@cartridge/controller 0.6.0 → 0.7.1

package/src/controller.ts

@@ -88,9 +88,11 @@ export default class ControllerProvider extends BaseProvider {
 
       const response = (await this.keychain.probe(this.rpcUrl())) as ProbeReply;
 
+      // For backwards compat with controller <=0.6.0
+      let rpcUrl = response?.rpcUrl || this.rpcUrl();
       this.account = new ControllerAccount(
         this,
-        this.rpcUrl(),
+        rpcUrl,
         response.address,
         this.keychain,
         this.options,
@@ -170,12 +172,20 @@ export default class ControllerProvider extends BaseProvider {
   }
 
   async switchStarknetChain(chainId: string): Promise<boolean> {
+    if (!this.keychain || !this.iframes.keychain) {
+      console.error(new NotReadyToConnect().message);
+      return false;
+    }
+
     try {
       this.selectedChain = chainId;
-      this.account = await this.probe();
-      if (!this.account) {
-        this.account = await this.connect();
+      const response = (await this.keychain.probe(this.rpcUrl())) as ProbeReply;
+
+      if (response.rpcUrl === this.rpcUrl()) {
+        return true;
       }
+
+      await this.keychain.switchChain(this.rpcUrl());
     } catch (e) {
       console.error(e);
       return false;
@@ -220,6 +230,34 @@ export default class ControllerProvider extends BaseProvider {
     this.iframes.profile.open();
   }
 
+  async openProfileTo(to: string) {
+    if (!this.profile || !this.iframes.profile?.url) {
+      console.error("Profile is not ready");
+      return;
+    }
+    if (!this.account) {
+      console.error("Account is not ready");
+      return;
+    }
+
+    this.profile.navigate(`${this.iframes.profile.url?.pathname}/${to}`);
+    this.iframes.profile.open();
+  }
+
+  async openProfileAt(at: string) {
+    if (!this.profile || !this.iframes.profile?.url) {
+      console.error("Profile is not ready");
+      return;
+    }
+    if (!this.account) {
+      console.error("Account is not ready");
+      return;
+    }
+
+    this.profile.navigate(at);
+    this.iframes.profile.open();
+  }
+
   async openSettings() {
     if (!this.keychain || !this.iframes.keychain) {
       console.error(new NotReadyToConnect().message);
@@ -262,16 +300,6 @@ export default class ControllerProvider extends BaseProvider {
     return this.keychain.username();
   }
 
-  fetchControllers(
-    contractAddresses: string[],
-  ): Promise<Record<string, string>> {
-    if (!this.keychain) {
-      throw new NotReadyToConnect().message;
-    }
-
-    return this.keychain.fetchControllers(contractAddresses);
-  }
-
   openPurchaseCredits() {
     if (!this.keychain || !this.iframes.keychain) {
       console.error(new NotReadyToConnect().message);
@@ -331,7 +359,7 @@ export default class ControllerProvider extends BaseProvider {
   }
 
   private waitForKeychain({
-    timeout = 5000,
+    timeout = 50000,
     interval = 100,
   }:
     | {

package/src/iframe/base.ts

@@ -19,12 +19,10 @@ export class IFrame<CallSender extends {}> implements Modal {
     id,
     url,
     preset,
-    theme,
-    colorMode,
     onClose,
     onConnect,
     methods = {},
-  }: Pick<ControllerOptions, "theme" | "preset" | "colorMode"> & {
+  }: Pick<ControllerOptions, "preset"> & {
     id: string;
     url: URL;
     onClose?: () => void;
@@ -35,18 +33,10 @@ export class IFrame<CallSender extends {}> implements Modal {
       return;
     }
 
-    if (theme) {
-      url.searchParams.set("theme", theme);
-    }
-
     if (preset) {
       url.searchParams.set("preset", preset);
     }
 
-    if (colorMode) {
-      url.searchParams.set("colorMode", colorMode);
-    }
-
     this.url = url;
 
     const iframe = document.createElement("iframe");

package/src/node/account.ts

@@ -0,0 +1,72 @@
+import { Policy } from "@cartridge/account-wasm";
+import { CartridgeSessionAccount } from "@cartridge/account-wasm/session";
+import { Call, InvokeFunctionResponse, WalletAccount } from "starknet";
+
+import { normalizeCalls } from "../utils";
+import BaseProvider from "../provider";
+
+export * from "../errors";
+export * from "../types";
+
+export default class SessionAccount extends WalletAccount {
+  public controller: CartridgeSessionAccount;
+
+  constructor(
+    provider: BaseProvider,
+    {
+      rpcUrl,
+      privateKey,
+      address,
+      ownerGuid,
+      chainId,
+      expiresAt,
+      policies,
+    }: {
+      rpcUrl: string;
+      privateKey: string;
+      address: string;
+      ownerGuid: string;
+      chainId: string;
+      expiresAt: number;
+      policies: Policy[];
+    },
+  ) {
+    super({ nodeUrl: rpcUrl }, provider);
+
+    this.address = address;
+    this.controller = CartridgeSessionAccount.newAsRegistered(
+      rpcUrl,
+      privateKey,
+      address,
+      ownerGuid,
+      chainId,
+      {
+        expiresAt,
+        policies,
+      },
+    );
+  }
+
+  /**
+   * Invoke execute function in account contract
+   *
+   * @param calls the invocation object or an array of them, containing:
+   * - contractAddress - the address of the contract
+   * - entrypoint - the entrypoint of the contract
+   * - calldata - (defaults to []) the calldata
+   * - signature - (defaults to []) the signature
+   *
+   * @returns response from addTransaction
+   */
+  async execute(calls: Call | Call[]): Promise<InvokeFunctionResponse> {
+    try {
+      const res = await this.controller.executeFromOutside(
+        normalizeCalls(calls),
+      );
+
+      return res;
+    } catch (e) {
+      return this.controller.execute(normalizeCalls(calls));
+    }
+  }
+}

package/src/node/backend.ts

@@ -0,0 +1,159 @@
+import * as fs from "fs/promises";
+import * as path from "path";
+import { CallbackServer } from "./server";
+
+interface SessionSigner {
+  privKey: string;
+  pubKey: string;
+}
+
+interface SessionInfo {
+  username: string;
+  address: string;
+  ownerGuid: string;
+  transactionHash?: string;
+  expiresAt: string;
+}
+
+interface SessionData {
+  signer?: SessionSigner;
+  session?: SessionInfo;
+  policies?: any;
+  lastUsedConnector?: string;
+  [key: string]: any;
+}
+
+/**
+ * Implements a file system backend.
+ * This is designed for Node.js environments to store session data on the filesystem.
+ */
+export class NodeBackend {
+  private basePath: string;
+  private sessionFile: string;
+  private data: SessionData = {};
+  private callbackServer?: CallbackServer;
+
+  constructor(basePath: string) {
+    if (!basePath) {
+      throw new Error("basePath is required for NodeBackend");
+    }
+    this.basePath = basePath;
+    this.sessionFile = path.join(this.basePath, "session.json");
+  }
+
+  private async ensureDirectoryExists(): Promise<void> {
+    try {
+      await fs.access(this.basePath);
+    } catch {
+      try {
+        await fs.mkdir(this.basePath, { recursive: true });
+      } catch (error: any) {
+        throw new Error(
+          `Failed to create directory ${this.basePath}: ${error.message}`,
+        );
+      }
+    }
+  }
+
+  private async loadData(): Promise<void> {
+    try {
+      const content = await fs.readFile(this.sessionFile, "utf-8");
+      const parsed = JSON.parse(content);
+
+      if (typeof parsed !== "object" || parsed === null) {
+        throw new Error("Invalid session data format");
+      }
+
+      this.data = parsed;
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        if ((error as NodeJS.ErrnoException).code !== "ENOENT") {
+          throw new Error(`Failed to load session data: ${error.message}`);
+        }
+      }
+      this.data = {};
+    }
+  }
+
+  private async saveData(): Promise<void> {
+    try {
+      await this.ensureDirectoryExists();
+      await fs.writeFile(
+        this.sessionFile,
+        JSON.stringify(this.data, null, 2),
+        "utf-8",
+      );
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to save session data: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async get(key: string): Promise<string | null> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+
+    await this.loadData();
+    return this.data[key] ? JSON.stringify(this.data[key]) : null;
+  }
+
+  async set(key: string, value: string): Promise<void> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+    if (!value) {
+      throw new Error("Value is required");
+    }
+
+    await this.loadData();
+    try {
+      this.data[key] = JSON.parse(value);
+      await this.saveData();
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to set ${key}: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async delete(key: string): Promise<void> {
+    if (!key) {
+      throw new Error("Key is required");
+    }
+
+    await this.loadData();
+    delete this.data[key];
+    await this.saveData();
+  }
+
+  async getRedirectUri(): Promise<string> {
+    try {
+      this.callbackServer = new CallbackServer();
+      return await this.callbackServer.listen();
+    } catch (error: unknown) {
+      if (error instanceof Error) {
+        throw new Error(`Failed to start callback server: ${error.message}`);
+      }
+      throw error;
+    }
+  }
+
+  async waitForCallback(): Promise<string | null> {
+    if (!this.callbackServer) {
+      throw new Error("Callback server not initialized");
+    }
+    return await this.callbackServer.waitForCallback();
+  }
+
+  openLink(url: string): void {
+    if (!url) {
+      throw new Error("URL is required");
+    }
+
+    console.log(`\n\t Open url to authorize session: ${url}`);
+  }
+}

package/src/node/index.ts

@@ -0,0 +1,4 @@
+export { default } from "./provider";
+export * from "./provider";
+export * from "../errors";
+export * from "../types";

package/src/node/provider.ts

@@ -0,0 +1,178 @@
+import { ec, stark, WalletAccount } from "starknet";
+import { SessionPolicies } from "@cartridge/presets";
+import { AddStarknetChainParameters } from "@starknet-io/types-js";
+
+import SessionAccount from "./account";
+import { KEYCHAIN_URL } from "../constants";
+import BaseProvider from "../provider";
+import { toWasmPolicies } from "../utils";
+import { ParsedSessionPolicies } from "../policies";
+import { NodeBackend } from "./backend";
+
+export type SessionOptions = {
+  rpc: string;
+  chainId: string;
+  policies: SessionPolicies;
+  basePath: string;
+  keychainUrl?: string;
+};
+
+export default class SessionProvider extends BaseProvider {
+  public id = "controller_session";
+  public name = "Controller Session";
+
+  protected _chainId: string;
+  protected _rpcUrl: string;
+  protected _username?: string;
+  protected _policies: ParsedSessionPolicies;
+  protected _keychainUrl: string;
+  protected _backend: NodeBackend;
+
+  constructor({
+    rpc,
+    chainId,
+    policies,
+    basePath,
+    keychainUrl,
+  }: SessionOptions) {
+    super();
+
+    this._policies = {
+      verified: false,
+      contracts: policies.contracts
+        ? Object.fromEntries(
+            Object.entries(policies.contracts).map(([address, contract]) => [
+              address,
+              {
+                ...contract,
+                methods: contract.methods.map((method) => ({
+                  ...method,
+                  authorized: true,
+                })),
+              },
+            ]),
+          )
+        : undefined,
+      messages: policies.messages?.map((message) => ({
+        ...message,
+        authorized: true,
+      })),
+    };
+
+    this._rpcUrl = rpc;
+    this._chainId = chainId;
+    this._keychainUrl = keychainUrl || KEYCHAIN_URL;
+    this._backend = new NodeBackend(basePath);
+  }
+
+  async username() {
+    const sessionStr = await this._backend.get("session");
+    if (sessionStr) {
+      const session = JSON.parse(sessionStr);
+      return session.username;
+    }
+    return undefined;
+  }
+
+  async probe(): Promise<WalletAccount | undefined> {
+    if (this.account) {
+      return this.account;
+    }
+
+    const [sessionStr, signerStr] = await Promise.all([
+      this._backend.get("session"),
+      this._backend.get("signer"),
+    ]);
+
+    if (!sessionStr || !signerStr) {
+      return undefined;
+    }
+
+    const session = JSON.parse(sessionStr);
+    const signer = JSON.parse(signerStr);
+
+    // Check expiration
+    const expirationTime = parseInt(session.expiresAt) * 1000;
+    if (Date.now() >= expirationTime) {
+      await this.disconnect();
+      return undefined;
+    }
+
+    this._username = session.username;
+    this.account = new SessionAccount(this, {
+      rpcUrl: this._rpcUrl,
+      privateKey: signer.privKey,
+      address: session.address,
+      ownerGuid: session.ownerGuid,
+      chainId: this._chainId,
+      expiresAt: parseInt(session.expiresAt),
+      policies: toWasmPolicies(this._policies),
+    });
+
+    return this.account;
+  }
+
+  async connect(): Promise<WalletAccount | undefined> {
+    if (this.account) {
+      return this.account;
+    }
+
+    const account = await this.probe();
+    if (account) {
+      return account;
+    }
+
+    const pk = stark.randomAddress();
+    const publicKey = ec.starkCurve.getStarkKey(pk);
+
+    await this._backend.set(
+      "signer",
+      JSON.stringify({
+        privKey: pk,
+        pubKey: publicKey,
+      }),
+    );
+
+    // Get redirect URI from local server
+    const redirectUri = await this._backend.getRedirectUri();
+
+    const url = `${
+      this._keychainUrl
+    }/session?public_key=${encodeURIComponent(publicKey)}&redirect_uri=${encodeURIComponent(
+      redirectUri,
+    )}&redirect_query_name=startapp&policies=${encodeURIComponent(
+      JSON.stringify(this._policies),
+    )}&rpc_url=${encodeURIComponent(this._rpcUrl)}`;
+
+    this._backend.openLink(url);
+
+    // Wait for callback with session data
+    const sessionData = await this._backend.waitForCallback();
+    if (sessionData) {
+      const sessionRegistration = JSON.parse(atob(sessionData));
+      // Ensure addresses are properly formatted
+      sessionRegistration.address = sessionRegistration.address.toLowerCase();
+      sessionRegistration.ownerGuid =
+        sessionRegistration.ownerGuid.toLowerCase();
+      await this._backend.set("session", JSON.stringify(sessionRegistration));
+      return this.probe();
+    }
+
+    return undefined;
+  }
+
+  async disconnect(): Promise<void> {
+    await this._backend.delete("signer");
+    await this._backend.delete("session");
+    this.account = undefined;
+    this._username = undefined;
+  }
+
+  switchStarknetChain(_chainId: string): Promise<boolean> {
+    throw new Error("switchStarknetChain not implemented");
+  }
+
+  addStarknetChain(_chain: AddStarknetChainParameters): Promise<boolean> {
+    throw new Error("addStarknetChain not implemented");
+  }
+}

package/src/node/server.ts

@@ -0,0 +1,89 @@
+import * as http from "http";
+import { AddressInfo } from "net";
+
+type ServerResponse = http.ServerResponse<http.IncomingMessage> & {
+  req: http.IncomingMessage;
+};
+
+export class CallbackServer {
+  private server: http.Server;
+  private resolveCallback?: (data: string) => void;
+  private rejectCallback?: (error: Error) => void;
+  private timeoutId?: NodeJS.Timeout;
+
+  constructor() {
+    this.server = http.createServer(this.handleRequest.bind(this));
+
+    // Handle server errors
+    this.server.on("error", (error) => {
+      console.error("Server error:", error);
+      if (this.rejectCallback) {
+        this.rejectCallback(error);
+      }
+    });
+  }
+
+  private cleanup() {
+    if (this.timeoutId) {
+      clearTimeout(this.timeoutId);
+    }
+    this.server.close();
+  }
+
+  private handleRequest(req: http.IncomingMessage, res: ServerResponse) {
+    if (!req.url?.startsWith("/callback")) {
+      res.writeHead(404);
+      res.end();
+      return;
+    }
+
+    const params = new URLSearchParams(req.url.split("?")[1]);
+    const session = params.get("startapp");
+
+    if (!session) {
+      console.warn("Received callback without session data");
+      res.writeHead(400);
+      res.end("Missing session data");
+      return;
+    }
+
+    if (this.resolveCallback) {
+      this.resolveCallback(session);
+    }
+
+    res.writeHead(200, { "Content-Type": "text/html" });
+    res.end(
+      "<html><body><script>window.close();</script>Session registered successfully. You can close this window.</body></html>",
+    );
+
+    this.cleanup();
+  }
+
+  async listen(): Promise<string> {
+    return new Promise((resolve, reject) => {
+      this.server.listen(0, "localhost", () => {
+        const address = this.server.address() as AddressInfo;
+        const url = `http://localhost:${address.port}/callback`;
+        resolve(url);
+      });
+
+      this.server.on("error", reject);
+    });
+  }
+
+  async waitForCallback(): Promise<string> {
+    return new Promise((resolve, reject) => {
+      this.resolveCallback = resolve;
+      this.rejectCallback = reject;
+
+      this.timeoutId = setTimeout(
+        () => {
+          console.warn("Callback timeout reached");
+          reject(new Error("Callback timeout after 5 minutes"));
+          this.cleanup();
+        },
+        5 * 60 * 1000,
+      );
+    });
+  }
+}

package/src/session/account.ts

@@ -34,7 +34,7 @@ export default class SessionAccount extends WalletAccount {
     super({ nodeUrl: rpcUrl }, provider);
 
     this.address = address;
-    this.controller = CartridgeSessionAccount.new_as_registered(
+    this.controller = CartridgeSessionAccount.newAsRegistered(
       rpcUrl,
       privateKey,
       address,

package/src/session/provider.ts

@@ -219,23 +219,13 @@ export default class SessionProvider extends BaseProvider {
 
     // Check expiration
     const expirationTime = parseInt(sessionRegistration.expiresAt) * 1000;
-    console.log("Session expiration check:", {
-      expirationTime,
-      currentTime: Date.now(),
-      expired: Date.now() >= expirationTime,
-    });
     if (Date.now() >= expirationTime) {
-      console.log("Session expired, clearing stored session");
       this.clearStoredSession();
       return;
     }
 
     // Check stored policies
     const storedPoliciesStr = localStorage.getItem("sessionPolicies");
-    console.log("Checking stored policies:", {
-      storedPoliciesStr,
-      currentPolicies: this._policies,
-    });
     if (storedPoliciesStr) {
       const storedPolicies = JSON.parse(
         storedPoliciesStr,
@@ -245,14 +235,8 @@ export default class SessionProvider extends BaseProvider {
         this._policies,
         storedPolicies,
       );
-      console.log("Policy validation result:", {
-        isValid,
-        storedPolicies,
-        requestedPolicies: this._policies,
-      });
 
       if (!isValid) {
-        console.log("Policy validation failed, clearing stored session");
         this.clearStoredSession();
         return;
       }