@abtnode/blocklet-services 1.16.45-beta-20250701-122807-92b03aba → 1.16.45-beta-20250702-091552-478bb5e9

package/api/index.js

@@ -25,7 +25,7 @@ const { getAppOgCacheDir } = require('@abtnode/util/lib/blocklet');
 const { ensureLocale } = require('@abtnode/util/lib/middlewares/ensure-locale');
 const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
 const createInvite = require('@abtnode/auth/lib/invitation');
-const { getStatusFromError } = require('@blocklet/error');
+const { getStatusFromError, formatError } = require('@blocklet/error');
 const { withQuery, joinURL, withTrailingSlash } = require('ufo');
 const { createProxyMiddleware, responseInterceptor } = require('http-proxy-middleware');
 const { findComponentByIdV2, getMountPoints } = require('@blocklet/meta/lib/util');
@@ -514,6 +514,8 @@ module.exports = function createServer(node, serverOptions = {}) {
 
   // 该接口不需要经过 security 中间件
   server.get(`${WELLKNOWN_SERVICE_PATH_PREFIX}/share/shared-bridge.html`, (req, res) => {
+    res.set('cross-origin-resource-policy', 'cross-origin');
+    res.set('cross-origin-embedder-policy', 'require-corp');
     if (isProduction) {
       res.sendFile(path.join(__dirname, '../dist', 'share', 'shared-bridge.html'));
     } else {
@@ -850,7 +852,7 @@ self.blocklet = {
   // eslint-disable-next-line no-unused-vars
   server.use((err, req, res, next) => {
     logger.error('Something broke', { url: req.url, error: err });
-    res.status(getStatusFromError(err)).send(`Blocklet Service: Something broke! ${err.message}`);
+    res.status(getStatusFromError(err)).send(formatError(err));
   });
 
   // Web socket server

package/api/routes/oauth/client.js

@@ -578,10 +578,6 @@ module.exports = {
         res.status(200).json({});
       } catch (err) {
         logger.error('Failed bind oauth', { error: err });
-        if (err instanceof CustomError) {
-          res.status(err.code).send(err.message);
-          return;
-        }
         throw err;
       }
     });
@@ -592,10 +588,6 @@ module.exports = {
         res.status(200).json({});
       } catch (err) {
         logger.error('Failed unbind oauth', { error: err });
-        if (err instanceof CustomError) {
-          res.status(err.code).send(err.message);
-          return;
-        }
         throw err;
       }
     });
@@ -621,10 +613,6 @@ module.exports = {
         res.send(result);
       } catch (err) {
         logger.error('Failed login oauth', { error: err, action });
-        if (err instanceof CustomError) {
-          res.status(err.code).send(err.message);
-          return;
-        }
         throw err;
       }
     });

package/api/routes/user-session.js

@@ -19,6 +19,7 @@ const { Joi } = require('@arcblock/validator');
 const { getDeviceData } = require('@abtnode/util/lib/device');
 const cors = require('cors');
 const getOrigin = require('@abtnode/util/lib/get-origin');
+const { CustomError } = require('@blocklet/error');
 
 const logger = require('../libs/logger')('blocklet-services:user-session');
 const ensureBlocklet = require('../middlewares/ensure-blocklet');
@@ -135,11 +136,16 @@ module.exports = {
   // eslint-disable-next-line no-unused-vars
   init(app, node, options) {
     const ensureCors = cors(async (req, callback) => {
-      const domains = await getTrustedDomains({ node, req, blocklet: req.blocklet });
-      if (domains.includes(req.hostname)) {
+      const origin = req.get('origin');
+      if (!origin) {
         callback(null, { origin: true });
       } else {
-        callback(null, { origin: false });
+        const domains = await getTrustedDomains({ node, req, blocklet: req.blocklet });
+        if (domains.includes(origin)) {
+          callback(null, { origin: true });
+        } else {
+          callback(new CustomError(403, 'Not allowed by CORS'));
+        }
       }
     });
     app.options(`${prefix}/login`, ensureBlocklet({ useCache: true }), ensureCors);

package/api/routes/user.js

@@ -395,10 +395,15 @@ async function verifyUserSig({ userDid, signature, teamDid, sourceAppPid, userPk
 
   const userDidWallet = getWallet(currentUser);
 
+  if (!userDidWallet) {
+    logger.error('User did not have wallet', { userDid, sourceAppPid, teamDid });
+    throw new CustomError(404, 'User not exist');
+  }
+
   // HACK: @zhanghan 钱包传递的签名使用的是 didWallet 账户，但这个账户可能是 原生的 oauth 账户，所以需要找到对应的 did-wallet 账户
   const valid = await JWT.verify(signature, userDidWallet.pk);
   if (!valid) {
-    throw new Error('invalid signature');
+    throw new CustomError(401, 'Invalid signature');
   }
   return currentUser;
 }
@@ -738,11 +743,17 @@ const spaceGatewaySchema = Joi.object({
 module.exports = {
   init(server, node, options) {
     const ensureCors = cors(async (req, callback) => {
-      const domains = await federatedUtil.getTrustedDomains({ node, req, blocklet: req.blocklet });
-      if (domains.includes(req.hostname)) {
+      const origin = req.get('origin');
+      if (!origin) {
         callback(null, { origin: true });
       } else {
-        callback(null, { origin: false });
+        const { hostname } = new URL(origin);
+        const domains = await federatedUtil.getTrustedDomains({ node, req, blocklet: req.blocklet });
+        if (domains.includes(hostname)) {
+          callback(null, { origin: true });
+        } else {
+          callback(new CustomError(403, 'Not allowed by CORS'));
+        }
       }
     });
 
@@ -753,10 +764,6 @@ module.exports = {
         res.status(200).json(data);
       } catch (err) {
         logger.error('Failed login', { error: err });
-        if (err instanceof CustomError) {
-          res.status(err.code).json(err.message);
-          return;
-        }
         throw err;
       }
     });
@@ -1197,6 +1204,9 @@ module.exports = {
         res.json({ verified: false, id: undefined });
       }
     });
+    server.get(`${prefixApi}/email/test`, ensureBlocklet(), ensureCors, async (req, res) => {
+      res.json({ success: true });
+    });
     server.post(
       `${prefixApi}/email/login`,
       ensureBlocklet(),
@@ -1210,7 +1220,7 @@ module.exports = {
         };
         if (!actionMap[action]) {
           logger.error('Failed to login by email', { error: 'action not exist', action });
-          throw new Error(`action not exist: ${action}`);
+          throw new CustomError(400, `action not exist: ${action}`);
         }
 
         try {
@@ -1218,10 +1228,6 @@ module.exports = {
           res.json(result);
         } catch (err) {
           logger.error('Failed login email', { error: err, action });
-          if (err instanceof CustomError) {
-            res.status(err.code).send(err.message);
-            return;
-          }
           throw err;
         }
       }

package/api/services/auth/connect/bind-wallet.js

@@ -2,5 +2,5 @@ const { createBindWalletRoute } = require('@abtnode/auth/lib/bind-wallet');
 
 // eslint-disable-next-line no-unused-vars
 module.exports = function createRoutes(node, authenticator, createSessionToken) {
-  return createBindWalletRoute({ node });
+  return createBindWalletRoute({ node, isService: true });
 };

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.45-beta-20250701-122807-92b03aba",
+  "version": "1.16.45-beta-20250702-091552-478bb5e9",
   "description": "Provide unified services for every blocklet",
   "main": "api/index.js",
   "files": [
@@ -33,18 +33,18 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/auth": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/client": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/connect-storage": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/constant": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/core": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/cron": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/db-cache": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/logger": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/models": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/router-templates": "1.16.45-beta-20250701-122807-92b03aba",
-    "@abtnode/util": "1.16.45-beta-20250701-122807-92b03aba",
+    "@abtnode/analytics": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/auth": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/client": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/connect-storage": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/constant": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/core": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/cron": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/db-cache": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/logger": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/models": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/router-templates": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@abtnode/util": "1.16.45-beta-20250702-091552-478bb5e9",
     "@arcblock/did": "1.20.14",
     "@arcblock/did-auth": "1.20.14",
     "@arcblock/did-ext": "1.20.14",
@@ -54,19 +54,19 @@
     "@arcblock/jwt": "1.20.14",
     "@arcblock/validator": "1.20.14",
     "@arcblock/ws": "1.20.14",
-    "@blocklet/constant": "1.16.45-beta-20250701-122807-92b03aba",
+    "@blocklet/constant": "1.16.45-beta-20250702-091552-478bb5e9",
     "@blocklet/dbhub": "^0.2.9",
     "@blocklet/did-space-js": "^1.0.62",
-    "@blocklet/env": "1.16.45-beta-20250701-122807-92b03aba",
+    "@blocklet/env": "1.16.45-beta-20250702-091552-478bb5e9",
     "@blocklet/error": "^0.2.5",
     "@blocklet/form-builder": "^0.1.12",
     "@blocklet/form-collector": "^0.1.8",
-    "@blocklet/images": "1.16.45-beta-20250701-122807-92b03aba",
-    "@blocklet/js-sdk": "1.16.45-beta-20250701-122807-92b03aba",
+    "@blocklet/images": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@blocklet/js-sdk": "1.16.45-beta-20250702-091552-478bb5e9",
     "@blocklet/mcp": "^1.10.2",
-    "@blocklet/meta": "1.16.45-beta-20250701-122807-92b03aba",
-    "@blocklet/rate-limit": "1.16.45-beta-20250701-122807-92b03aba",
-    "@blocklet/sdk": "1.16.45-beta-20250701-122807-92b03aba",
+    "@blocklet/meta": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@blocklet/rate-limit": "1.16.45-beta-20250702-091552-478bb5e9",
+    "@blocklet/sdk": "1.16.45-beta-20250702-091552-478bb5e9",
     "@blocklet/theme": "^2.13.70",
     "@blocklet/theme-builder": "^0.2.1",
     "@blocklet/uploader-server": "^0.1.101",
@@ -121,7 +121,7 @@
     "whatwg-url": "14.0.0"
   },
   "devDependencies": {
-    "@abtnode/ux": "1.16.45-beta-20250701-122807-92b03aba",
+    "@abtnode/ux": "1.16.45-beta-20250702-091552-478bb5e9",
     "@arcblock/bridge": "^2.13.70",
     "@arcblock/did-connect": "^2.13.70",
     "@arcblock/icons": "^2.13.70",
@@ -129,7 +129,7 @@
     "@arcblock/ux": "^2.13.70",
     "@blocklet/launcher-layout": "^2.13.70",
     "@blocklet/payment-react": "^1.18.56",
-    "@blocklet/tracker": "1.16.45-beta-20250701-122807-92b03aba",
+    "@blocklet/tracker": "1.16.45-beta-20250702-091552-478bb5e9",
     "@blocklet/ui-react": "^2.13.70",
     "@blocklet/uploader": "^0.1.95",
     "@emotion/react": "^11.11.4",
@@ -207,5 +207,5 @@
     "url": "https://github.com/ArcBlock/blocklet-server/issues",
     "email": "shijun@arcblock.io"
   },
-  "gitHead": "f4fc6b6a7d37bd24a2e2493fbad46045cbb7ea81"
+  "gitHead": "e3e4aa595d448f040bc508565cddecc52056a4df"
 }