@cartridge/controller 0.5.9 → 0.7.0

package/src/node/backend.ts

@@ -0,0 +1,159 @@
+import * as fs from "fs/promises";
+import * as path from "path";
+import { CallbackServer } from "./server";
+
+interface SessionSigner {
+  privKey: string;
+  pubKey: string;
+}
+
+interface SessionInfo {
+  username: string;
+  address: string;
+  ownerGuid: string;
+  transactionHash?: string;
+  expiresAt: string;
+}
+
+interface SessionData {
+  signer?: SessionSigner;
+  session?: SessionInfo;
+  policies?: any;
+  lastUsedConnector?: string;
+  [key: string]: any;
+}
+
+/**
+ * Implements a file system backend.
+ * This is designed for Node.js environments to store session data on the filesystem.
+ */
+export class NodeBackend {
+  private basePath: string;
+  private sessionFile: string;
+  private data: SessionData = {};
+  private callbackServer?: CallbackServer;
+
+  constructor(basePath: string) {
+    if (!basePath) {
+      throw new Error("basePath is required for NodeBackend");
+    }
+    this.basePath = basePath;
+    this.sessionFile = path.join(this.basePath, "session.json");
+  }
+
+  private async ensureDirectoryExists(): Promise<void> {
+    try {
+      await fs.access(this.basePath);
+    } catch {
+      try {
+        await fs.mkdir(this.basePath, { recursive: true });
+      } catch (error: any) {
+        throw new Error(
+          `Failed to create directory ${this.basePath}: ${error.message}`,
+        );
+      }
+    }
+  }
+
+  private async loadData(): Promise<void> {
+    try {
+      const content = await fs.readFile(this.sessionFile, "utf-8");
+      const parsed = JSON.parse(content);
+
+      if (typeof parsed !== "object" || parsed === null) {
+        throw new Error("Invalid session data format");
+      }
+
+      this.data = parsed;
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        if ((error as NodeJS.ErrnoException).code !== "ENOENT") {
+          throw new Error(`Failed to load session data: ${error.message}`);
+        }
+      }
+      this.data = {};
+    }
+  }
+
+  private async saveData(): Promise<void> {
+    try {
+      await this.ensureDirectoryExists();
+      await fs.writeFile(
+        this.sessionFile,
+        JSON.stringify(this.data, null, 2),
+        "utf-8",
+      );
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to save session data: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async get(key: string): Promise<string | null> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+
+    await this.loadData();
+    return this.data[key] ? JSON.stringify(this.data[key]) : null;
+  }
+
+  async set(key: string, value: string): Promise<void> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+    if (!value) {
+      throw new Error("Value is required");
+    }
+
+    await this.loadData();
+    try {
+      this.data[key] = JSON.parse(value);
+      await this.saveData();
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to set ${key}: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async delete(key: string): Promise<void> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+
+    await this.loadData();
+    delete this.data[key];
+    await this.saveData();
+  }
+
+  async getRedirectUri(): Promise<string> {
+    try {
+      this.callbackServer = new CallbackServer();
+      return await this.callbackServer.listen();
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to start callback server: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async waitForCallback(): Promise<string | null> {
+    if (!this.callbackServer) {
+      throw new Error("Callback server not initialized");
+    }
+    return await this.callbackServer.waitForCallback();
+  }
+
+  openLink(url: string): void {
+    if (!url) {
+      throw new Error("URL is required");
+    }
+
+    console.log(`\n\t Open url to authorize session: ${url}`);
+  }
+}

package/src/node/index.ts

@@ -0,0 +1,4 @@
+export { default } from "./provider";
+export * from "./provider";
+export * from "../errors";
+export * from "../types";

package/src/node/provider.ts

@@ -0,0 +1,178 @@
+import { ec, stark, WalletAccount } from "starknet";
+import { SessionPolicies } from "@cartridge/presets";
+import { AddStarknetChainParameters } from "@starknet-io/types-js";
+
+import SessionAccount from "./account";
+import { KEYCHAIN_URL } from "../constants";
+import BaseProvider from "../provider";
+import { toWasmPolicies } from "../utils";
+import { ParsedSessionPolicies } from "../policies";
+import { NodeBackend } from "./backend";
+
+export type SessionOptions = {
+  rpc: string;
+  chainId: string;
+  policies: SessionPolicies;
+  basePath: string;
+  keychainUrl?: string;
+};
+
+export default class SessionProvider extends BaseProvider {
+  public id = "controller_session";
+  public name = "Controller Session";
+
+  protected _chainId: string;
+  protected _rpcUrl: string;
+  protected _username?: string;
+  protected _policies: ParsedSessionPolicies;
+  protected _keychainUrl: string;
+  protected _backend: NodeBackend;
+
+  constructor({
+    rpc,
+    chainId,
+    policies,
+    basePath,
+    keychainUrl,
+  }: SessionOptions) {
+    super();
+
+    this._policies = {
+      verified: false,
+      contracts: policies.contracts
+        ? Object.fromEntries(
+            Object.entries(policies.contracts).map(([address, contract]) => [
+              address,
+              {
+                ...contract,
+                methods: contract.methods.map((method) => ({
+                  ...method,
+                  authorized: true,
+                })),
+              },
+            ]),
+          )
+        : undefined,
+      messages: policies.messages?.map((message) => ({
+        ...message,
+        authorized: true,
+      })),
+    };
+
+    this._rpcUrl = rpc;
+    this._chainId = chainId;
+    this._keychainUrl = keychainUrl || KEYCHAIN_URL;
+    this._backend = new NodeBackend(basePath);
+  }
+
+  async username() {
+    const sessionStr = await this._backend.get("session");
+    if (sessionStr) {
+      const session = JSON.parse(sessionStr);
+      return session.username;
+    }
+    return undefined;
+  }
+
+  async probe(): Promise<WalletAccount | undefined> {
+    if (this.account) {
+      return this.account;
+    }
+
+    const [sessionStr, signerStr] = await Promise.all([
+      this._backend.get("session"),
+      this._backend.get("signer"),
+    ]);
+
+    if (!sessionStr || !signerStr) {
+      return undefined;
+    }
+
+    const session = JSON.parse(sessionStr);
+    const signer = JSON.parse(signerStr);
+
+    // Check expiration
+    const expirationTime = parseInt(session.expiresAt) * 1000;
+    if (Date.now() >= expirationTime) {
+      await this.disconnect();
+      return undefined;
+    }
+
+    this._username = session.username;
+    this.account = new SessionAccount(this, {
+      rpcUrl: this._rpcUrl,
+      privateKey: signer.privKey,
+      address: session.address,
+      ownerGuid: session.ownerGuid,
+      chainId: this._chainId,
+      expiresAt: parseInt(session.expiresAt),
+      policies: toWasmPolicies(this._policies),
+    });
+
+    return this.account;
+  }
+
+  async connect(): Promise<WalletAccount | undefined> {
+    if (this.account) {
+      return this.account;
+    }
+
+    const account = await this.probe();
+    if (account) {
+      return account;
+    }
+
+    const pk = stark.randomAddress();
+    const publicKey = ec.starkCurve.getStarkKey(pk);
+
+    await this._backend.set(
+      "signer",
+      JSON.stringify({
+        privKey: pk,
+        pubKey: publicKey,
+      }),
+    );
+
+    // Get redirect URI from local server
+    const redirectUri = await this._backend.getRedirectUri();
+
+    const url = `${
+      this._keychainUrl
+    }/session?public_key=${encodeURIComponent(publicKey)}&redirect_uri=${encodeURIComponent(
+      redirectUri,
+    )}&redirect_query_name=startapp&policies=${encodeURIComponent(
+      JSON.stringify(this._policies),
+    )}&rpc_url=${encodeURIComponent(this._rpcUrl)}`;
+
+    this._backend.openLink(url);
+
+    // Wait for callback with session data
+    const sessionData = await this._backend.waitForCallback();
+    if (sessionData) {
+      const sessionRegistration = JSON.parse(atob(sessionData));
+      // Ensure addresses are properly formatted
+      sessionRegistration.address = sessionRegistration.address.toLowerCase();
+      sessionRegistration.ownerGuid =
+        sessionRegistration.ownerGuid.toLowerCase();
+      await this._backend.set("session", JSON.stringify(sessionRegistration));
+      return this.probe();
+    }
+
+    return undefined;
+  }
+
+  async disconnect(): Promise<void> {
+    await this._backend.delete("signer");
+    await this._backend.delete("session");
+    this.account = undefined;
+    this._username = undefined;
+  }
+
+  switchStarknetChain(_chainId: string): Promise<boolean> {
+    throw new Error("switchStarknetChain not implemented");
+  }
+
+  addStarknetChain(_chain: AddStarknetChainParameters): Promise<boolean> {
+    throw new Error("addStarknetChain not implemented");
+  }
+}

package/src/node/server.ts

@@ -0,0 +1,89 @@
+import * as http from "http";
+import { AddressInfo } from "net";
+
+type ServerResponse = http.ServerResponse<http.IncomingMessage> & {
+  req: http.IncomingMessage;
+};
+
+export class CallbackServer {
+  private server: http.Server;
+  private resolveCallback?: (data: string) => void;
+  private rejectCallback?: (error: Error) => void;
+  private timeoutId?: NodeJS.Timeout;
+
+  constructor() {
+    this.server = http.createServer(this.handleRequest.bind(this));
+
+    // Handle server errors
+    this.server.on("error", (error) => {
+      console.error("Server error:", error);
+      if (this.rejectCallback) {
+        this.rejectCallback(error);
+      }
+    });
+  }
+
+  private cleanup() {
+    if (this.timeoutId) {
+      clearTimeout(this.timeoutId);
+    }
+    this.server.close();
+  }
+
+  private handleRequest(req: http.IncomingMessage, res: ServerResponse) {
+    if (!req.url?.startsWith("/callback")) {
+      res.writeHead(404);
+      res.end();
+      return;
+    }
+
+    const params = new URLSearchParams(req.url.split("?")[1]);
+    const session = params.get("startapp");
+
+    if (!session) {
+      console.warn("Received callback without session data");
+      res.writeHead(400);
+      res.end("Missing session data");
+      return;
+    }
+
+    if (this.resolveCallback) {
+      this.resolveCallback(session);
+    }
+
+    res.writeHead(200, { "Content-Type": "text/html" });
+    res.end(
+      "<html><body><script>window.close();</script>Session registered successfully. You can close this window.</body></html>",
+    );
+
+    this.cleanup();
+  }
+
+  async listen(): Promise<string> {
+    return new Promise((resolve, reject) => {
+      this.server.listen(0, "localhost", () => {
+        const address = this.server.address() as AddressInfo;
+        const url = `http://localhost:${address.port}/callback`;
+        resolve(url);
+      });
+
+      this.server.on("error", reject);
+    });
+  }
+
+  async waitForCallback(): Promise<string> {
+    return new Promise((resolve, reject) => {
+      this.resolveCallback = resolve;
+      this.rejectCallback = reject;
+
+      this.timeoutId = setTimeout(
+        () => {
+          console.warn("Callback timeout reached");
+          reject(new Error("Callback timeout after 5 minutes"));
+          this.cleanup();
+        },
+        5 * 60 * 1000,
+      );
+    });
+  }
+}

package/src/policies.ts

@@ -0,0 +1,49 @@
+import {
+  ContractPolicy,
+  Method,
+  SessionPolicies,
+  SignMessagePolicy,
+} from "@cartridge/presets";
+
+export type ParsedSessionPolicies = {
+  verified: boolean;
+  contracts?: SessionContracts;
+  messages?: SessionMessages;
+};
+
+export type SessionContracts = Record<
+  string,
+  Omit<ContractPolicy, "methods"> & {
+    methods: (Method & { authorized?: boolean })[];
+  }
+>;
+
+export type SessionMessages = (SignMessagePolicy & {
+  authorized?: boolean;
+})[];
+
+export function parsePolicies(
+  policies: SessionPolicies,
+): ParsedSessionPolicies {
+  return {
+    verified: false,
+    contracts: policies.contracts
+      ? Object.fromEntries(
+          Object.entries(policies.contracts).map(([address, contract]) => [
+            address,
+            {
+              ...contract,
+              methods: contract.methods.map((method) => ({
+                ...method,
+                authorized: true,
+              })),
+            },
+          ]),
+        )
+      : undefined,
+    messages: policies.messages?.map((message) => ({
+      ...message,
+      authorized: true,
+    })),
+  };
+}

package/src/provider.ts

@@ -16,6 +16,9 @@ import {
 import manifest from "../package.json";
 
 import { icon } from "./icon";
+import { Mutex } from "./mutex";
+
+const mutex = new Mutex();
 
 export default abstract class BaseProvider implements StarknetWindowObject {
   public id = "controller";
@@ -26,10 +29,37 @@ export default abstract class BaseProvider implements StarknetWindowObject {
   public account?: WalletAccount;
   public subscriptions: WalletEvents[] = [];
 
+  private _probePromise: Promise<WalletAccount | undefined> | null = null;
+
+  protected async safeProbe(): Promise<WalletAccount | undefined> {
+    // If we already have an account, return it
+    if (this.account) {
+      return this.account;
+    }
+
+    // If we're already probing, wait for the existing probe
+    if (this._probePromise) {
+      return this._probePromise;
+    }
+
+    const release = await mutex.obtain();
+    return await new Promise<WalletAccount | undefined>(async (resolve) => {
+      try {
+        this._probePromise = this.probe();
+        const result = await this._probePromise;
+        resolve(result);
+      } finally {
+        this._probePromise = null;
+      }
+    }).finally(() => {
+      release();
+    });
+  }
+
   request: RequestFn = async (call) => {
     switch (call.type) {
       case "wallet_getPermissions":
-        await this.probe();
+        await this.safeProbe();
 
         if (this.account) {
           return [Permission.ACCOUNTS];
@@ -45,7 +75,8 @@ export default abstract class BaseProvider implements StarknetWindowObject {
         const silentMode =
           call.params && (call.params as RequestAccountsParameters).silent_mode;
 
-        this.account = await this.probe();
+        this.account = await this.safeProbe();
+
         if (!this.account && !silentMode) {
           this.account = await this.connect();
         }

package/src/session/account.ts

@@ -33,7 +33,8 @@ export default class SessionAccount extends WalletAccount {
   ) {
     super({ nodeUrl: rpcUrl }, provider);
 
-    this.controller = CartridgeSessionAccount.new_as_registered(
+    this.address = address;
+    this.controller = CartridgeSessionAccount.newAsRegistered(
       rpcUrl,
       privateKey,
       address,