npm - @blocklet/meta - Versions diffs - 1.7.7 → 1.7.8 - Mend

@blocklet/meta 1.7.7 → 1.7.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/lib/file.js CHANGED Viewed

@@ -34,7 +34,7 @@ const update = (file, meta) => {
     meta.specVersion = '1.0.0';
   }
-  fs.writeFileSync(file, yaml.safeDump(meta, { sortKeys: false, skipInvalid: true }));
+  fs.writeFileSync(file, yaml.dump(meta, { sortKeys: false, skipInvalid: true }));
 };
 module.exports = { list, select, update };

package/lib/parse.js CHANGED Viewed

@@ -50,14 +50,14 @@ const parse = (
   const blockletMetaFileAlt = path.join(dir, BLOCKLET_META_FILE_ALT);
   if (fs.existsSync(blockletMetaFile)) {
     try {
-      result = Object.assign(result, yaml.safeLoad(fs.readFileSync(blockletMetaFile).toString(), { json: true }));
+      result = Object.assign(result, yaml.load(fs.readFileSync(blockletMetaFile).toString(), { json: true }));
       debug(`parse ${blockletMetaFile}`, result);
     } catch (err) {
       console.error(`parse_blocklet_meta from ${BLOCKLET_META_FILE} failed`, err);
     }
   } else if (fs.existsSync(blockletMetaFileAlt)) {
     try {
-      result = Object.assign(result, yaml.safeLoad(fs.readFileSync(blockletMetaFileAlt).toString(), { json: true }));
+      result = Object.assign(result, yaml.load(fs.readFileSync(blockletMetaFileAlt).toString(), { json: true }));
       debug(`parse ${blockletMetaFileAlt}`, result);
     } catch (err) {
       console.error(`parse_blocklet_meta from ${BLOCKLET_META_FILE_ALT} failed`, err);

package/lib/schema.js CHANGED Viewed

@@ -47,6 +47,7 @@ const environmentSchema = Joi.object({
 const scriptsSchema = Joi.object({
   dev: Joi.string().trim().min(1),
+  e2eDev: Joi.string().trim().min(1),
   preInstall: Joi.string().trim().min(1),
   postInstall: Joi.string().trim().min(1),
   preDeploy: Joi.string().trim().min(1),
@@ -137,6 +138,7 @@ const personSchema = Joi.object({
 const distSchema = Joi.object({
   tarball: Joi.alternatives().try(Joi.string().uri(), Joi.string()).required(),
   integrity: Joi.string().required(),
+  size: Joi.number().optional(),
 });
 const statsSchema = Joi.object({
@@ -181,6 +183,10 @@ const signatureSchema = Joi.object({
   sig: Joi.string().required(),
   excludes: Joi.array().items(Joi.string()).optional(),
   appended: Joi.array().items(Joi.string()).optional(),
+  // delegation token 校验所需字段
+  delegatee: Joi.string(),
+  delegateePk: Joi.string(),
+  delegation: Joi.string(),
 });
 const titleSchema = Joi.string()

package/lib/util.js CHANGED Viewed

@@ -1,7 +1,7 @@
 /* eslint-disable no-await-in-loop */
 const get = require('lodash/get');
-const { NODE_SERVICES, SLOT_FOR_IP_DNS_SITE } = require('@abtnode/constant');
+const { NODE_SERVICES, SLOT_FOR_IP_DNS_SITE, WHO_CAN_ACCESS } = require('@abtnode/constant');
 const { BlockletGroup, fromBlockletStatus, fromBlockletSource, BLOCKLET_INTERFACE_TYPE_WEB } = require('./constants');
@@ -204,13 +204,21 @@ const findServiceFromMeta = (meta, ServiceName) => {
   return (webInterface.services || []).find((x) => names.includes(x.name));
 };
-const isInvitedUserOnlyInMeta = (blocklet) => {
+const getWhoCanAccess = (blocklet) => {
   if (!blocklet) {
-    return false;
+    return WHO_CAN_ACCESS.ALL;
+  }
+  if (get(blocklet, 'settings.whoCanAccess')) {
+    return blocklet.settings.whoCanAccess;
   }
   const service = findServiceFromMeta(blocklet.meta, NODE_SERVICES.AUTH);
-  return service && service.config && ['yes', 'not-first'].includes(service.config.invitedUserOnly);
+  if (get(service, 'config.whoCanAccess')) {
+    return service.config.whoCanAccess;
+  }
+  return WHO_CAN_ACCESS.ALL;
 };
 const replaceSlotToIp = (url, ip) => (url || '').replace(SLOT_FOR_IP_DNS_SITE, (ip || '').replace(/\./g, '-'));
@@ -228,6 +236,6 @@ module.exports = {
   fixBlockletStatus,
   findWebInterface,
   findServiceFromMeta,
-  isInvitedUserOnlyInMeta,
+  getWhoCanAccess,
   replaceSlotToIp,
 };

package/lib/verify-multi-sig.js CHANGED Viewed

@@ -4,6 +4,37 @@ const cloneDeep = require('lodash/cloneDeep');
 const omit = require('lodash/omit');
 const { toTypeInfo } = require('@arcblock/did');
 const { fromPublicKey } = require('@ocap/wallet');
+const { verify } = require('@arcblock/jwt');
+const { fromBase64 } = require('@ocap/util');
+function verifyDelegationToken(signature) {
+  if (signature.delegation) {
+    const payload = JSON.parse(fromBase64(signature.delegation.split('.')[1]));
+    if (payload.from !== signature.signer) {
+      debug('verify payload.from failed', { payload, signature });
+      return false;
+    }
+    if (payload.to !== signature.delegatee) {
+      debug('verify payload.to failed', { payload, signature });
+      return false;
+    }
+    if (!payload?.permissions?.includes('publish_blocklet')) {
+      debug('verify payload.permissions failed', payload);
+      return false;
+    }
+    // 验证一下delegation token
+    if (!verify(signature.delegation, signature.pk)) {
+      debug('verify delegation token failed', signature);
+      return false;
+    }
+  }
+  return true;
+}
 module.exports = (blockletMeta) => {
   const { signatures: tmpSignatures, ...meta } = blockletMeta;
@@ -22,7 +53,19 @@ module.exports = (blockletMeta) => {
   for (let i = 0; i < length; i++) {
     const signature = signatures.shift();
-    const { sig, signer, pk } = signature;
+    // 验证delegation token
+    if (!verifyDelegationToken(signature)) {
+      return false;
+    }
+    const { sig, signer, pk } = signature.delegation
+      ? {
+          sig: signature.sig,
+          signer: signature.delegatee,
+          pk: signature.delegateePk,
+        }
+      : signature;
     delete signature.sig;
     debug('verify', { signer });

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.7.7",
+  "version": "1.7.8",
   "description": "Library to parse/validate/fix blocklet meta",
   "main": "lib/index.js",
   "files": [
@@ -18,16 +18,17 @@
   "author": "wangshijun <wangshijun2020@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/constant": "1.7.7",
-    "@abtnode/util": "1.7.7",
-    "@arcblock/did": "^1.16.0",
-    "@arcblock/did-ext": "^1.16.0",
-    "@arcblock/did-util": "^1.16.0",
-    "@arcblock/nft": "^1.16.0",
-    "@ocap/asset": "^1.16.0",
-    "@ocap/mcrypto": "^1.16.0",
-    "@ocap/util": "^1.16.0",
-    "@ocap/wallet": "^1.16.0",
+    "@abtnode/constant": "1.7.8",
+    "@abtnode/util": "1.7.8",
+    "@arcblock/did": "^1.16.3",
+    "@arcblock/did-ext": "^1.16.3",
+    "@arcblock/did-util": "^1.16.3",
+    "@arcblock/jwt": "^1.16.3",
+    "@arcblock/nft": "^1.16.3",
+    "@ocap/asset": "^1.16.3",
+    "@ocap/mcrypto": "^1.16.3",
+    "@ocap/util": "^1.16.3",
+    "@ocap/wallet": "^1.16.3",
     "ajv": "^7.0.3",
     "cjk-length": "^1.0.0",
     "debug": "^4.3.3",
@@ -36,7 +37,7 @@
     "is-glob": "^4.0.3",
     "joi": "^17.6.0",
     "joi-extension-semver": "^5.0.0",
-    "js-yaml": "^3.14.0",
+    "js-yaml": "^4.1.0",
     "json-stable-stringify": "^1.0.1",
     "lodash": "^4.17.21",
     "url-join": "^4.0.1",
@@ -45,5 +46,5 @@
   "devDependencies": {
     "jest": "^27.4.5"
   },
-  "gitHead": "619db37ea7a91c64a9bf30836a55c70d55325e73"
+  "gitHead": "ae75dd20b4750a31dc53c88b75ed1d95c8f15397"
 }