|
+
enableConnectedAccount: true,
|
|
690
|
+
},
|
|
691
|
+
});
|
|
733
692
|
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
740
|
-
|
|
741
|
-
refreshToken,
|
|
742
|
-
visitorId: userSessionDoc.visitorId,
|
|
743
|
-
nextWorkflowData: {
|
|
744
|
-
userDid: realDid,
|
|
693
|
+
await node.updateUser({
|
|
694
|
+
teamDid,
|
|
695
|
+
user: {
|
|
696
|
+
did: user.did,
|
|
697
|
+
didSpace: {
|
|
698
|
+
...user?.didSpace,
|
|
699
|
+
...spaceGateway,
|
|
745
700
|
},
|
|
746
|
-
}
|
|
747
|
-
}
|
|
701
|
+
},
|
|
702
|
+
});
|
|
703
|
+
}
|
|
704
|
+
|
|
705
|
+
// @NOTE: 异步地刷新 profile
|
|
706
|
+
Profile.refresh({
|
|
707
|
+
node,
|
|
708
|
+
blocklet,
|
|
709
|
+
teamDid,
|
|
710
|
+
userDid,
|
|
711
|
+
}).catch((error) => console.warn(error));
|
|
748
712
|
|
|
713
|
+
// issue passport for the first login user in a invite-only team
|
|
714
|
+
if (issuePassport) {
|
|
749
715
|
return {
|
|
716
|
+
disposition: 'attachment',
|
|
717
|
+
type: 'VerifiableCredential',
|
|
718
|
+
data: vc,
|
|
750
719
|
sessionToken,
|
|
751
720
|
refreshToken,
|
|
752
721
|
visitorId: userSessionDoc.visitorId,
|
|
@@ -754,7 +723,17 @@ module.exports = {
|
|
|
754
723
|
userDid: realDid,
|
|
755
724
|
},
|
|
756
725
|
};
|
|
757
|
-
}
|
|
726
|
+
}
|
|
727
|
+
|
|
728
|
+
return {
|
|
729
|
+
sessionToken,
|
|
730
|
+
refreshToken,
|
|
731
|
+
visitorId: userSessionDoc.visitorId,
|
|
732
|
+
nextWorkflowData: {
|
|
733
|
+
userDid: realDid,
|
|
734
|
+
},
|
|
735
|
+
};
|
|
736
|
+
},
|
|
758
737
|
},
|
|
759
738
|
|
|
760
739
|
switchProfile: {
|
|
@@ -846,7 +825,17 @@ module.exports = {
|
|
|
846
825
|
node
|
|
847
826
|
);
|
|
848
827
|
|
|
849
|
-
const syncUserData = pick(doc, [
|
|
828
|
+
const syncUserData = pick(doc, [
|
|
829
|
+
'did',
|
|
830
|
+
'pk',
|
|
831
|
+
'fullName',
|
|
832
|
+
'avatar',
|
|
833
|
+
'email',
|
|
834
|
+
'phone',
|
|
835
|
+
'url',
|
|
836
|
+
'inviter',
|
|
837
|
+
'generation',
|
|
838
|
+
]);
|
|
850
839
|
if (syncUserData.avatar) {
|
|
851
840
|
syncUserData.avatar = getUserAvatarUrl(syncUserData.avatar, blocklet);
|
|
852
841
|
}
|
|
@@ -1172,6 +1161,8 @@ module.exports = {
|
|
|
1172
1161
|
email: bindUser?.email,
|
|
1173
1162
|
fullName: bindUser?.fullName,
|
|
1174
1163
|
avatar: bindUser?.avatar,
|
|
1164
|
+
inviter: bindUser?.inviter,
|
|
1165
|
+
generation: bindUser?.generation,
|
|
1175
1166
|
});
|
|
1176
1167
|
const currentTime = new Date().toISOString();
|
|
1177
1168
|
|