@blocklet/sdk 1.16.34 → 1.16.35-beta-20241220-110602-f7ee8cba

package/lib/config.d.ts

@@ -39,6 +39,7 @@ declare const env: {
     tenantMode: string;
     appStorageEndpoint: string;
     serverVersion: string;
+    sessionSalt: string;
     languages: {
         code: string;
         name: string;
@@ -109,6 +110,7 @@ declare const _default: {
         tenantMode: string;
         appStorageEndpoint: string;
         serverVersion: string;
+        sessionSalt: string;
         languages: {
             code: string;
             name: string;

package/lib/config.js

@@ -44,6 +44,7 @@ const AppConfigKeyMap = {
     BLOCKLET_APP_SPACE_ENDPOINT: 'appStorageEndpoint',
     BLOCKLET_APP_LANGUAGES: ['languages', util_1.getBlockletLanguages],
     BLOCKLET_APP_TENANT_MODE: 'tenantMode',
+    BLOCKLET_APP_SALT: 'sessionSalt',
     ABT_NODE_VERSION: 'serverVersion',
     ABT_NODE: 'serverVersion', // for backup compatibility
 };
@@ -98,6 +99,7 @@ const env = {
     cacheDir: process.env.BLOCKLET_CACHE_DIR,
     mode: process.env.BLOCKLET_MODE,
     tenantMode: process.env.BLOCKLET_APP_TENANT_MODE,
+    sessionSalt: process.env.BLOCKLET_APP_SALT || '',
     preferences: {
         ...env_1.default.preferences,
         ...appEnvFromDisk.preferences,

package/lib/util/verify-session.d.ts

@@ -1,4 +1,5 @@
 import { SessionUser } from './login';
+export declare const getSessionSecret: () => string;
 export declare function verifyLoginToken({ token, strictMode }: {
     token: any;
     strictMode: any;

package/lib/util/verify-session.js

@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.getSessionSecret = void 0;
 exports.verifyLoginToken = verifyLoginToken;
 exports.verifyComponentCall = verifyComponentCall;
 exports.verifySignedToken = verifySignedToken;
@@ -10,16 +11,21 @@ const constant_1 = require("@blocklet/constant");
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const mcrypto_1 = require("@ocap/mcrypto");
 const jwt_1 = require("@arcblock/jwt");
-const login_1 = require("./login");
 const wallet_1 = __importDefault(require("../wallet"));
+const login_1 = require("./login");
+const config_1 = require("../config");
 const verify_sign_1 = require("./verify-sign");
+const getSessionSecret = () => {
+    const wallet = (0, wallet_1.default)();
+    const secret = mcrypto_1.Hasher.SHA3.hash256(Buffer.concat([wallet.secretKey, wallet.address, config_1.env.sessionSalt].filter(Boolean).map((v) => Buffer.from(v))));
+    return secret;
+};
+exports.getSessionSecret = getSessionSecret;
 function verifyLoginToken({ token, strictMode }) {
     if (!token)
         return null;
-    const wallet = (0, wallet_1.default)();
-    const secret = mcrypto_1.Hasher.SHA3.hash256(Buffer.concat([wallet.secretKey, wallet.address].map((v) => Buffer.from(v))));
     return new Promise((resolve, reject) => {
-        jsonwebtoken_1.default.verify(token, secret, (err, decoded) => {
+        jsonwebtoken_1.default.verify(token, (0, exports.getSessionSecret)(), (err, decoded) => {
             if (err) {
                 if (strictMode) {
                     reject(new Error('Unauthorized: Invalid login token'));
@@ -64,14 +70,13 @@ function verifyComponentCall({ req, strictMode }) {
 function verifySignedToken({ token, strictMode }) {
     if (!token)
         return null;
-    const wallet = (0, wallet_1.default)();
-    const secret = mcrypto_1.Hasher.SHA3.hash256(Buffer.concat([wallet.secretKey, wallet.address].map((v) => Buffer.from(v))));
-    if ((0, jwt_1.verify)(token, secret) === false) {
+    if ((0, jwt_1.verify)(token, (0, exports.getSessionSecret)()) === false) {
         if (strictMode) {
             throw new Error('Unauthorized: Invalid signed token');
         }
         return null;
     }
+    const wallet = (0, wallet_1.default)();
     return {
         did: wallet.address,
         role: 'component',

package/lib/version.d.ts

@@ -1,4 +1,4 @@
-declare const version = "1.16.34";
+declare const version = "1.16.35";
 export { version };
 declare const _default: {
     version: string;

package/lib/version.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.version = void 0;
-const version = '1.16.34';
+const version = '1.16.35';
 exports.version = version;
 exports.default = { version };

package/lib/wallet.d.ts

@@ -7,8 +7,8 @@ import { DIDTypeShortcut } from '@arcblock/did';
  */
 declare const getWallet: {
     (type?: DIDTypeShortcut, appSk?: string): WalletObject;
-    getPermanentWallet: () => WalletObject<string>;
-    getEthereumWallet: (permanent?: boolean) => WalletObject<string>;
+    getPermanentWallet(): WalletObject<string>;
+    getEthereumWallet(permanent?: boolean): WalletObject<string>;
     getPkWallet(type?: DIDTypeShortcut, appPk?: string): WalletObject<string>;
 };
 export = getWallet;

package/lib/wallet.js

@@ -34,10 +34,8 @@ const getWallet = (type, appSk = process.env.BLOCKLET_APP_SK) => {
     return currentWallet;
 };
 // BLOCKLET_WALLET_TYPE is for backward compatibility
-const getPermanentWallet = () => getWallet(process.env.CHAIN_TYPE || process.env.BLOCKLET_WALLET_TYPE, process.env.BLOCKLET_APP_PSK);
-const getEthereumWallet = (permanent = false) => getWallet('ethereum', permanent ? process.env.BLOCKLET_APP_PSK : process.env.BLOCKLET_APP_SK);
-getWallet.getPermanentWallet = getPermanentWallet;
-getWallet.getEthereumWallet = getEthereumWallet;
+getWallet.getPermanentWallet = () => getWallet(process.env.CHAIN_TYPE || process.env.BLOCKLET_WALLET_TYPE, process.env.BLOCKLET_APP_PSK);
+getWallet.getEthereumWallet = (permanent = false) => getWallet('ethereum', permanent ? process.env.BLOCKLET_APP_PSK : process.env.BLOCKLET_APP_SK);
 getWallet.getPkWallet = (type, appPk = process.env.BLOCKLET_APP_PK) => {
     let t;
     let sk;

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.34",
+  "version": "1.16.35-beta-20241220-110602-f7ee8cba",
   "description": "graphql client to read/write data on abt node",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
@@ -27,16 +27,16 @@
   "author": "linchen1987 <linchen.1987@foxmail.com> (http://github.com/linchen1987)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/client": "1.16.34",
-    "@abtnode/constant": "1.16.34",
-    "@abtnode/util": "1.16.34",
+    "@abtnode/client": "1.16.35-beta-20241220-110602-f7ee8cba",
+    "@abtnode/constant": "1.16.35-beta-20241220-110602-f7ee8cba",
+    "@abtnode/util": "1.16.35-beta-20241220-110602-f7ee8cba",
     "@arcblock/did": "1.18.162",
     "@arcblock/did-auth": "1.18.162",
     "@arcblock/jwt": "1.18.162",
     "@arcblock/ws": "1.18.162",
-    "@blocklet/constant": "1.16.34",
-    "@blocklet/env": "1.16.34",
-    "@blocklet/meta": "1.16.34",
+    "@blocklet/constant": "1.16.35-beta-20241220-110602-f7ee8cba",
+    "@blocklet/env": "1.16.35-beta-20241220-110602-f7ee8cba",
+    "@blocklet/meta": "1.16.35-beta-20241220-110602-f7ee8cba",
     "@did-connect/authenticator": "^2.2.4",
     "@did-connect/handler": "^2.2.4",
     "@nedb/core": "^2.1.5",
@@ -81,5 +81,5 @@
     "ts-node": "^10.9.1",
     "typescript": "^5.6.3"
   },
-  "gitHead": "843b12c2cbf9c11497dea690783735f0a83551c9"
+  "gitHead": "c2b7351da906ccb19cad15a5229196803df5c2ce"
 }