@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-ledger-button-20250808005842 → 0.0.0-ledger-button-20250808091712
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/api/LedgerKeyringProtocol.js +1 -1
- package/lib/cjs/api/LedgerKeyringProtocol.js.map +1 -1
- package/lib/cjs/api/LedgerKeyringProtocolBuilder.js +1 -1
- package/lib/cjs/api/LedgerKeyringProtocolBuilder.js.map +3 -3
- package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js.map +1 -1
- package/lib/cjs/api/app-binder/LKRPTypes.js +1 -1
- package/lib/cjs/api/app-binder/LKRPTypes.js.map +3 -3
- package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js +1 -1
- package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
- package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
- package/lib/cjs/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
- package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
- package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +2 -2
- package/lib/cjs/internal/di.js +1 -1
- package/lib/cjs/internal/di.js.map +3 -3
- package/lib/cjs/internal/externalTypes.js +1 -1
- package/lib/cjs/internal/externalTypes.js.map +2 -2
- package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
- package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
- package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
- package/lib/cjs/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
- package/lib/cjs/internal/utils/hex.js +1 -1
- package/lib/cjs/internal/utils/hex.js.map +3 -3
- package/lib/cjs/package.json +0 -1
- package/lib/esm/api/LedgerKeyringProtocolBuilder.js +1 -1
- package/lib/esm/api/LedgerKeyringProtocolBuilder.js.map +3 -3
- package/lib/esm/api/app-binder/LKRPTypes.js +1 -1
- package/lib/esm/api/app-binder/LKRPTypes.js.map +3 -3
- package/lib/esm/internal/DefaultLedgerKeyringProtocol.js +1 -1
- package/lib/esm/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
- package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js +1 -1
- package/lib/esm/internal/app-binder/LedgerKeyringProtocolBinder.js.map +3 -3
- package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
- package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +2 -2
- package/lib/esm/internal/di.js +1 -1
- package/lib/esm/internal/di.js.map +3 -3
- package/lib/esm/internal/externalTypes.js +1 -1
- package/lib/esm/internal/externalTypes.js.map +2 -2
- package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
- package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
- package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js +1 -1
- package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js.map +3 -3
- package/lib/esm/internal/utils/hex.js +1 -1
- package/lib/esm/internal/utils/hex.js.map +3 -3
- package/lib/esm/package.json +0 -1
- package/lib/types/api/LedgerKeyringProtocol.d.ts +2 -2
- package/lib/types/api/LedgerKeyringProtocol.d.ts.map +1 -1
- package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts +8 -3
- package/lib/types/api/LedgerKeyringProtocolBuilder.d.ts.map +1 -1
- package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts +0 -1
- package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts.map +1 -1
- package/lib/types/api/app-binder/LKRPTypes.d.ts +4 -0
- package/lib/types/api/app-binder/LKRPTypes.d.ts.map +1 -1
- package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts +6 -4
- package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts.map +1 -1
- package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts +3 -4
- package/lib/types/internal/app-binder/LedgerKeyringProtocolBinder.d.ts.map +1 -1
- package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts.map +1 -1
- package/lib/types/internal/di.d.ts +4 -1
- package/lib/types/internal/di.d.ts.map +1 -1
- package/lib/types/internal/externalTypes.d.ts +1 -0
- package/lib/types/internal/externalTypes.d.ts.map +1 -1
- package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts.map +1 -1
- package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts +2 -2
- package/lib/types/internal/use-cases/authentication/AuthenticateUseCase.d.ts.map +1 -1
- package/lib/types/internal/utils/hex.d.ts.map +1 -1
- package/lib/types/tsconfig.prod.tsbuildinfo +1 -1
- package/package.json +4 -5
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/internal/utils/hex.ts"],
|
|
4
|
-
"sourcesContent": ["
|
|
5
|
-
"mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,gBAAAE,EAAA,eAAAC,IAAA,eAAAC,EAAAJ,
|
|
6
|
-
"names": ["hex_exports", "__export", "bytesToHex", "hexToBytes", "__toCommonJS", "hex", "bytes"]
|
|
4
|
+
"sourcesContent": ["import {\n bufferToHexaString,\n hexaStringToBuffer,\n} from \"@ledgerhq/device-management-kit\";\n\nexport function hexToBytes(hex: string): Uint8Array {\n return hexaStringToBuffer(hex) ?? new Uint8Array();\n}\n\nexport function bytesToHex(bytes: Uint8Array): string {\n return bufferToHexaString(bytes).slice(2); // Remove the \"0x\" prefix\n}\n"],
|
|
5
|
+
"mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,gBAAAE,EAAA,eAAAC,IAAA,eAAAC,EAAAJ,GAAA,IAAAK,EAGO,2CAEA,SAASF,EAAWG,EAAyB,CAClD,SAAO,sBAAmBA,CAAG,GAAK,IAAI,UACxC,CAEO,SAASJ,EAAWK,EAA2B,CACpD,SAAO,sBAAmBA,CAAK,EAAE,MAAM,CAAC,CAC1C",
|
|
6
|
+
"names": ["hex_exports", "__export", "bytesToHex", "hexToBytes", "__toCommonJS", "import_device_management_kit", "hex", "bytes"]
|
|
7
7
|
}
|
package/lib/cjs/package.json
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{DefaultLedgerKeyringProtocol as
|
|
1
|
+
import{DefaultLedgerKeyringProtocol as i}from"../internal/DefaultLedgerKeyringProtocol";class o{dmk;sessionId;applicationId;env;baseUrl;constructor(e){this.dmk=e.dmk,this.sessionId=e.sessionId,this.applicationId=e.applicationId,this.env=e.env,this.baseUrl=e.baseUrl}build(){return new i({dmk:this.dmk,sessionId:this.sessionId,applicationId:this.applicationId,env:this.env,baseUrl:this.baseUrl})}}export{o as LedgerKeyringProtocolBuilder};
|
|
2
2
|
//# sourceMappingURL=LedgerKeyringProtocolBuilder.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/api/LedgerKeyringProtocolBuilder.ts"],
|
|
4
|
-
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\n\nimport { type LedgerKeyringProtocol } from \"@api/LedgerKeyringProtocol\";\nimport { DefaultLedgerKeyringProtocol } from \"@internal/DefaultLedgerKeyringProtocol\";\n\nexport class LedgerKeyringProtocolBuilder {\n private readonly dmk: DeviceManagementKit;\n private readonly sessionId: DeviceSessionId;\n private readonly
|
|
5
|
-
"mappings": "AAMA,OAAS,gCAAAA,MAAoC,
|
|
6
|
-
"names": ["DefaultLedgerKeyringProtocol", "LedgerKeyringProtocolBuilder", "
|
|
4
|
+
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\n\nimport { type LedgerKeyringProtocol } from \"@api/LedgerKeyringProtocol\";\nimport { DefaultLedgerKeyringProtocol } from \"@internal/DefaultLedgerKeyringProtocol\";\n\nimport { type LKRPEnv } from \"./app-binder/LKRPTypes\";\n\nexport class LedgerKeyringProtocolBuilder {\n private readonly dmk: DeviceManagementKit;\n private readonly sessionId: DeviceSessionId;\n private readonly applicationId: number;\n private readonly env?: LKRPEnv;\n private readonly baseUrl?: string;\n\n constructor(args: {\n dmk: DeviceManagementKit;\n sessionId: DeviceSessionId;\n applicationId: number;\n env?: LKRPEnv;\n baseUrl?: string;\n }) {\n this.dmk = args.dmk;\n this.sessionId = args.sessionId;\n this.applicationId = args.applicationId;\n this.env = args.env;\n this.baseUrl = args.baseUrl;\n }\n\n build(): LedgerKeyringProtocol {\n return new DefaultLedgerKeyringProtocol({\n dmk: this.dmk,\n sessionId: this.sessionId,\n applicationId: this.applicationId,\n env: this.env,\n baseUrl: this.baseUrl,\n });\n }\n}\n"],
|
|
5
|
+
"mappings": "AAMA,OAAS,gCAAAA,MAAoC,yCAItC,MAAMC,CAA6B,CACvB,IACA,UACA,cACA,IACA,QAEjB,YAAYC,EAMT,CACD,KAAK,IAAMA,EAAK,IAChB,KAAK,UAAYA,EAAK,UACtB,KAAK,cAAgBA,EAAK,cAC1B,KAAK,IAAMA,EAAK,IAChB,KAAK,QAAUA,EAAK,OACtB,CAEA,OAA+B,CAC7B,OAAO,IAAIF,EAA6B,CACtC,IAAK,KAAK,IACV,UAAW,KAAK,UAChB,cAAe,KAAK,cACpB,IAAK,KAAK,IACV,QAAS,KAAK,OAChB,CAAC,CACH,CACF",
|
|
6
|
+
"names": ["DefaultLedgerKeyringProtocol", "LedgerKeyringProtocolBuilder", "args"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
var r=(t=>(t[t.OWNER=4294967295]="OWNER",t[t.CAN_ENCRYPT=1]="CAN_ENCRYPT",t[t.CAN_DERIVE=2]="CAN_DERIVE",t[t.CAN_ADD_BLOCK=4]="CAN_ADD_BLOCK",t))(
|
|
1
|
+
var a=(r=>(r.PROD="prod",r.STAGING="staging",r))(a||{}),e=(t=>(t[t.OWNER=4294967295]="OWNER",t[t.CAN_ENCRYPT=1]="CAN_ENCRYPT",t[t.CAN_DERIVE=2]="CAN_DERIVE",t[t.CAN_ADD_BLOCK=4]="CAN_ADD_BLOCK",t))(e||{});export{a as LKRPEnv,e as Permissions};
|
|
2
2
|
//# sourceMappingURL=LKRPTypes.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/api/app-binder/LKRPTypes.ts"],
|
|
4
|
-
"sourcesContent": ["export interface Keypair {\n pubKeyToU8a(): Uint8Array;\n pubKeyToHex(): string;\n sign(message: Uint8Array): Promise<Uint8Array>;\n ecdh(publicKey: Uint8Array): Uint8Array;\n}\n\nexport type JWT = {\n access_token: string;\n permissions: {\n [trustchainId: string]: {\n [path: string]: string[];\n };\n };\n};\n\n/**\n * https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/5865144361/ARCH+LKRP+-+v2+specifications#Member-permissions\n */\nexport enum Permissions {\n OWNER = 0xffffffff, // Owners of the stream have access to everything\n CAN_ENCRYPT = 1, // The member can have access to the stream private key\n CAN_DERIVE = 1 << 1, // The member can have access to the stream chain code (if a member have access to the private key and the chain code it is able to derive sub-streams)\n CAN_ADD_BLOCK = 1 << 2, // The member is authorized to issue blocks in the current stream\n}\n"],
|
|
5
|
-
"mappings": "
|
|
6
|
-
"names": ["Permissions"]
|
|
4
|
+
"sourcesContent": ["export interface Keypair {\n pubKeyToU8a(): Uint8Array;\n pubKeyToHex(): string;\n sign(message: Uint8Array): Promise<Uint8Array>;\n ecdh(publicKey: Uint8Array): Uint8Array;\n}\n\nexport enum LKRPEnv {\n PROD = \"prod\",\n STAGING = \"staging\",\n}\n\nexport type JWT = {\n access_token: string;\n permissions: {\n [trustchainId: string]: {\n [path: string]: string[];\n };\n };\n};\n\n/**\n * https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/5865144361/ARCH+LKRP+-+v2+specifications#Member-permissions\n */\nexport enum Permissions {\n OWNER = 0xffffffff, // Owners of the stream have access to everything\n CAN_ENCRYPT = 1, // The member can have access to the stream private key\n CAN_DERIVE = 1 << 1, // The member can have access to the stream chain code (if a member have access to the private key and the chain code it is able to derive sub-streams)\n CAN_ADD_BLOCK = 1 << 2, // The member is authorized to issue blocks in the current stream\n}\n"],
|
|
5
|
+
"mappings": "AAOO,IAAKA,OACVA,EAAA,KAAO,OACPA,EAAA,QAAU,UAFAA,OAAA,IAiBAC,OACVA,IAAA,MAAQ,YAAR,QACAA,IAAA,YAAc,GAAd,cACAA,IAAA,WAAa,GAAb,aACAA,IAAA,cAAgB,GAAhB,gBAJUA,OAAA",
|
|
6
|
+
"names": ["LKRPEnv", "Permissions"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{ByteArrayBuilder as f,ByteArrayParser as h}from"@ledgerhq/device-management-kit";import{Maybe as
|
|
1
|
+
import{ByteArrayBuilder as f,ByteArrayParser as h}from"@ledgerhq/device-management-kit";import{Maybe as K}from"purify-ts";import{LKRPParsingError as m}from"../api/app-binder/Errors";import{KeypairFromBytes as d}from"../api/app-binder/KeypairFromBytes";import{makeContainer as A}from"./di";import{AES_BLOCK_SIZE as u,CryptoUtils as i}from"./utils/crypto";import{useCasesTypes as U}from"./use-cases/di/useCasesTypes";import{eitherSeqRecord as D}from"./utils/eitherSeqRecord";class R{name;_container;constructor({dmk:a,sessionId:n,applicationId:e,env:t,baseUrl:r}){this.name="Ledger Keyring Protocol",this._container=A({dmk:a,sessionId:n,applicationId:e,env:t,baseUrl:r})}authenticate(a,n,e,t){return this._container.get(U.AuthenticateUseCase).execute(a,n,e,t)}encryptData(a,n){const e=new d(a),t=i.randomKeypair(),r=e.ecdh(t.pubKeyToU8a()).slice(1),o=i.hmac(new Uint8Array,r),s=i.randomBytes(16),c=i.encrypt(o,s,n),p=c.subarray(0,-u),y=c.subarray(-u);return new f().add8BitUIntToData(0).addBufferToData(t.pubKeyToU8a()).addBufferToData(s).addBufferToData(y).addBufferToData(p).build()}decryptData(a,n){const e=new h(n);if(e.extract8BitUInt()!==0)throw new m("Unsupported serialization version");const t=(r,o)=>K.fromNullable(r).toEither(new m(`Missing ${o} field`));return D({ephemeralPublicKey:()=>t(e.extractFieldByLength(33),"ephemeral public key"),iv:()=>t(e.extractFieldByLength(16),"IV"),tag:()=>t(e.extractFieldByLength(16),"tag"),encryptedData:()=>t(e.extractFieldByLength(e.getUnparsedRemainingLength()),"encrypted data")}).map(({ephemeralPublicKey:r,iv:o,tag:s,encryptedData:c})=>{const y=new d(a).ecdh(r).slice(1),g=i.hmac(new Uint8Array,y),l=new Uint8Array([...c,...s]);return i.decrypt(g,o,l)}).caseOf({Left:r=>{throw r},Right:r=>r})}}export{R as DefaultLedgerKeyringProtocol};
|
|
2
2
|
//# sourceMappingURL=DefaultLedgerKeyringProtocol.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/internal/DefaultLedgerKeyringProtocol.ts"],
|
|
4
|
-
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport {\n ByteArrayBuilder,\n ByteArrayParser,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Container } from \"inversify\";\nimport { Maybe } from \"purify-ts\";\n\nimport { type AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { LKRPParsingError } from \"@api/app-binder/Errors\";\nimport { KeypairFromBytes } from \"@api/app-binder/KeypairFromBytes\";\nimport {\n type
|
|
5
|
-
"mappings": "AAIA,OACE,oBAAAA,EACA,mBAAAC,MACK,kCAEP,OAAS,SAAAC,MAAa,YAGtB,OAAS,oBAAAC,MAAwB,yBACjC,OAAS,oBAAAC,MAAwB,mCAOjC,OAAS,iBAAAC,MAAqB,eAC9B,OAAS,kBAAAC,EAAgB,eAAAC,MAAmB,yBAG5C,OAAS,iBAAAC,MAAqB,+BAC9B,OAAS,mBAAAC,MAAuB,
|
|
6
|
-
"names": ["ByteArrayBuilder", "ByteArrayParser", "Maybe", "LKRPParsingError", "KeypairFromBytes", "makeContainer", "AES_BLOCK_SIZE", "CryptoUtils", "useCasesTypes", "eitherSeqRecord", "DefaultLedgerKeyringProtocol", "dmk", "sessionId", "
|
|
4
|
+
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport {\n ByteArrayBuilder,\n ByteArrayParser,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Container } from \"inversify\";\nimport { Maybe } from \"purify-ts\";\n\nimport { type AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { LKRPParsingError } from \"@api/app-binder/Errors\";\nimport { KeypairFromBytes } from \"@api/app-binder/KeypairFromBytes\";\nimport {\n type Keypair,\n type LKRPEnv,\n type Permissions,\n} from \"@api/app-binder/LKRPTypes\";\nimport { type LedgerKeyringProtocol } from \"@api/LedgerKeyringProtocol\";\nimport { makeContainer } from \"@internal/di\";\nimport { AES_BLOCK_SIZE, CryptoUtils } from \"@internal/utils/crypto\";\n\nimport { type AuthenticateUseCase } from \"./use-cases/authentication/AuthenticateUseCase\";\nimport { useCasesTypes } from \"./use-cases/di/useCasesTypes\";\nimport { eitherSeqRecord } from \"./utils/eitherSeqRecord\";\n\ntype DefaultLedgerKeyringProtocolConstructorArgs = {\n dmk: DeviceManagementKit;\n sessionId: DeviceSessionId;\n applicationId: number;\n env?: LKRPEnv;\n baseUrl?: string;\n};\n\nexport class DefaultLedgerKeyringProtocol implements LedgerKeyringProtocol {\n name: string;\n private _container: Container;\n\n constructor({\n dmk,\n sessionId,\n applicationId,\n env,\n baseUrl,\n }: DefaultLedgerKeyringProtocolConstructorArgs) {\n this.name = \"Ledger Keyring Protocol\";\n this._container = makeContainer({\n dmk,\n sessionId,\n applicationId,\n env,\n baseUrl,\n });\n }\n\n authenticate(\n keypair: Keypair,\n clientName: string,\n permissions: Permissions,\n trustchainId?: string,\n ): AuthenticateDAReturnType {\n return this._container\n .get<AuthenticateUseCase>(useCasesTypes.AuthenticateUseCase)\n .execute(keypair, clientName, permissions, trustchainId);\n }\n\n // TODO Better return type for error management instead of exceptions\n encryptData(encryptionKey: Uint8Array, data: Uint8Array): Uint8Array {\n // TODO move implem in a use case\n\n // Derive the shared secret using ECDH with an ephemeral keypair\n const privateKey = new KeypairFromBytes(encryptionKey);\n const ephemeralKeypair = CryptoUtils.randomKeypair();\n const sharedSecret = privateKey\n .ecdh(ephemeralKeypair.pubKeyToU8a())\n .slice(1);\n\n // Key derivation using HMAC-SHA256\n const key = CryptoUtils.hmac(new Uint8Array(), sharedSecret);\n\n // Generate a random IV (nonce)\n const iv = CryptoUtils.randomBytes(16);\n\n // Encrypt data\n const ciphertext = CryptoUtils.encrypt(key, iv, data);\n const encryptedData = ciphertext.subarray(0, -AES_BLOCK_SIZE);\n const tag = ciphertext.subarray(-AES_BLOCK_SIZE);\n\n // Serialize the result\n return new ByteArrayBuilder()\n .add8BitUIntToData(0) // Version of the format\n .addBufferToData(ephemeralKeypair.pubKeyToU8a())\n .addBufferToData(iv)\n .addBufferToData(tag)\n .addBufferToData(encryptedData)\n .build();\n }\n\n decryptData(encryptionKey: Uint8Array, data: Uint8Array): Uint8Array {\n // TODO move implem in a use case\n\n const parser = new ByteArrayParser(data);\n if (parser.extract8BitUInt() !== 0) {\n throw new LKRPParsingError(\"Unsupported serialization version\");\n }\n const required = (value: Uint8Array | undefined, field: string) =>\n Maybe.fromNullable(value).toEither(\n new LKRPParsingError(`Missing ${field} field`),\n );\n\n return eitherSeqRecord({\n ephemeralPublicKey: () =>\n required(parser.extractFieldByLength(33), \"ephemeral public key\"),\n iv: () => required(parser.extractFieldByLength(16), \"IV\"),\n tag: () => required(parser.extractFieldByLength(16), \"tag\"),\n encryptedData: () =>\n required(\n parser.extractFieldByLength(parser.getUnparsedRemainingLength()),\n \"encrypted data\",\n ),\n })\n .map(({ ephemeralPublicKey, iv, tag, encryptedData }) => {\n // Derive the shared secret using ECDH with an ephemeral keypair\n const privateKey = new KeypairFromBytes(encryptionKey);\n const sharedSecret = privateKey.ecdh(ephemeralPublicKey).slice(1);\n\n // Key derivation using HMAC-SHA256\n const key = CryptoUtils.hmac(new Uint8Array(), sharedSecret);\n\n // Decrypt the data\n const ciphertext = new Uint8Array([...encryptedData, ...tag]);\n const cleartext = CryptoUtils.decrypt(key, iv, ciphertext);\n return cleartext;\n })\n .caseOf({\n Left: (error) => {\n throw error;\n },\n Right: (cleartext) => cleartext,\n });\n }\n}\n"],
|
|
5
|
+
"mappings": "AAIA,OACE,oBAAAA,EACA,mBAAAC,MACK,kCAEP,OAAS,SAAAC,MAAa,YAGtB,OAAS,oBAAAC,MAAwB,yBACjC,OAAS,oBAAAC,MAAwB,mCAOjC,OAAS,iBAAAC,MAAqB,eAC9B,OAAS,kBAAAC,EAAgB,eAAAC,MAAmB,yBAG5C,OAAS,iBAAAC,MAAqB,+BAC9B,OAAS,mBAAAC,MAAuB,0BAUzB,MAAMC,CAA8D,CACzE,KACQ,WAER,YAAY,CACV,IAAAC,EACA,UAAAC,EACA,cAAAC,EACA,IAAAC,EACA,QAAAC,CACF,EAAgD,CAC9C,KAAK,KAAO,0BACZ,KAAK,WAAaV,EAAc,CAC9B,IAAAM,EACA,UAAAC,EACA,cAAAC,EACA,IAAAC,EACA,QAAAC,CACF,CAAC,CACH,CAEA,aACEC,EACAC,EACAC,EACAC,EAC0B,CAC1B,OAAO,KAAK,WACT,IAAyBX,EAAc,mBAAmB,EAC1D,QAAQQ,EAASC,EAAYC,EAAaC,CAAY,CAC3D,CAGA,YAAYC,EAA2BC,EAA8B,CAInE,MAAMC,EAAa,IAAIlB,EAAiBgB,CAAa,EAC/CG,EAAmBhB,EAAY,cAAc,EAC7CiB,EAAeF,EAClB,KAAKC,EAAiB,YAAY,CAAC,EACnC,MAAM,CAAC,EAGJE,EAAMlB,EAAY,KAAK,IAAI,WAAciB,CAAY,EAGrDE,EAAKnB,EAAY,YAAY,EAAE,EAG/BoB,EAAapB,EAAY,QAAQkB,EAAKC,EAAIL,CAAI,EAC9CO,EAAgBD,EAAW,SAAS,EAAG,CAACrB,CAAc,EACtDuB,EAAMF,EAAW,SAAS,CAACrB,CAAc,EAG/C,OAAO,IAAIN,EAAiB,EACzB,kBAAkB,CAAC,EACnB,gBAAgBuB,EAAiB,YAAY,CAAC,EAC9C,gBAAgBG,CAAE,EAClB,gBAAgBG,CAAG,EACnB,gBAAgBD,CAAa,EAC7B,MAAM,CACX,CAEA,YAAYR,EAA2BC,EAA8B,CAGnE,MAAMS,EAAS,IAAI7B,EAAgBoB,CAAI,EACvC,GAAIS,EAAO,gBAAgB,IAAM,EAC/B,MAAM,IAAI3B,EAAiB,mCAAmC,EAEhE,MAAM4B,EAAW,CAACC,EAA+BC,IAC/C/B,EAAM,aAAa8B,CAAK,EAAE,SACxB,IAAI7B,EAAiB,WAAW8B,CAAK,QAAQ,CAC/C,EAEF,OAAOxB,EAAgB,CACrB,mBAAoB,IAClBsB,EAASD,EAAO,qBAAqB,EAAE,EAAG,sBAAsB,EAClE,GAAI,IAAMC,EAASD,EAAO,qBAAqB,EAAE,EAAG,IAAI,EACxD,IAAK,IAAMC,EAASD,EAAO,qBAAqB,EAAE,EAAG,KAAK,EAC1D,cAAe,IACbC,EACED,EAAO,qBAAqBA,EAAO,2BAA2B,CAAC,EAC/D,gBACF,CACJ,CAAC,EACE,IAAI,CAAC,CAAE,mBAAAI,EAAoB,GAAAR,EAAI,IAAAG,EAAK,cAAAD,CAAc,IAAM,CAGvD,MAAMJ,EADa,IAAIpB,EAAiBgB,CAAa,EACrB,KAAKc,CAAkB,EAAE,MAAM,CAAC,EAG1DT,EAAMlB,EAAY,KAAK,IAAI,WAAciB,CAAY,EAGrDG,EAAa,IAAI,WAAW,CAAC,GAAGC,EAAe,GAAGC,CAAG,CAAC,EAE5D,OADkBtB,EAAY,QAAQkB,EAAKC,EAAIC,CAAU,CAE3D,CAAC,EACA,OAAO,CACN,KAAOQ,GAAU,CACf,MAAMA,CACR,EACA,MAAQC,GAAcA,CACxB,CAAC,CACL,CACF",
|
|
6
|
+
"names": ["ByteArrayBuilder", "ByteArrayParser", "Maybe", "LKRPParsingError", "KeypairFromBytes", "makeContainer", "AES_BLOCK_SIZE", "CryptoUtils", "useCasesTypes", "eitherSeqRecord", "DefaultLedgerKeyringProtocol", "dmk", "sessionId", "applicationId", "env", "baseUrl", "keypair", "clientName", "permissions", "trustchainId", "encryptionKey", "data", "privateKey", "ephemeralKeypair", "sharedSecret", "key", "iv", "ciphertext", "encryptedData", "tag", "parser", "required", "value", "field", "ephemeralPublicKey", "error", "cleartext"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
var d=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var
|
|
1
|
+
var d=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var u=(r,e,i,n)=>{for(var t=n>1?void 0:n?l(e,i):e,a=r.length-1,m;a>=0;a--)(m=r[a])&&(t=(n?m(e,i,t):m(t))||t);return n&&t&&d(e,i,t),t},o=(r,e)=>(i,n)=>e(i,n,r);import{SendCommandInAppDeviceAction as k,UserInteractionRequired as w}from"@ledgerhq/device-management-kit";import{inject as p,injectable as D}from"inversify";import{externalTypes as c}from"../externalTypes";import{lkrpDatasourceTypes as h}from"../lkrp-datasource/di/lkrpDatasourceTypes";import{GetVersionCommand as A}from"./command/GetVersionCommand";import{AuthenticateDeviceAction as I}from"./device-action/AuthenticateDeviceAction";let s=class{constructor(e,i,n,t){this.dmk=e;this.sessionId=i;this.applicationId=n;this.lkrpDataSource=t}authenticate(e){return this.dmk.executeDeviceAction({sessionId:this.sessionId,deviceAction:new I({input:{lkrpDataSource:this.lkrpDataSource,applicationId:this.applicationId,clientName:e.clientName,permissions:e.permissions,keypair:e.keypair,trustchainId:e.trustchainId??null}})})}getVersion(e){return this.dmk.executeDeviceAction({sessionId:this.sessionId,deviceAction:new k({input:{command:new A,appName:"Ledger Sync",requiredUserInteraction:w.None,skipOpenApp:e.skipOpenApp}})})}getAppName(){throw new Error("Not implemented")}getSeedId(){throw new Error("Not implemented")}init(){throw new Error("Not implemented")}parseStream(){throw new Error("Not implemented")}signBlock(){throw new Error("Not implemented")}setTrustedMember(){throw new Error("Not implemented")}};s=u([D(),o(0,p(c.Dmk)),o(1,p(c.SessionId)),o(2,p(c.ApplicationId)),o(3,p(h.LKRPDataSource))],s);export{s as LedgerKeyringProtocolBinder};
|
|
2
2
|
//# sourceMappingURL=LedgerKeyringProtocolBinder.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/internal/app-binder/LedgerKeyringProtocolBinder.ts"],
|
|
4
|
-
"sourcesContent": ["import {\n DeviceManagementKit,\n type DeviceSessionId,\n SendCommandInAppDeviceAction,\n UserInteractionRequired,\n} from \"@ledgerhq/device-management-kit\";\nimport { inject, injectable } from \"inversify\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { GetVersionDAReturnType } from \"@api/app-binder/GetVersionDeviceActionTypes\";\nimport {
|
|
5
|
-
"mappings": "iOAAA,OAGE,gCAAAA,EACA,2BAAAC,MACK,kCACP,OAAS,UAAAC,EAAQ,cAAAC,MAAkB,YAKnC,OAAS,iBAAAC,MAAqB,0BAE9B,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,qBAAAC,MAAyB,8BAClC,OAAS,4BAAAC,MAAgC,2CAGlC,IAAMC,EAAN,KAAkC,CACvC,YAC8CC,EAG3BC,EAGAC,EACjB,
|
|
6
|
-
"names": ["SendCommandInAppDeviceAction", "UserInteractionRequired", "inject", "injectable", "externalTypes", "lkrpDatasourceTypes", "GetVersionCommand", "AuthenticateDeviceAction", "LedgerKeyringProtocolBinder", "dmk", "sessionId", "lkrpDataSource", "args", "AuthenticateDeviceAction", "SendCommandInAppDeviceAction", "GetVersionCommand", "UserInteractionRequired", "__decorateClass", "injectable", "__decorateParam", "inject", "externalTypes", "lkrpDatasourceTypes"]
|
|
4
|
+
"sourcesContent": ["import {\n DeviceManagementKit,\n type DeviceSessionId,\n SendCommandInAppDeviceAction,\n UserInteractionRequired,\n} from \"@ledgerhq/device-management-kit\";\nimport { inject, injectable } from \"inversify\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { GetVersionDAReturnType } from \"@api/app-binder/GetVersionDeviceActionTypes\";\nimport { Keypair, Permissions } from \"@api/app-binder/LKRPTypes\";\nimport { externalTypes } from \"@internal/externalTypes\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\n\nimport { GetVersionCommand } from \"./command/GetVersionCommand\";\nimport { AuthenticateDeviceAction } from \"./device-action/AuthenticateDeviceAction\";\n\n@injectable()\nexport class LedgerKeyringProtocolBinder {\n constructor(\n @inject(externalTypes.Dmk) private readonly dmk: DeviceManagementKit,\n\n @inject(externalTypes.SessionId)\n private readonly sessionId: DeviceSessionId,\n\n @inject(externalTypes.ApplicationId)\n private readonly applicationId: number,\n\n @inject(lkrpDatasourceTypes.LKRPDataSource)\n private readonly lkrpDataSource: LKRPDataSource,\n ) {}\n\n authenticate(args: {\n keypair: Keypair;\n clientName: string;\n permissions: Permissions;\n trustchainId?: string;\n }): AuthenticateDAReturnType {\n return this.dmk.executeDeviceAction({\n sessionId: this.sessionId,\n deviceAction: new AuthenticateDeviceAction({\n input: {\n lkrpDataSource: this.lkrpDataSource,\n applicationId: this.applicationId,\n clientName: args.clientName,\n permissions: args.permissions,\n keypair: args.keypair,\n trustchainId: args.trustchainId ?? null,\n },\n }),\n });\n }\n\n getVersion(args: { skipOpenApp: boolean }): GetVersionDAReturnType {\n return this.dmk.executeDeviceAction({\n sessionId: this.sessionId,\n deviceAction: new SendCommandInAppDeviceAction({\n input: {\n command: new GetVersionCommand(),\n appName: \"Ledger Sync\",\n requiredUserInteraction: UserInteractionRequired.None,\n skipOpenApp: args.skipOpenApp,\n },\n }),\n });\n }\n\n getAppName(): unknown {\n throw new Error(\"Not implemented\");\n }\n\n getSeedId(): unknown {\n throw new Error(\"Not implemented\");\n }\n\n init(): unknown {\n throw new Error(\"Not implemented\");\n }\n\n parseStream(): unknown {\n throw new Error(\"Not implemented\");\n }\n\n signBlock(): unknown {\n throw new Error(\"Not implemented\");\n }\n\n setTrustedMember(): unknown {\n throw new Error(\"Not implemented\");\n }\n}\n"],
|
|
5
|
+
"mappings": "iOAAA,OAGE,gCAAAA,EACA,2BAAAC,MACK,kCACP,OAAS,UAAAC,EAAQ,cAAAC,MAAkB,YAKnC,OAAS,iBAAAC,MAAqB,0BAE9B,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,qBAAAC,MAAyB,8BAClC,OAAS,4BAAAC,MAAgC,2CAGlC,IAAMC,EAAN,KAAkC,CACvC,YAC8CC,EAG3BC,EAGAC,EAGAC,EACjB,CAV4C,SAAAH,EAG3B,eAAAC,EAGA,mBAAAC,EAGA,oBAAAC,CAChB,CAEH,aAAaC,EAKgB,CAC3B,OAAO,KAAK,IAAI,oBAAoB,CAClC,UAAW,KAAK,UAChB,aAAc,IAAIC,EAAyB,CACzC,MAAO,CACL,eAAgB,KAAK,eACrB,cAAe,KAAK,cACpB,WAAYD,EAAK,WACjB,YAAaA,EAAK,YAClB,QAASA,EAAK,QACd,aAAcA,EAAK,cAAgB,IACrC,CACF,CAAC,CACH,CAAC,CACH,CAEA,WAAWA,EAAwD,CACjE,OAAO,KAAK,IAAI,oBAAoB,CAClC,UAAW,KAAK,UAChB,aAAc,IAAIE,EAA6B,CAC7C,MAAO,CACL,QAAS,IAAIC,EACb,QAAS,cACT,wBAAyBC,EAAwB,KACjD,YAAaJ,EAAK,WACpB,CACF,CAAC,CACH,CAAC,CACH,CAEA,YAAsB,CACpB,MAAM,IAAI,MAAM,iBAAiB,CACnC,CAEA,WAAqB,CACnB,MAAM,IAAI,MAAM,iBAAiB,CACnC,CAEA,MAAgB,CACd,MAAM,IAAI,MAAM,iBAAiB,CACnC,CAEA,aAAuB,CACrB,MAAM,IAAI,MAAM,iBAAiB,CACnC,CAEA,WAAqB,CACnB,MAAM,IAAI,MAAM,iBAAiB,CACnC,CAEA,kBAA4B,CAC1B,MAAM,IAAI,MAAM,iBAAiB,CACnC,CACF,EAxEaL,EAANU,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAc,GAAG,GAExBF,EAAA,EAAAC,EAAOC,EAAc,SAAS,GAG9BF,EAAA,EAAAC,EAAOC,EAAc,aAAa,GAGlCF,EAAA,EAAAC,EAAOE,EAAoB,cAAc,IAVjCf",
|
|
6
|
+
"names": ["SendCommandInAppDeviceAction", "UserInteractionRequired", "inject", "injectable", "externalTypes", "lkrpDatasourceTypes", "GetVersionCommand", "AuthenticateDeviceAction", "LedgerKeyringProtocolBinder", "dmk", "sessionId", "applicationId", "lkrpDataSource", "args", "AuthenticateDeviceAction", "SendCommandInAppDeviceAction", "GetVersionCommand", "UserInteractionRequired", "__decorateClass", "injectable", "__decorateParam", "inject", "externalTypes", "lkrpDatasourceTypes"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{OpenAppDeviceAction as
|
|
1
|
+
import{OpenAppDeviceAction as g,UserInteractionRequired as d,XStateDeviceAction as S}from"@ledgerhq/device-management-kit";import{EitherAsync as m,Left as h,Right as l}from"purify-ts";import{assign as y,fromPromise as p,setup as I}from"xstate";import{LKRPDataSourceError as k,LKRPMissingDataError as D,LKRPTrustchainNotReady as f,LKRPUnauthorizedError as M,LKRPUnknownError as E}from"../../../api/app-binder/Errors";import{SignChallengeWithDeviceTask as v}from"../../app-binder/task/SignChallengeWithDeviceTask";import{SignChallengeWithKeypairTask as K}from"../../app-binder/task/SignChallengeWithKeypairTask";import{eitherSeqRecord as A}from"../../utils/eitherSeqRecord";import{LKRPBlockStream as w}from"../../utils/LKRPBlockStream";import{required as n}from"../../utils/required";import{raiseAndAssign as u}from"./utils/raiseAndAssign";import{AddToTrustchainDeviceAction as P}from"./AddToTrustchainDeviceAction";const T="Ledger Sync";class W extends S{makeStateMachine(c){const{deviceAuth:r,keypairAuth:i,getTrustchain:s,extractEncryptionKey:o}=this.extractDependencies(c);return I({types:{input:{},context:{},output:{}},actors:{openAppStateMachine:new g({input:{appName:T}}).makeStateMachine(c),deviceAuth:p(r),keypairAuth:p(i),getTrustchain:p(s),addToTrustchainStateMachine:new P({input:h(new D("Missing input for GetEncryptionKey"))}).makeStateMachine(c),extractEncryptionKey:p(o)},actions:{assignErrorFromEvent:u(({event:t})=>h(new E(String(t.error))))},guards:{hasNoTrustchainId:({context:t})=>!t.input.trustchainId,isTrustchainMember:({context:t})=>t._internalState.toMaybe().map(e=>e.wasAddedToTrustchain||e.applicationStream?.hasMember(t.input.keypair.pubKeyToHex())).extract()??!1}}).createMachine({id:"AuthenticateDeviceAction",context:({input:t})=>({input:t,intermediateValue:{requiredUserInteraction:d.None},_internalState:l({trustchainId:null,jwt:null,trustchain:null,applicationStream:null,encryptionKey:null,wasAddedToTrustchain:!1})}),initial:"CheckCredentials",states:{CheckCredentials:{always:[{target:"DeviceAuth",guard:"hasNoTrustchainId"},{target:"KeypairAuth"}]},KeypairAuth:{on:{success:"GetTrustchain",invalidCredentials:"DeviceAuth",error:"Error"},invoke:{id:"keypairAuth",src:"keypairAuth",input:({context:t})=>({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,trustchainId:n(t.input.trustchainId,"Missing Trustchain ID in the input")}),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({context:t,event:e})=>e.output.map(({jwt:a})=>({raise:"success",assign:{jwt:a}})).mapLeft(a=>a instanceof k&&a.status==="UNAUTHORIZED"?new M(t.input.trustchainId):a))}}},DeviceAuth:{on:{success:"GetTrustchain",error:"Error"},initial:"OpenApp",states:{OpenApp:{on:{success:"Auth"},invoke:{id:"openApp",src:"openAppStateMachine",input:{appName:T},onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(()=>({raise:"success"})))}}},Auth:{entry:y({intermediateValue:{requiredUserInteraction:"connect-ledger-sync"}}),exit:y({intermediateValue:{requiredUserInteraction:d.None}}),invoke:{id:"deviceAuth",src:"deviceAuth",input:({context:t})=>t.input,onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.chain(e=>e.trustchainId.caseOf({Nothing:()=>h(new f),Just:a=>l({raise:"success",assign:{jwt:e.jwt,trustchainId:a}})})))}}}}},GetTrustchain:{on:{success:"CheckIsMembers",invalidCredentials:"KeypairAuth",error:"Error"},invoke:{id:"getTrustchain",src:"getTrustchain",input:({context:t})=>t._internalState.chain(e=>A({lkrpDataSource:t.input.lkrpDataSource,applicationId:t.input.applicationId,trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for GetTrustchain"),jwt:()=>n(e.jwt,"Missing JWT for GetTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(({trustchain:e,applicationStream:a})=>({raise:"success",assign:{trustchain:e,applicationStream:a}})))}}},CheckIsMembers:{always:[{target:"ExtractEncryptionKey",guard:"isTrustchainMember"},{target:"AddToTrustchain"}]},AddToTrustchain:{on:{success:"GetTrustchain",error:"Error"},invoke:{id:"AddToTrustchain",src:"addToTrustchainStateMachine",input:({context:t})=>t._internalState.mapLeft(()=>new D("Missing data in the input for AddToTrustchain")).chain(e=>A({lkrpDataSource:t.input.lkrpDataSource,keypair:t.input.keypair,clientName:t.input.clientName,permissions:t.input.permissions,jwt:()=>n(e.jwt,"Missing JWT for AddToTrustchain"),trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID for AddToTrustchain"),trustchain:()=>n(e.trustchain,"Missing Trustchain for AddToTrustchain"),applicationStream:()=>n(e.applicationStream,"Missing application stream for AddToTrustchain")})),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(()=>({raise:"success",assign:{wasAddedToTrustchain:!0}})))}}},ExtractEncryptionKey:{on:{success:"Success",error:"Error"},invoke:{id:"ExtractEncryptionKey",src:"extractEncryptionKey",input:({context:t})=>t._internalState.chain(e=>n(e.applicationStream,"Missing application stream for ExtractEncryptionKey").map(a=>({applicationStream:a,keypair:t.input.keypair}))),onError:{actions:"assignErrorFromEvent"},onDone:{actions:u(({event:t})=>t.output.map(e=>({raise:"success",assign:{encryptionKey:e}})))}}},Success:{type:"final"},Error:{type:"final"}},output:({context:t})=>t._internalState.chain(e=>A({trustchainId:()=>n(e.trustchainId??t.input.trustchainId,"Missing Trustchain ID in the output"),jwt:()=>n(e.jwt,"Missing JWT in the output"),applicationPath:()=>n(e.applicationStream?.getPath().extract(),"Missing application path in the output"),encryptionKey:()=>n(e.encryptionKey,"Missing encryption key in the output")}))})}extractDependencies(c){return{deviceAuth:r=>this.auth(r.input.lkrpDataSource,new v(c)).run(),keypairAuth:r=>{const{lkrpDataSource:i,keypair:s}=r.input;return m.liftEither(r.input.trustchainId).chain(o=>this.auth(i,new K(s,o))).run()},getTrustchain:r=>m.liftEither(r.input).chain(({applicationId:i,lkrpDataSource:s,trustchainId:o,jwt:t})=>s.getTrustchainById(o,t).map(e=>({trustchain:e,applicationStream:e[`m/${i}'`]??w.fromPath(`m/0'/${i}'/0'`)}))).run(),extractEncryptionKey:async r=>Promise.resolve(r.input.chain(({applicationStream:i,keypair:s})=>i.getPublishedKey(s).toEither(new E("There is no encryption key for the current member in the application stream."))).map(i=>i.privateKey))}}auth(c,r){return c.getChallenge().chain(i=>r.run(i)).chain(i=>c.authenticate(i))}}export{W as AuthenticateDeviceAction};
|
|
2
2
|
//# sourceMappingURL=AuthenticateDeviceAction.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../src/internal/app-binder/device-action/AuthenticateDeviceAction.ts"],
|
|
4
|
-
"sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPDataSourceError,\n LKRPMissingDataError,\n LKRPTrustchainNotReady,\n LKRPUnauthorizedError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n hasNoJwt: ({ context }) => !context.input.jwt,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\", guard: \"hasNoJwt\" },\n { target: \"GetTrustchain\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ context, event }) =>\n event.output\n .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError &&\n error.status === \"UNAUTHORIZED\"\n ? new LKRPUnauthorizedError(context.input.trustchainId)\n : error,\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () => Left(new LKRPTrustchainNotReady()),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for GetTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for AddToTrustchain\",\n ),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain in the input for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream in the input for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the output\",\n ),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new LKRPUnknownError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
|
|
5
|
-
"mappings": "AAAA,OAGE,uBAAAA,EAEA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YACtD,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAS3C,OACE,uBAAAC,EACA,wBAAAC,EACA,0BAAAC,EACA,yBAAAC,EACA,oBAAAC,MACK,yBAGP,OAAS,+BAAAC,MAAmC,wDAC5C,OAAS,gCAAAC,MAAoC,yDAM7C,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAC/B,OAAS,+BAAAC,MAAmC,gCAE5C,MAAMC,EAAW,cAEV,MAAMC,UAAiCpB,CAM5C,CACA,iBACEqB,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,OAAOf,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAIR,EAAoB,CAC3C,MAAO,CAAE,QAASqB,CAAS,CAC7B,CAAC,EAAE,iBAAiBE,CAAW,EAE/B,WAAYhB,EAAYiB,CAAU,EAClC,YAAajB,EAAYkB,CAAW,EAEpC,cAAelB,EAAYmB,CAAa,EAExC,4BAA6B,IAAIN,EAA4B,CAC3D,MAAOhB,EACL,IAAIM,EAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBa,CAAW,EAE/B,qBAAsBhB,EAAYoB,CAAoB,CACxD,EAEA,QAAS,CACP,qBAAsBR,EACpB,CAAC,CAAE,MAAAS,CAAM,IACPxB,EACE,IAAIS,EACF,OAAQe,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,
|
|
4
|
+
"sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPDataSourceError,\n LKRPMissingDataError,\n LKRPTrustchainNotReady,\n LKRPUnauthorizedError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ context, event }) =>\n event.output\n .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError &&\n error.status === \"UNAUTHORIZED\"\n ? new LKRPUnauthorizedError(context.input.trustchainId)\n : error,\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () => Left(new LKRPTrustchainNotReady()),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for GetTrustchain\",\n ),\n jwt: () =>\n required(state.jwt, \"Missing JWT for GetTrustchain\"),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(state.jwt, \"Missing JWT for AddToTrustchain\"),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID for AddToTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream for ExtractEncryptionKey\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () => required(state.jwt, \"Missing JWT in the output\"),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new LKRPUnknownError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
|
|
5
|
+
"mappings": "AAAA,OAGE,uBAAAA,EAEA,2BAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YACtD,OAAS,UAAAC,EAAQ,eAAAC,EAAa,SAAAC,MAAa,SAS3C,OACE,uBAAAC,EACA,wBAAAC,EACA,0BAAAC,EACA,yBAAAC,EACA,oBAAAC,MACK,yBAGP,OAAS,+BAAAC,MAAmC,wDAC5C,OAAS,gCAAAC,MAAoC,yDAM7C,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,YAAAC,MAAgB,2BAEzB,OAAS,kBAAAC,MAAsB,yBAC/B,OAAS,+BAAAC,MAAmC,gCAE5C,MAAMC,EAAW,cAEV,MAAMC,UAAiCpB,CAM5C,CACA,iBACEqB,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,OAAOf,EAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAIR,EAAoB,CAC3C,MAAO,CAAE,QAASqB,CAAS,CAC7B,CAAC,EAAE,iBAAiBE,CAAW,EAE/B,WAAYhB,EAAYiB,CAAU,EAClC,YAAajB,EAAYkB,CAAW,EAEpC,cAAelB,EAAYmB,CAAa,EAExC,4BAA6B,IAAIN,EAA4B,CAC3D,MAAOhB,EACL,IAAIM,EAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBa,CAAW,EAE/B,qBAAsBhB,EAAYoB,CAAoB,CACxD,EAEA,QAAS,CACP,qBAAsBR,EACpB,CAAC,CAAE,MAAAS,CAAM,IACPxB,EACE,IAAIS,EACF,OAAQe,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB9B,EAAwB,IACnD,EACA,eAAgBI,EAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,aAAc,CAC1B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAwB,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,aAAcX,EACZW,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,QAAAU,EAAS,MAAAD,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiBxB,GACjBwB,EAAM,SAAW,eACb,IAAIrB,EAAsBiB,EAAQ,MAAM,YAAY,EACpDI,CACN,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASZ,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASF,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,MAAOtB,EAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,KAAMA,EAAO,CACX,kBAAmB,CACjB,wBAAyBL,EAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAA4B,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,IAAM9B,EAAK,IAAIO,CAAwB,EAChD,KAAOwB,GACL9B,EAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAK6B,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,IACZX,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,yCACF,EACF,IAAK,IACHX,EAASY,EAAM,IAAK,+BAA+B,CACvD,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASX,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAInB,EACF,+CACF,CACJ,EACC,MAAOoB,GACNd,EAAgB,CACd,eAAgBa,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,IACHX,EAASY,EAAM,IAAK,iCAAiC,EACvD,aAAc,IACZZ,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,2CACF,EACF,WAAY,IACVX,EACEY,EAAM,WACN,wCACF,EACF,kBAAmB,IACjBZ,EACEY,EAAM,kBACN,gDACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASX,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,GAC5BZ,EACEY,EAAM,kBACN,qDACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,QAASV,EAAe,CAAC,CAAE,MAAAS,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,GAC5Bd,EAAgB,CACd,aAAc,IACZE,EACEY,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,IAAMX,EAASY,EAAM,IAAK,2BAA2B,EAC1D,gBAAiB,IACfZ,EACEY,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,IACbZ,EACEY,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAIzB,EAA4BS,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAOpC,EAAY,WAAWoC,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAIzB,EAA6B0B,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWdpC,EAAY,WAAWoC,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChCzB,EAAgB,SAAS,QAAQyB,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI5B,EACF,8EACF,CACF,CACJ,EACC,IAAK8B,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
|
|
6
6
|
"names": ["OpenAppDeviceAction", "UserInteractionRequired", "XStateDeviceAction", "EitherAsync", "Left", "Right", "assign", "fromPromise", "setup", "LKRPDataSourceError", "LKRPMissingDataError", "LKRPTrustchainNotReady", "LKRPUnauthorizedError", "LKRPUnknownError", "SignChallengeWithDeviceTask", "SignChallengeWithKeypairTask", "eitherSeqRecord", "LKRPBlockStream", "required", "raiseAndAssign", "AddToTrustchainDeviceAction", "APP_NAME", "AuthenticateDeviceAction", "internalApi", "deviceAuth", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "context", "state", "input", "jwt", "error", "payload", "trustchainId", "trustchain", "applicationStream", "encryptionKey", "args", "lkrpDataSource", "keypair", "applicationId", "key", "signerTask", "challenge"]
|
|
7
7
|
}
|
package/lib/esm/internal/di.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{Container as
|
|
1
|
+
import{Container as c}from"inversify";import{LKRPEnv as n}from"../api/index";import{appBindingModuleFactory as m}from"./app-binder/di/appBinderModule";import{lkrpDatasourceModuleFactory as d}from"./lkrp-datasource/di/lkrpDatasourceModuleFactory";import{useCasesModuleFactory as l}from"./use-cases/di/useCasesModule";import{externalTypes as t}from"./externalTypes";const y=({dmk:o,sessionId:a,applicationId:i,env:r=n.PROD,baseUrl:s,stub:p})=>{const e=new c;return e.bind(t.Dmk).toConstantValue(o),e.bind(t.SessionId).toConstantValue(a),e.bind(t.ApplicationId).toConstantValue(i),e.loadSync(m(),d({baseUrl:s??u.get(r),stub:p}),l()),e},u=new Map([[n.PROD,"https://trustchain.api.live.ledger.com/v1"],[n.STAGING,"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1"]]);export{y as makeContainer};
|
|
2
2
|
//# sourceMappingURL=di.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/internal/di.ts"],
|
|
4
|
-
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n dmk: DeviceManagementKit;\n sessionId: DeviceSessionId;\n baseUrl?: string; // Optional base URL for the LKRP network requests\n stub?: boolean;\n};\n\nexport const makeContainer = ({\n dmk,\n sessionId,\n baseUrl,\n stub,\n}: MakeContainerProps) => {\n const container = new Container();\n\n container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n container\n .bind<DeviceSessionId>(externalTypes.SessionId)\n .toConstantValue(sessionId);\n\n container.loadSync(\n appBindingModuleFactory(),\n lkrpDatasourceModuleFactory({ baseUrl
|
|
5
|
-
"mappings": "AAIA,OAAS,aAAAA,MAAiB,YAE1B,OAAS,2BAAAC,MAA+B,0CAExC,OAAS,+BAAAC,MAAmC,mDAC5C,OAAS,yBAAAC,MAA6B,gCACtC,OAAS,iBAAAC,MAAqB,
|
|
6
|
-
"names": ["Container", "appBindingModuleFactory", "lkrpDatasourceModuleFactory", "useCasesModuleFactory", "externalTypes", "makeContainer", "dmk", "sessionId", "baseUrl", "stub", "container"]
|
|
4
|
+
"sourcesContent": ["import {\n type DeviceManagementKit,\n type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { LKRPEnv } from \"@api/index\";\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n dmk: DeviceManagementKit;\n sessionId: DeviceSessionId;\n applicationId: number;\n env?: LKRPEnv;\n baseUrl?: string; // Optional base URL for the LKRP network requests\n stub?: boolean;\n};\n\nexport const makeContainer = ({\n dmk,\n sessionId,\n applicationId,\n env = LKRPEnv.PROD,\n baseUrl,\n stub,\n}: MakeContainerProps) => {\n const container = new Container();\n\n container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n container\n .bind<DeviceSessionId>(externalTypes.SessionId)\n .toConstantValue(sessionId);\n container.bind(externalTypes.ApplicationId).toConstantValue(applicationId);\n\n container.loadSync(\n appBindingModuleFactory(),\n lkrpDatasourceModuleFactory({\n baseUrl: baseUrl ?? lkrpBaseUrlMap.get(env),\n stub,\n }),\n useCasesModuleFactory(),\n );\n\n return container;\n};\n\nconst lkrpBaseUrlMap = new Map<LKRPEnv, string>([\n [LKRPEnv.PROD, \"https://trustchain.api.live.ledger.com/v1\"],\n [LKRPEnv.STAGING, \"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1\"],\n]);\n"],
|
|
5
|
+
"mappings": "AAIA,OAAS,aAAAA,MAAiB,YAE1B,OAAS,WAAAC,MAAe,aACxB,OAAS,2BAAAC,MAA+B,0CAExC,OAAS,+BAAAC,MAAmC,mDAC5C,OAAS,yBAAAC,MAA6B,gCACtC,OAAS,iBAAAC,MAAqB,kBAWvB,MAAMC,EAAgB,CAAC,CAC5B,IAAAC,EACA,UAAAC,EACA,cAAAC,EACA,IAAAC,EAAMT,EAAQ,KACd,QAAAU,EACA,KAAAC,CACF,IAA0B,CACxB,MAAMC,EAAY,IAAIb,EAEtB,OAAAa,EAAU,KAA0BR,EAAc,GAAG,EAAE,gBAAgBE,CAAG,EAC1EM,EACG,KAAsBR,EAAc,SAAS,EAC7C,gBAAgBG,CAAS,EAC5BK,EAAU,KAAKR,EAAc,aAAa,EAAE,gBAAgBI,CAAa,EAEzEI,EAAU,SACRX,EAAwB,EACxBC,EAA4B,CAC1B,QAASQ,GAAWG,EAAe,IAAIJ,CAAG,EAC1C,KAAAE,CACF,CAAC,EACDR,EAAsB,CACxB,EAEOS,CACT,EAEMC,EAAiB,IAAI,IAAqB,CAC9C,CAACb,EAAQ,KAAM,2CAA2C,EAC1D,CAACA,EAAQ,QAAS,wDAAwD,CAC5E,CAAC",
|
|
6
|
+
"names": ["Container", "LKRPEnv", "appBindingModuleFactory", "lkrpDatasourceModuleFactory", "useCasesModuleFactory", "externalTypes", "makeContainer", "dmk", "sessionId", "applicationId", "env", "baseUrl", "stub", "container", "lkrpBaseUrlMap"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
const r={Dmk:Symbol.for("Dmk"),SessionId:Symbol.for("SessionId")};export{r as externalTypes};
|
|
1
|
+
const r={Dmk:Symbol.for("Dmk"),SessionId:Symbol.for("SessionId"),ApplicationId:Symbol.for("ApplicationId")};export{r as externalTypes};
|
|
2
2
|
//# sourceMappingURL=externalTypes.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/internal/externalTypes.ts"],
|
|
4
|
-
"sourcesContent": ["export const externalTypes = {\n Dmk: Symbol.for(\"Dmk\"),\n SessionId: Symbol.for(\"SessionId\"),\n};\n\nexport type TrustedProperty = {\n iv: Uint8Array;\n issuer: Uint8Array;\n xpriv: Uint8Array;\n ephemeralPubKey: Uint8Array;\n commandIV: Uint8Array;\n groupKey: Uint8Array;\n newMember: Uint8Array;\n};\n"],
|
|
5
|
-
"mappings": "AAAO,MAAMA,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,UAAW,OAAO,IAAI,WAAW,
|
|
4
|
+
"sourcesContent": ["export const externalTypes = {\n Dmk: Symbol.for(\"Dmk\"),\n SessionId: Symbol.for(\"SessionId\"),\n ApplicationId: Symbol.for(\"ApplicationId\"),\n};\n\nexport type TrustedProperty = {\n iv: Uint8Array;\n issuer: Uint8Array;\n xpriv: Uint8Array;\n ephemeralPubKey: Uint8Array;\n commandIV: Uint8Array;\n groupKey: Uint8Array;\n newMember: Uint8Array;\n};\n"],
|
|
5
|
+
"mappings": "AAAO,MAAMA,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,UAAW,OAAO,IAAI,WAAW,EACjC,cAAe,OAAO,IAAI,eAAe,CAC3C",
|
|
6
6
|
"names": ["externalTypes"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
var
|
|
1
|
+
var d=Object.defineProperty;var S=Object.getOwnPropertyDescriptor;var g=(i,t,e,r)=>{for(var s=r>1?void 0:r?S(t,e):t,a=i.length-1,n;a>=0;a--)(n=i[a])&&(s=(r?n(t,e,s):n(s))||s);return r&&s&&d(t,e,s),s},f=(i,t)=>(e,r)=>t(e,r,i);import{inject as y,injectable as R}from"inversify";import{EitherAsync as m,Just as c,Left as T,Maybe as b,Nothing as l,Right as p}from"purify-ts";import{LKRPDataSourceError as k}from"../../../api/app-binder/Errors";import{lkrpDatasourceTypes as L}from"../../lkrp-datasource/di/lkrpDatasourceTypes";import{LKRPBlockStream as N}from"../../utils/LKRPBlockStream";let u=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",l)}authenticate(t){return this.request("/authenticate",l,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:b.fromNullable(Object.keys(e.permissions).find(r=>!!e.permissions[r]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,c(e)).map(r=>Object.fromEntries(Object.entries(r).map(([s,a])=>[s,N.fromHex(a)])))}postDerivation(t,e,r){return this.request(`/trustchain/${t}/derivation`,c(r),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,r,s){return this.request(`/trustchain/${t}/commands`,c(s),{method:"PUT",body:JSON.stringify({path:e,blocks:[r.toString()]})})}request(t,e,r){const s=this.baseUrl+t,a={...r?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:n})=>({Authorization:`Bearer ${n}`}),{})};return m(()=>fetch(s,{...r,headers:a})).mapLeft(n=>({status:"UNKNOWN",message:h(n)})).chain(async n=>{switch(n.status){case 204:return p(void 0);default:return m(()=>n.json()).mapLeft(h).map(o=>n.ok?p(o):T(h(o))).chain(m.liftEither).mapLeft(o=>({status:O.get(n.status)??"UNKNOWN",message:`[${n.status}] ${o||n.statusText}`}))}}).mapLeft(({status:n,message:o})=>new k({status:n,message:`${o||"Unknown error"} (from: ${s})`}))}};u=g([R(),f(0,y(L.BaseUrl))],u);const O=new Map([[400,"BAD_REQUEST"],[401,"UNAUTHORIZED"]]);function h(i){if(i){if(typeof i!="object"||i.toString!=={}.toString)return String(i);if("message"in i)return String(i.message)}}export{u as HttpLKRPDataSource};
|
|
2
2
|
//# sourceMappingURL=HttpLKRPDataSource.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.ts"],
|
|
4
|
-
"sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Left, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n LKRPDataSourceErrorStatus,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n AuthenticationPayload,\n Challenge,\n LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n constructor(\n @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n ) {}\n\n getChallenge() {\n return this.request<Challenge>(\"/challenge\", Nothing);\n }\n\n authenticate(payload: AuthenticationPayload) {\n return this.request<JWT>(\"/authenticate\", Nothing, {\n method: \"POST\",\n body: JSON.stringify(payload),\n }).map((jwt) => ({\n jwt,\n trustchainId: Maybe.fromNullable(\n Object.keys(jwt.permissions).find((id) =>\n Boolean(jwt.permissions[id]?.[\"m/\"]),\n ),\n ),\n }));\n }\n\n getTrustchainById(id: string, jwt: JWT) {\n return this.request<{ [path: string]: string }>(\n `/trustchain/${id}`,\n Just(jwt),\n ).map((serialized) =>\n Object.fromEntries(\n Object.entries(serialized).map(([path, stream]) => [\n path,\n LKRPBlockStream.fromHex(stream),\n ]),\n ),\n );\n }\n\n postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n method: \"POST\",\n body: JSON.stringify(block.toString()),\n });\n }\n\n putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n method: \"PUT\",\n body: JSON.stringify({ path, blocks: [block.toString()] }),\n });\n }\n\n private request<Res>(\n endpoint: `/${string}`,\n jwt: Maybe<{ access_token: string }>,\n init?: RequestInit,\n ): EitherAsync<LKRPDataSourceError, Res> {\n const href = this.baseUrl + endpoint;\n const headers = {\n ...init?.headers,\n \"Content-Type\": \"application/json\",\n ...jwt.mapOrDefault<{ Authorization?: string }>(\n ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n {},\n ),\n };\n\n return EitherAsync(() => fetch(href, { ...init, headers }))\n .mapLeft((err) => ({\n status: \"UNKNOWN\" as const,\n message: (err
|
|
5
|
-
"mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YACnC,OAAS,eAAAC,EAAa,QAAAC,EAAM,QAAAC,EAAM,SAAAC,EAAO,WAAAC,EAAS,SAAAC,MAAa,YAE/D,OACE,uBAAAC,MAEK,yBAEP,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,mBAAAC,MAAuB,kCASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAcC,CAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiBD,EAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUC,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAcC,EAAM,aAClB,OAAO,KAAKD,EAAI,WAAW,EAAE,KAAME,GACjC,EAAQF,EAAI,YAAYE,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYF,EAAU,CACtC,OAAO,KAAK,QACV,eAAeE,CAAE,GACjBC,EAAKH,CAAG,CACV,EAAE,IAAKI,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACAE,EAAgB,QAAQD,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeJ,EAAYM,EAAkBR,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeE,CAAE,cAAeC,EAAKH,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUQ,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYN,EAAYG,EAAcG,EAAkBR,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeE,CAAE,YAAaC,EAAKH,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAK,EAAM,OAAQ,CAACG,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAT,EACAU,EACuC,CACvC,MAAMC,EAAO,KAAK,QAAUF,EACtBG,EAAU,CACd,GAAGF,GAAM,QACT,eAAgB,mBAChB,GAAGV,EAAI,aACL,CAAC,CAAE,aAAAa,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,EAEA,OAAOC,EAAY,IAAM,MAAMH,EAAM,CAAE,GAAGD,EAAM,QAAAE,CAAQ,CAAC,CAAC,EACvD,QAASG,IAAS,CACjB,OAAQ,UACR,
|
|
6
|
-
"names": ["inject", "injectable", "EitherAsync", "Just", "Left", "Maybe", "Nothing", "Right", "LKRPDataSourceError", "lkrpDatasourceTypes", "LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "Nothing", "payload", "jwt", "Maybe", "id", "Just", "serialized", "path", "stream", "LKRPBlockStream", "block", "endpoint", "init", "href", "headers", "access_token", "EitherAsync", "err", "response", "Right", "data", "Left", "message", "statusMap", "status", "LKRPDataSourceError", "__decorateClass", "injectable", "__decorateParam", "inject", "lkrpDatasourceTypes"]
|
|
4
|
+
"sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Left, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n LKRPDataSourceErrorStatus,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n AuthenticationPayload,\n Challenge,\n LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n constructor(\n @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n ) {}\n\n getChallenge() {\n return this.request<Challenge>(\"/challenge\", Nothing);\n }\n\n authenticate(payload: AuthenticationPayload) {\n return this.request<JWT>(\"/authenticate\", Nothing, {\n method: \"POST\",\n body: JSON.stringify(payload),\n }).map((jwt) => ({\n jwt,\n trustchainId: Maybe.fromNullable(\n Object.keys(jwt.permissions).find((id) =>\n Boolean(jwt.permissions[id]?.[\"m/\"]),\n ),\n ),\n }));\n }\n\n getTrustchainById(id: string, jwt: JWT) {\n return this.request<{ [path: string]: string }>(\n `/trustchain/${id}`,\n Just(jwt),\n ).map((serialized) =>\n Object.fromEntries(\n Object.entries(serialized).map(([path, stream]) => [\n path,\n LKRPBlockStream.fromHex(stream),\n ]),\n ),\n );\n }\n\n postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n method: \"POST\",\n body: JSON.stringify(block.toString()),\n });\n }\n\n putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n method: \"PUT\",\n body: JSON.stringify({ path, blocks: [block.toString()] }),\n });\n }\n\n private request<Res>(\n endpoint: `/${string}`,\n jwt: Maybe<{ access_token: string }>,\n init?: RequestInit,\n ): EitherAsync<LKRPDataSourceError, Res> {\n const href = this.baseUrl + endpoint;\n const headers = {\n ...init?.headers,\n \"Content-Type\": \"application/json\",\n ...jwt.mapOrDefault<{ Authorization?: string }>(\n ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n {},\n ),\n };\n\n return EitherAsync(() => fetch(href, { ...init, headers }))\n .mapLeft((err) => ({\n status: \"UNKNOWN\" as const,\n message: errToString(err),\n }))\n .chain(async (response) => {\n switch (response.status) {\n case 204:\n return Right(undefined as Res);\n\n default:\n return EitherAsync(() => response.json())\n .mapLeft(errToString)\n .map((data) =>\n response.ok ? Right(data as Res) : Left(errToString(data)),\n )\n .chain(EitherAsync.liftEither)\n .mapLeft((message) => ({\n status: statusMap.get(response.status) ?? \"UNKNOWN\",\n message: `[${response.status}] ${message || response.statusText}`,\n }));\n }\n })\n .mapLeft(\n ({ status, message }) =>\n new LKRPDataSourceError({\n status,\n message: `${message || \"Unknown error\"} (from: ${href})`,\n }),\n );\n }\n}\n\nconst statusMap = new Map<unknown, LKRPDataSourceErrorStatus>([\n [400, \"BAD_REQUEST\"],\n [401, \"UNAUTHORIZED\"],\n]);\n\nfunction errToString(error: unknown): string | void {\n if (!error) return undefined;\n if (typeof error !== \"object\") return String(error);\n if (error.toString !== {}.toString) return String(error);\n if (\"message\" in error) return String(error.message);\n}\n"],
|
|
5
|
+
"mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YACnC,OAAS,eAAAC,EAAa,QAAAC,EAAM,QAAAC,EAAM,SAAAC,EAAO,WAAAC,EAAS,SAAAC,MAAa,YAE/D,OACE,uBAAAC,MAEK,yBAEP,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,mBAAAC,MAAuB,kCASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAcC,CAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiBD,EAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUC,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAcC,EAAM,aAClB,OAAO,KAAKD,EAAI,WAAW,EAAE,KAAME,GACjC,EAAQF,EAAI,YAAYE,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYF,EAAU,CACtC,OAAO,KAAK,QACV,eAAeE,CAAE,GACjBC,EAAKH,CAAG,CACV,EAAE,IAAKI,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACAE,EAAgB,QAAQD,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeJ,EAAYM,EAAkBR,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeE,CAAE,cAAeC,EAAKH,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUQ,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYN,EAAYG,EAAcG,EAAkBR,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeE,CAAE,YAAaC,EAAKH,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAK,EAAM,OAAQ,CAACG,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAT,EACAU,EACuC,CACvC,MAAMC,EAAO,KAAK,QAAUF,EACtBG,EAAU,CACd,GAAGF,GAAM,QACT,eAAgB,mBAChB,GAAGV,EAAI,aACL,CAAC,CAAE,aAAAa,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,EAEA,OAAOC,EAAY,IAAM,MAAMH,EAAM,CAAE,GAAGD,EAAM,QAAAE,CAAQ,CAAC,CAAC,EACvD,QAASG,IAAS,CACjB,OAAQ,UACR,QAASC,EAAYD,CAAG,CAC1B,EAAE,EACD,MAAM,MAAOE,GAAa,CACzB,OAAQA,EAAS,OAAQ,CACvB,IAAK,KACH,OAAOC,EAAM,MAAgB,EAE/B,QACE,OAAOJ,EAAY,IAAMG,EAAS,KAAK,CAAC,EACrC,QAAQD,CAAW,EACnB,IAAKG,GACJF,EAAS,GAAKC,EAAMC,CAAW,EAAIC,EAAKJ,EAAYG,CAAI,CAAC,CAC3D,EACC,MAAML,EAAY,UAAU,EAC5B,QAASO,IAAa,CACrB,OAAQC,EAAU,IAAIL,EAAS,MAAM,GAAK,UAC1C,QAAS,IAAIA,EAAS,MAAM,KAAKI,GAAWJ,EAAS,UAAU,EACjE,EAAE,CACR,CACF,CAAC,EACA,QACC,CAAC,CAAE,OAAAM,EAAQ,QAAAF,CAAQ,IACjB,IAAIG,EAAoB,CACtB,OAAAD,EACA,QAAS,GAAGF,GAAW,eAAe,WAAWV,CAAI,GACvD,CAAC,CACL,CACJ,CACF,EAjGaf,EAAN6B,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAoB,OAAO,IAF1BjC,GAmGb,MAAM0B,EAAY,IAAI,IAAwC,CAC5D,CAAC,IAAK,aAAa,EACnB,CAAC,IAAK,cAAc,CACtB,CAAC,EAED,SAASN,EAAYc,EAA+B,CAClD,GAAKA,EAEL,IADI,OAAOA,GAAU,UACjBA,EAAM,WAAa,CAAC,EAAE,SAAU,OAAO,OAAOA,CAAK,EACvD,GAAI,YAAaA,EAAO,OAAO,OAAOA,EAAM,OAAO,EACrD",
|
|
6
|
+
"names": ["inject", "injectable", "EitherAsync", "Just", "Left", "Maybe", "Nothing", "Right", "LKRPDataSourceError", "lkrpDatasourceTypes", "LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "Nothing", "payload", "jwt", "Maybe", "id", "Just", "serialized", "path", "stream", "LKRPBlockStream", "block", "endpoint", "init", "href", "headers", "access_token", "EitherAsync", "err", "errToString", "response", "Right", "data", "Left", "message", "statusMap", "status", "LKRPDataSourceError", "__decorateClass", "injectable", "__decorateParam", "inject", "lkrpDatasourceTypes", "error"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
var g=Object.defineProperty;var s=Object.getOwnPropertyDescriptor;var c=(
|
|
1
|
+
var g=Object.defineProperty;var s=Object.getOwnPropertyDescriptor;var c=(p,r,o,e)=>{for(var i=e>1?void 0:e?s(r,o):r,n=p.length-1,m;n>=0;n--)(m=p[n])&&(i=(e?m(r,o,i):m(i))||i);return e&&i&&g(r,o,i),i},d=(p,r)=>(o,e)=>r(o,e,p);import{inject as y,injectable as a}from"inversify";import{appBinderTypes as B}from"../../app-binder/di/appBinderTypes";let t=class{constructor(r){this.appBinder=r}execute(r,o,e,i){return this.appBinder.authenticate({keypair:r,clientName:o,permissions:e,trustchainId:i})}};t=c([a(),d(0,y(B.AppBinding))],t);export{t as AuthenticateUseCase};
|
|
2
2
|
//# sourceMappingURL=AuthenticateUseCase.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../src/internal/use-cases/authentication/AuthenticateUseCase.ts"],
|
|
4
|
-
"sourcesContent": ["import { inject, injectable } from \"inversify\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {
|
|
5
|
-
"mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YAInC,OAAS,kBAAAC,MAAsB,yCAIxB,IAAMC,EAAN,KAA0B,CAC/B,YAEUC,EACR,CADQ,eAAAA,CACP,CAEH,QACEC,EACAC,EACAC,EACAC,
|
|
6
|
-
"names": ["inject", "injectable", "appBinderTypes", "AuthenticateUseCase", "appBinder", "keypair", "
|
|
4
|
+
"sourcesContent": ["import { inject, injectable } from \"inversify\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { Keypair, Permissions } from \"@api/app-binder/LKRPTypes\";\nimport { appBinderTypes } from \"@internal/app-binder/di/appBinderTypes\";\nimport { LedgerKeyringProtocolBinder } from \"@internal/app-binder/LedgerKeyringProtocolBinder\";\n\n@injectable()\nexport class AuthenticateUseCase {\n constructor(\n @inject(appBinderTypes.AppBinding)\n private appBinder: LedgerKeyringProtocolBinder,\n ) {}\n\n execute(\n keypair: Keypair,\n clientName: string,\n permissions: Permissions,\n trustchainId?: string,\n ): AuthenticateDAReturnType {\n return this.appBinder.authenticate({\n keypair,\n clientName,\n permissions,\n trustchainId,\n });\n }\n}\n"],
|
|
5
|
+
"mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YAInC,OAAS,kBAAAC,MAAsB,yCAIxB,IAAMC,EAAN,KAA0B,CAC/B,YAEUC,EACR,CADQ,eAAAA,CACP,CAEH,QACEC,EACAC,EACAC,EACAC,EAC0B,CAC1B,OAAO,KAAK,UAAU,aAAa,CACjC,QAAAH,EACA,WAAAC,EACA,YAAAC,EACA,aAAAC,CACF,CAAC,CACH,CACF,EAnBaL,EAANM,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAe,UAAU,IAFxBV",
|
|
6
|
+
"names": ["inject", "injectable", "appBinderTypes", "AuthenticateUseCase", "appBinder", "keypair", "clientName", "permissions", "trustchainId", "__decorateClass", "injectable", "__decorateParam", "inject", "appBinderTypes"]
|
|
7
7
|
}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
function
|
|
1
|
+
import{bufferToHexaString as t,hexaStringToBuffer as e}from"@ledgerhq/device-management-kit";function i(r){return e(r)??new Uint8Array}function o(r){return t(r).slice(2)}export{o as bytesToHex,i as hexToBytes};
|
|
2
2
|
//# sourceMappingURL=hex.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/internal/utils/hex.ts"],
|
|
4
|
-
"sourcesContent": ["
|
|
5
|
-
"mappings": "
|
|
6
|
-
"names": ["hexToBytes", "hex", "bytesToHex", "bytes"]
|
|
4
|
+
"sourcesContent": ["import {\n bufferToHexaString,\n hexaStringToBuffer,\n} from \"@ledgerhq/device-management-kit\";\n\nexport function hexToBytes(hex: string): Uint8Array {\n return hexaStringToBuffer(hex) ?? new Uint8Array();\n}\n\nexport function bytesToHex(bytes: Uint8Array): string {\n return bufferToHexaString(bytes).slice(2); // Remove the \"0x\" prefix\n}\n"],
|
|
5
|
+
"mappings": "AAAA,OACE,sBAAAA,EACA,sBAAAC,MACK,kCAEA,SAASC,EAAWC,EAAyB,CAClD,OAAOF,EAAmBE,CAAG,GAAK,IAAI,UACxC,CAEO,SAASC,EAAWC,EAA2B,CACpD,OAAOL,EAAmBK,CAAK,EAAE,MAAM,CAAC,CAC1C",
|
|
6
|
+
"names": ["bufferToHexaString", "hexaStringToBuffer", "hexToBytes", "hex", "bytesToHex", "bytes"]
|
|
7
7
|
}
|
package/lib/esm/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { type AuthenticateDAReturnType } from "./app-binder/AuthenticateDeviceActionTypes";
|
|
2
|
-
import { type
|
|
2
|
+
import { type Keypair, type Permissions } from "./app-binder/LKRPTypes";
|
|
3
3
|
export interface LedgerKeyringProtocol {
|
|
4
|
-
authenticate: (keypair: Keypair,
|
|
4
|
+
authenticate: (keypair: Keypair, clientName: string, permissions: Permissions, trustchainId?: string) => AuthenticateDAReturnType;
|
|
5
5
|
encryptData: (xpriv: Uint8Array, data: Uint8Array) => Uint8Array;
|
|
6
6
|
decryptData: (xpriv: Uint8Array, data: Uint8Array) => Uint8Array;
|
|
7
7
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LedgerKeyringProtocol.d.ts","sourceRoot":"","sources":["../../../src/api/LedgerKeyringProtocol.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,wBAAwB,EAAE,MAAM,4CAA4C,CAAC;AAC3F,OAAO,
|
|
1
|
+
{"version":3,"file":"LedgerKeyringProtocol.d.ts","sourceRoot":"","sources":["../../../src/api/LedgerKeyringProtocol.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,wBAAwB,EAAE,MAAM,4CAA4C,CAAC;AAC3F,OAAO,EAAE,KAAK,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAExE,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,CACZ,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,WAAW,EACxB,YAAY,CAAC,EAAE,MAAM,KAClB,wBAAwB,CAAC;IAE9B,WAAW,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,KAAK,UAAU,CAAC;IAEjE,WAAW,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,KAAK,UAAU,CAAC;CAClE"}
|
|
@@ -1,13 +1,18 @@
|
|
|
1
1
|
import { type DeviceManagementKit, type DeviceSessionId } from "@ledgerhq/device-management-kit";
|
|
2
2
|
import { type LedgerKeyringProtocol } from "./LedgerKeyringProtocol";
|
|
3
|
+
import { type LKRPEnv } from "./app-binder/LKRPTypes";
|
|
3
4
|
export declare class LedgerKeyringProtocolBuilder {
|
|
4
5
|
private readonly dmk;
|
|
5
6
|
private readonly sessionId;
|
|
6
|
-
private readonly
|
|
7
|
-
|
|
7
|
+
private readonly applicationId;
|
|
8
|
+
private readonly env?;
|
|
9
|
+
private readonly baseUrl?;
|
|
10
|
+
constructor(args: {
|
|
8
11
|
dmk: DeviceManagementKit;
|
|
9
12
|
sessionId: DeviceSessionId;
|
|
10
|
-
|
|
13
|
+
applicationId: number;
|
|
14
|
+
env?: LKRPEnv;
|
|
15
|
+
baseUrl?: string;
|
|
11
16
|
});
|
|
12
17
|
build(): LedgerKeyringProtocol;
|
|
13
18
|
}
|