npm - @blocklet/sdk - Versions diffs - 1.16.32-beta-5463e017 → 1.16.32-beta-93e1a798 - Mend

@blocklet/sdk 1.16.32-beta-5463e017 → 1.16.32-beta-93e1a798

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/lib/index.d.ts +33 -2
package/lib/middlewares/csrf.d.ts +14 -0
package/lib/middlewares/csrf.js +64 -0
package/lib/middlewares/index.d.ts +3 -0
package/lib/middlewares/index.js +4 -1
package/lib/util/digest.d.ts +2 -0
package/lib/util/digest.js +13 -0
package/lib/util/wallet.d.ts +7 -0
package/lib/util/wallet.js +20 -0
package/package.json +7 -7

package/lib/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { TNavigation, TTheme } from '@blocklet/meta/lib/types';
+import { TTheme, type TNavigationItem } from '@blocklet/meta/lib/types';
 import env from '@blocklet/env';
 import Auth from './service/auth';
 import Notification from './service/notification';
@@ -28,34 +28,65 @@ export { Component as component };
 export { Component };
 export { Security };
 export { config };
+export type BlockletSettings = {
+    session: {
+        ttl: number;
+        cacheTtl: number;
+    };
+    federated: {
+        master: {
+            appId: string;
+            appPid: string;
+            appName: string;
+            appDescription: string;
+            appUrl: string;
+            appLogo: string;
+            version: string;
+        };
+        config: Record<string, any>;
+    };
+    oauth: Record<string, {
+        enabled: boolean;
+        [x: string]: any;
+    }>;
+};
 export interface WindowBlocklet {
     [x: string]: any;
+    serverDid: string;
+    serverVersion: string;
+    did: string;
     appId: string;
     appIds: string[];
     appPid: string;
+    appPk: string;
     appName: string;
     appDescription: string;
     appLogo: string;
     appLogoRect: string;
     appUrl: string;
+    webWalletUrl: string;
     isComponent: boolean;
     prefix: string;
     groupPrefix: string;
     pageGroup: string;
     version: string;
     mode: string;
+    status: string;
     tenantMode: 'single' | 'multiple';
     theme: TTheme;
-    navigation: TNavigation[];
+    navigation: TNavigationItem[];
     preferences: Record<string, any>;
     languages: {
         code: string;
         name: string;
     }[];
     passportColor: string;
+    componentId: string;
     componentMountPoints: TComponent[];
     alsoKnownAs: string[];
     trustedFactories: string[];
+    updatedAt: number;
+    settings: BlockletSettings;
 }
 declare global {
     interface Window {

package/lib/middlewares/csrf.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { Request, RequestHandler, Response } from 'express';
+export interface CSRFOptionsResponse extends Response<any, {
+    generateToken: typeof defaultGenerateToken;
+    verifyToken: typeof defaultVerifyToken;
+} & Record<string, any>> {
+}
+export interface CSRFOptions {
+    generateToken?: (req: Request, res: CSRFOptionsResponse) => void | Promise<void>;
+    verifyToken?: (req: Request, res: CSRFOptionsResponse) => Promise<void> | void;
+}
+declare function defaultGenerateToken(req: Request, res: Response): void;
+declare function defaultVerifyToken(req: Request): void;
+export declare function csrf(options?: CSRFOptions): RequestHandler;
+export {};

package/lib/middlewares/csrf.js ADDED Viewed

@@ -0,0 +1,64 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.csrf = csrf;
+const lodash_1 = require("lodash");
+const joi_1 = __importDefault(require("joi"));
+const digest_1 = require("../util/digest");
+const wallet_1 = require("../util/wallet");
+function defaultGenerateToken(req, res) {
+    if (req.cookies.login_token && !req.cookies['x-csrf-token']) {
+        const xCsrfTokenMd5 = (0, digest_1.hmac)(req.cookies.login_token);
+        const xCsrfTokenSigned = (0, digest_1.hmac)(xCsrfTokenMd5);
+        res.cookie('x-csrf-token', [xCsrfTokenMd5, xCsrfTokenSigned].join('.'), {
+            sameSite: 'none',
+            secure: true,
+        });
+    }
+}
+function defaultVerifyToken(req) {
+    if (!(0, lodash_1.isEmpty)(req.cookies['x-csrf-token']) && req.cookies['x-csrf-token'] === req.headers['x-csrf-token']) {
+        const [xCsrfTokenMd5, xCsrfTokenSigned] = req.headers['x-csrf-token'].split('.');
+        if ((0, digest_1.hmac)(xCsrfTokenMd5) === xCsrfTokenSigned) {
+            return;
+        }
+    }
+    throw new Error('Current request status is abnormal, please retry later');
+}
+function shouldGenerateToken(req) {
+    return ['GET'].includes(req.method);
+}
+/**
+ *
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
+ */
+function shouldVerifyToken(req) {
+    return (['POST', 'PUT', 'PATCH', 'DELETE'].includes(req.method) &&
+        !(0, lodash_1.isEmpty)(req.cookies['x-csrf-token']) &&
+        !(0, wallet_1.isDidWalletConnect)(req.headers));
+}
+const csrfOptionsSchema = joi_1.default.object({
+    generateToken: joi_1.default.func().required(),
+    verifyToken: joi_1.default.func().required(),
+});
+function csrf(options = { generateToken: defaultGenerateToken, verifyToken: defaultVerifyToken }) {
+    options.generateToken = typeof options.generateToken === 'function' ? options.generateToken : defaultGenerateToken;
+    options.verifyToken = typeof options.verifyToken === 'function' ? options.verifyToken : defaultVerifyToken;
+    const { value: data, error } = csrfOptionsSchema.validate(options);
+    if (error) {
+        throw new Error(error.message);
+    }
+    return async (req, res, next) => {
+        res.locals.generateToken = defaultGenerateToken;
+        res.locals.verifyToken = defaultVerifyToken;
+        if (shouldGenerateToken(req)) {
+            await data.generateToken(req, res);
+        }
+        else if (shouldVerifyToken(req)) {
+            await data.verifyToken(req, res);
+        }
+        return next();
+    };
+}

package/lib/middlewares/index.d.ts CHANGED Viewed

@@ -3,11 +3,13 @@ import auth from './auth';
 import component from './component';
 import fallback from './fallback';
 import sitemap from './sitemap';
+import { csrf } from './csrf';
 export { user };
 export { auth };
 export { component };
 export { fallback };
 export { sitemap };
+export { csrf };
 declare const _default: {
     user: () => (req: import("express").Request & {
         user?: {
@@ -72,5 +74,6 @@ declare const _default: {
             stock_tickers: string;
         };
     }) => void, req?: import("express").Request) => Promise<void>) => (req: import("express").Request, res: import("express").Response) => Promise<void>;
+    csrf: typeof csrf;
 };
 export default _default;

package/lib/middlewares/index.js CHANGED Viewed

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.sitemap = exports.fallback = exports.component = exports.auth = exports.user = void 0;
+exports.csrf = exports.sitemap = exports.fallback = exports.component = exports.auth = exports.user = void 0;
 const user_1 = __importDefault(require("./user"));
 exports.user = user_1.default;
 const auth_1 = __importDefault(require("./auth"));
@@ -14,10 +14,13 @@ const fallback_1 = __importDefault(require("./fallback"));
 exports.fallback = fallback_1.default;
 const sitemap_1 = __importDefault(require("./sitemap"));
 exports.sitemap = sitemap_1.default;
+const csrf_1 = require("./csrf");
+Object.defineProperty(exports, "csrf", { enumerable: true, get: function () { return csrf_1.csrf; } });
 exports.default = {
     user: user_1.default,
     auth: auth_1.default,
     component: component_1.default,
     fallback: fallback_1.default,
     sitemap: sitemap_1.default,
+    csrf: csrf_1.csrf,
 };

package/lib/util/digest.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { LiteralUnion } from 'type-fest';
2	+ export declare function hmac(message: string, algorithm?: LiteralUnion<'md5' \| 'sha256', string>): string;

package/lib/util/digest.js ADDED Viewed

@@ -0,0 +1,13 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hmac = hmac;
+const crypto_1 = require("crypto");
+const wallet_1 = __importDefault(require("../wallet"));
+function hmac(message, algorithm = 'md5') {
+    const wallet = (0, wallet_1.default)();
+    const hmacFunc = (0, crypto_1.createHmac)(algorithm, wallet.secretKey);
+    return hmacFunc.update(message).digest('base64url');
+}

package/lib/util/wallet.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { Request } from 'express';
+/**
+ *
+ * @description 判断请求是否来自钱包的 DID Connect
+ * @export
+ */
+export declare function isDidWalletConnect(headers: Request['headers']): boolean;

package/lib/util/wallet.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isDidWalletConnect = isDidWalletConnect;
+/**
+ *
+ * @description 判断请求是否来自钱包的 DID Connect
+ * @export
+ */
+function isDidWalletConnect(headers) {
+    const userAgent = (headers['user-agent'] || '').toLowerCase();
+    const isMatch = userAgent.split(/\s+/).find((x) => x.startsWith('arcwallet/') || x.startsWith('abtwallet/'));
+    if (isMatch) {
+        return true;
+    }
+    const arcWalletVersion = headers['arcwallet-version'];
+    if (arcWalletVersion) {
+        return true;
+    }
+    return false;
+}

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.32-beta-5463e017",
+  "version": "1.16.32-beta-93e1a798",
   "description": "graphql client to read/write data on abt node",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
@@ -27,15 +27,15 @@
   "author": "linchen1987 <linchen.1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/client": "1.16.32-beta-5463e017",
-    "@abtnode/constant": "1.16.32-beta-5463e017",
+    "@abtnode/client": "1.16.32-beta-93e1a798",
+    "@abtnode/constant": "1.16.32-beta-93e1a798",
     "@arcblock/did": "1.18.135",
     "@arcblock/did-auth": "1.18.135",
     "@arcblock/jwt": "1.18.135",
     "@arcblock/ws": "1.18.135",
-    "@blocklet/constant": "1.16.32-beta-5463e017",
-    "@blocklet/env": "1.16.32-beta-5463e017",
-    "@blocklet/meta": "1.16.32-beta-5463e017",
+    "@blocklet/constant": "1.16.32-beta-93e1a798",
+    "@blocklet/env": "1.16.32-beta-93e1a798",
+    "@blocklet/meta": "1.16.32-beta-93e1a798",
     "@did-connect/authenticator": "^2.2.4",
     "@did-connect/handler": "^2.2.4",
     "@nedb/core": "^2.1.5",
@@ -75,5 +75,5 @@
     "ts-node": "^10.9.1",
     "typescript": "^5.0.4"
   },
-  "gitHead": "aff2d89d663ccd842757ff664fb80e1d7ae05029"
+  "gitHead": "608fab914e6ee5cb5659c11ab3d0713945ab99a0"
 }