@metamask-previews/eip1193-permission-middleware 0.1.0-preview-b69c669

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/CHANGELOG.md +17 -0
  2. package/LICENSE +20 -0
  3. package/README.md +15 -0
  4. package/dist/index.cjs +10 -0
  5. package/dist/index.cjs.map +1 -0
  6. package/dist/index.d.cts +4 -0
  7. package/dist/index.d.cts.map +1 -0
  8. package/dist/index.d.mts +4 -0
  9. package/dist/index.d.mts.map +1 -0
  10. package/dist/index.mjs +4 -0
  11. package/dist/index.mjs.map +1 -0
  12. package/dist/types.cjs +19 -0
  13. package/dist/types.cjs.map +1 -0
  14. package/dist/types.d.cts +11 -0
  15. package/dist/types.d.cts.map +1 -0
  16. package/dist/types.d.mts +11 -0
  17. package/dist/types.d.mts.map +1 -0
  18. package/dist/types.mjs +16 -0
  19. package/dist/types.mjs.map +1 -0
  20. package/dist/wallet-getPermissions.cjs +66 -0
  21. package/dist/wallet-getPermissions.cjs.map +1 -0
  22. package/dist/wallet-getPermissions.d.cts +32 -0
  23. package/dist/wallet-getPermissions.d.cts.map +1 -0
  24. package/dist/wallet-getPermissions.d.mts +32 -0
  25. package/dist/wallet-getPermissions.d.mts.map +1 -0
  26. package/dist/wallet-getPermissions.mjs +63 -0
  27. package/dist/wallet-getPermissions.mjs.map +1 -0
  28. package/dist/wallet-requestPermissions.cjs +93 -0
  29. package/dist/wallet-requestPermissions.cjs.map +1 -0
  30. package/dist/wallet-requestPermissions.d.cts +37 -0
  31. package/dist/wallet-requestPermissions.d.cts.map +1 -0
  32. package/dist/wallet-requestPermissions.d.mts +37 -0
  33. package/dist/wallet-requestPermissions.d.mts.map +1 -0
  34. package/dist/wallet-requestPermissions.mjs +91 -0
  35. package/dist/wallet-requestPermissions.mjs.map +1 -0
  36. package/dist/wallet-revokePermissions.cjs +52 -0
  37. package/dist/wallet-revokePermissions.cjs.map +1 -0
  38. package/dist/wallet-revokePermissions.d.cts +27 -0
  39. package/dist/wallet-revokePermissions.d.cts.map +1 -0
  40. package/dist/wallet-revokePermissions.d.mts +27 -0
  41. package/dist/wallet-revokePermissions.d.mts.map +1 -0
  42. package/dist/wallet-revokePermissions.mjs +49 -0
  43. package/dist/wallet-revokePermissions.mjs.map +1 -0
  44. package/package.json +75 -0
package/CHANGELOG.md ADDED
@@ -0,0 +1,17 @@
1
+ # Changelog
2
+
3
+ All notable changes to this project will be documented in this file.
4
+
5
+ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6
+ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
+
8
+ ## [Unreleased]
9
+
10
+ ## [0.1.0]
11
+
12
+ ### Added
13
+
14
+ - Initial release
15
+
16
+ [Unreleased]: https://github.com/MetaMask/core/compare/@metamask/eip1193-permission-middleware@0.1.0...HEAD
17
+ [0.1.0]: https://github.com/MetaMask/core/releases/tag/@metamask/eip1193-permission-middleware@0.1.0
package/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2025 MetaMask
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
package/README.md ADDED
@@ -0,0 +1,15 @@
1
+ # `@metamask/eip1193-permission-middleware`
2
+
3
+ Implements the JSON-RPC methods for managing permissions as referenced in [EIP-2255](https://eips.ethereum.org/EIPS/eip-2255) and [MIP-2](https://github.com/MetaMask/metamask-improvement-proposals/blob/main/MIPs/mip-2.md), but adapted to support [chain-agnostic permission caveats](https://npmjs.com/package/@metamask/chain-agnostic-permission).
4
+
5
+ ## Installation
6
+
7
+ `yarn add @metamask/eip1193-permission-middleware`
8
+
9
+ or
10
+
11
+ `npm install @metamask/eip1193-permission-middleware`
12
+
13
+ ## Contributing
14
+
15
+ This package is part of a monorepo. Instructions for contributing can be found in the [monorepo README](https://github.com/MetaMask/core#readme).
package/dist/index.cjs ADDED
@@ -0,0 +1,10 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.revokePermissionsHandler = exports.requestPermissionsHandler = exports.getPermissionsHandler = void 0;
4
+ var wallet_getPermissions_1 = require("./wallet-getPermissions.cjs");
5
+ Object.defineProperty(exports, "getPermissionsHandler", { enumerable: true, get: function () { return wallet_getPermissions_1.getPermissionsHandler; } });
6
+ var wallet_requestPermissions_1 = require("./wallet-requestPermissions.cjs");
7
+ Object.defineProperty(exports, "requestPermissionsHandler", { enumerable: true, get: function () { return wallet_requestPermissions_1.requestPermissionsHandler; } });
8
+ var wallet_revokePermissions_1 = require("./wallet-revokePermissions.cjs");
9
+ Object.defineProperty(exports, "revokePermissionsHandler", { enumerable: true, get: function () { return wallet_revokePermissions_1.revokePermissionsHandler; } });
10
+ //# sourceMappingURL=index.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.cjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,qEAAgE;AAAvD,8HAAA,qBAAqB,OAAA;AAC9B,6EAAwE;AAA/D,sIAAA,yBAAyB,OAAA;AAClC,2EAAsE;AAA7D,oIAAA,wBAAwB,OAAA","sourcesContent":["export { getPermissionsHandler } from './wallet-getPermissions';\nexport { requestPermissionsHandler } from './wallet-requestPermissions';\nexport { revokePermissionsHandler } from './wallet-revokePermissions';\n"]}
@@ -0,0 +1,4 @@
1
+ export { getPermissionsHandler } from "./wallet-getPermissions.cjs";
2
+ export { requestPermissionsHandler } from "./wallet-requestPermissions.cjs";
3
+ export { revokePermissionsHandler } from "./wallet-revokePermissions.cjs";
4
+ //# sourceMappingURL=index.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC"}
@@ -0,0 +1,4 @@
1
+ export { getPermissionsHandler } from "./wallet-getPermissions.mjs";
2
+ export { requestPermissionsHandler } from "./wallet-requestPermissions.mjs";
3
+ export { revokePermissionsHandler } from "./wallet-revokePermissions.mjs";
4
+ //# sourceMappingURL=index.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC"}
package/dist/index.mjs ADDED
@@ -0,0 +1,4 @@
1
+ export { getPermissionsHandler } from "./wallet-getPermissions.mjs";
2
+ export { requestPermissionsHandler } from "./wallet-requestPermissions.mjs";
3
+ export { revokePermissionsHandler } from "./wallet-revokePermissions.mjs";
4
+ //# sourceMappingURL=index.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC","sourcesContent":["export { getPermissionsHandler } from './wallet-getPermissions';\nexport { requestPermissionsHandler } from './wallet-requestPermissions';\nexport { revokePermissionsHandler } from './wallet-revokePermissions';\n"]}
package/dist/types.cjs ADDED
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+ // There is no logic in this file.
3
+ /* istanbul ignore file */
4
+ Object.defineProperty(exports, "__esModule", { value: true });
5
+ exports.RestrictedMethods = exports.EndowmentTypes = exports.CaveatTypes = void 0;
6
+ var CaveatTypes;
7
+ (function (CaveatTypes) {
8
+ CaveatTypes["RestrictReturnedAccounts"] = "restrictReturnedAccounts";
9
+ CaveatTypes["RestrictNetworkSwitching"] = "restrictNetworkSwitching";
10
+ })(CaveatTypes || (exports.CaveatTypes = CaveatTypes = {}));
11
+ var EndowmentTypes;
12
+ (function (EndowmentTypes) {
13
+ EndowmentTypes["PermittedChains"] = "endowment:permitted-chains";
14
+ })(EndowmentTypes || (exports.EndowmentTypes = EndowmentTypes = {}));
15
+ var RestrictedMethods;
16
+ (function (RestrictedMethods) {
17
+ RestrictedMethods["EthAccounts"] = "eth_accounts";
18
+ })(RestrictedMethods || (exports.RestrictedMethods = RestrictedMethods = {}));
19
+ //# sourceMappingURL=types.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.cjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,kCAAkC;AAClC,0BAA0B;;;AAE1B,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,oEAAqD,CAAA;IACrD,oEAAqD,CAAA;AACvD,CAAC,EAHW,WAAW,2BAAX,WAAW,QAGtB;AAED,IAAY,cAEX;AAFD,WAAY,cAAc;IACxB,gEAA8C,CAAA;AAChD,CAAC,EAFW,cAAc,8BAAd,cAAc,QAEzB;AAED,IAAY,iBAEX;AAFD,WAAY,iBAAiB;IAC3B,iDAA4B,CAAA;AAC9B,CAAC,EAFW,iBAAiB,iCAAjB,iBAAiB,QAE5B","sourcesContent":["// There is no logic in this file.\n/* istanbul ignore file */\n\nexport enum CaveatTypes {\n RestrictReturnedAccounts = 'restrictReturnedAccounts',\n RestrictNetworkSwitching = 'restrictNetworkSwitching',\n}\n\nexport enum EndowmentTypes {\n PermittedChains = 'endowment:permitted-chains',\n}\n\nexport enum RestrictedMethods {\n EthAccounts = 'eth_accounts',\n}\n"]}
@@ -0,0 +1,11 @@
1
+ export declare enum CaveatTypes {
2
+ RestrictReturnedAccounts = "restrictReturnedAccounts",
3
+ RestrictNetworkSwitching = "restrictNetworkSwitching"
4
+ }
5
+ export declare enum EndowmentTypes {
6
+ PermittedChains = "endowment:permitted-chains"
7
+ }
8
+ export declare enum RestrictedMethods {
9
+ EthAccounts = "eth_accounts"
10
+ }
11
+ //# sourceMappingURL=types.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA,oBAAY,WAAW;IACrB,wBAAwB,6BAA6B;IACrD,wBAAwB,6BAA6B;CACtD;AAED,oBAAY,cAAc;IACxB,eAAe,+BAA+B;CAC/C;AAED,oBAAY,iBAAiB;IAC3B,WAAW,iBAAiB;CAC7B"}
@@ -0,0 +1,11 @@
1
+ export declare enum CaveatTypes {
2
+ RestrictReturnedAccounts = "restrictReturnedAccounts",
3
+ RestrictNetworkSwitching = "restrictNetworkSwitching"
4
+ }
5
+ export declare enum EndowmentTypes {
6
+ PermittedChains = "endowment:permitted-chains"
7
+ }
8
+ export declare enum RestrictedMethods {
9
+ EthAccounts = "eth_accounts"
10
+ }
11
+ //# sourceMappingURL=types.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA,oBAAY,WAAW;IACrB,wBAAwB,6BAA6B;IACrD,wBAAwB,6BAA6B;CACtD;AAED,oBAAY,cAAc;IACxB,eAAe,+BAA+B;CAC/C;AAED,oBAAY,iBAAiB;IAC3B,WAAW,iBAAiB;CAC7B"}
package/dist/types.mjs ADDED
@@ -0,0 +1,16 @@
1
+ // There is no logic in this file.
2
+ /* istanbul ignore file */
3
+ export var CaveatTypes;
4
+ (function (CaveatTypes) {
5
+ CaveatTypes["RestrictReturnedAccounts"] = "restrictReturnedAccounts";
6
+ CaveatTypes["RestrictNetworkSwitching"] = "restrictNetworkSwitching";
7
+ })(CaveatTypes || (CaveatTypes = {}));
8
+ export var EndowmentTypes;
9
+ (function (EndowmentTypes) {
10
+ EndowmentTypes["PermittedChains"] = "endowment:permitted-chains";
11
+ })(EndowmentTypes || (EndowmentTypes = {}));
12
+ export var RestrictedMethods;
13
+ (function (RestrictedMethods) {
14
+ RestrictedMethods["EthAccounts"] = "eth_accounts";
15
+ })(RestrictedMethods || (RestrictedMethods = {}));
16
+ //# sourceMappingURL=types.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.mjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,0BAA0B;AAE1B,MAAM,CAAN,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,oEAAqD,CAAA;IACrD,oEAAqD,CAAA;AACvD,CAAC,EAHW,WAAW,KAAX,WAAW,QAGtB;AAED,MAAM,CAAN,IAAY,cAEX;AAFD,WAAY,cAAc;IACxB,gEAA8C,CAAA;AAChD,CAAC,EAFW,cAAc,KAAd,cAAc,QAEzB;AAED,MAAM,CAAN,IAAY,iBAEX;AAFD,WAAY,iBAAiB;IAC3B,iDAA4B,CAAA;AAC9B,CAAC,EAFW,iBAAiB,KAAjB,iBAAiB,QAE5B","sourcesContent":["// There is no logic in this file.\n/* istanbul ignore file */\n\nexport enum CaveatTypes {\n RestrictReturnedAccounts = 'restrictReturnedAccounts',\n RestrictNetworkSwitching = 'restrictNetworkSwitching',\n}\n\nexport enum EndowmentTypes {\n PermittedChains = 'endowment:permitted-chains',\n}\n\nexport enum RestrictedMethods {\n EthAccounts = 'eth_accounts',\n}\n"]}
@@ -0,0 +1,66 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.getPermissionsHandler = void 0;
4
+ const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
5
+ const permission_controller_1 = require("@metamask/permission-controller");
6
+ const types_1 = require("./types.cjs");
7
+ exports.getPermissionsHandler = {
8
+ methodNames: [permission_controller_1.MethodNames.GetPermissions],
9
+ implementation: getPermissionsImplementation,
10
+ hookNames: {
11
+ getPermissionsForOrigin: true,
12
+ getAccounts: true,
13
+ },
14
+ };
15
+ /**
16
+ * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
17
+ * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
18
+ *
19
+ * @param _req - The JsonRpcEngine request - unused
20
+ * @param res - The JsonRpcEngine result object
21
+ * @param _next - JsonRpcEngine next() callback - unused
22
+ * @param end - JsonRpcEngine end() callback
23
+ * @param options - Method hooks passed to the method implementation
24
+ * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
25
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
26
+ * @returns A promise that resolves to nothing
27
+ */
28
+ async function getPermissionsImplementation(_req, res, _next, end, { getPermissionsForOrigin, getAccounts, }) {
29
+ const permissions = { ...getPermissionsForOrigin() };
30
+ const caip25Endowment = permissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
31
+ const caip25CaveatValue = caip25Endowment?.caveats?.find(({ type }) => type === chain_agnostic_permission_1.Caip25CaveatType)?.value;
32
+ delete permissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
33
+ if (caip25CaveatValue) {
34
+ // We cannot derive ethAccounts directly from the CAIP-25 permission
35
+ // because the accounts will not be in order of lastSelected
36
+ const ethAccounts = getAccounts({ ignoreLock: true });
37
+ if (ethAccounts.length > 0) {
38
+ permissions[types_1.RestrictedMethods.EthAccounts] = {
39
+ ...caip25Endowment,
40
+ parentCapability: types_1.RestrictedMethods.EthAccounts,
41
+ caveats: [
42
+ {
43
+ type: types_1.CaveatTypes.RestrictReturnedAccounts,
44
+ value: ethAccounts,
45
+ },
46
+ ],
47
+ };
48
+ }
49
+ const ethChainIds = (0, chain_agnostic_permission_1.getPermittedEthChainIds)(caip25CaveatValue);
50
+ if (ethChainIds.length > 0) {
51
+ permissions[types_1.EndowmentTypes.PermittedChains] = {
52
+ ...caip25Endowment,
53
+ parentCapability: types_1.EndowmentTypes.PermittedChains,
54
+ caveats: [
55
+ {
56
+ type: types_1.CaveatTypes.RestrictNetworkSwitching,
57
+ value: ethChainIds,
58
+ },
59
+ ],
60
+ };
61
+ }
62
+ }
63
+ res.result = Object.values(permissions);
64
+ return end();
65
+ }
66
+ //# sourceMappingURL=wallet-getPermissions.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-getPermissions.cjs","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":";;;AACA,mFAI6C;AAK7C,2EAKyC;AAOzC,uCAAyE;AAE5D,QAAA,qBAAqB,GAAG;IACnC,WAAW,EAAE,CAAC,mCAAW,CAAC,cAAc,CAAC;IACzC,cAAc,EAAE,4BAA4B;IAC5C,SAAS,EAAE;QACT,uBAAuB,EAAE,IAAI;QAC7B,WAAW,EAAE,IAAI;KAClB;CACF,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,4BAA4B,CACzC,IAA4B,EAC5B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,uBAAuB,EACvB,WAAW,GASZ;IAED,MAAM,WAAW,GAAG,EAAE,GAAG,uBAAuB,EAAE,EAAE,CAAC;IACrD,MAAM,eAAe,GAAG,WAAW,CAAC,yDAA6B,CAAC,CAAC;IACnE,MAAM,iBAAiB,GAAG,eAAe,EAAE,OAAO,EAAE,IAAI,CACtD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,4CAAgB,CACxC,EAAE,KAAsC,CAAC;IAC1C,OAAO,WAAW,CAAC,yDAA6B,CAAC,CAAC;IAElD,IAAI,iBAAiB,EAAE;QACrB,oEAAoE;QACpE,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,yBAAiB,CAAC,WAAW,CAAC,GAAG;gBAC3C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,yBAAiB,CAAC,WAAW;gBAC/C,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;QAED,MAAM,WAAW,GAAG,IAAA,mDAAuB,EAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,sBAAc,CAAC,eAAe,CAAC,GAAG;gBAC5C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,sBAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACxC,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type CaveatSpecificationConstraint,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const getPermissionsHandler = {\n methodNames: [MethodNames.GetPermissions],\n implementation: getPermissionsImplementation,\n hookNames: {\n getPermissionsForOrigin: true,\n getAccounts: true,\n },\n};\n\n/**\n * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.\n * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.\n *\n * @param _req - The JsonRpcEngine request - unused\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @returns A promise that resolves to nothing\n */\nasync function getPermissionsImplementation(\n _req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getPermissionsForOrigin,\n getAccounts,\n }: {\n getPermissionsForOrigin: () => ReturnType<\n PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n >['getPermissions']\n >;\n getAccounts: (options?: { ignoreLock?: boolean }) => string[];\n },\n) {\n const permissions = { ...getPermissionsForOrigin() };\n const caip25Endowment = permissions[Caip25EndowmentPermissionName];\n const caip25CaveatValue = caip25Endowment?.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n delete permissions[Caip25EndowmentPermissionName];\n\n if (caip25CaveatValue) {\n // We cannot derive ethAccounts directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts({ ignoreLock: true });\n\n if (ethAccounts.length > 0) {\n permissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n }\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n permissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(permissions);\n return end();\n}\n"]}
@@ -0,0 +1,32 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint } from "@metamask/permission-controller";
3
+ import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const getPermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof getPermissionsImplementation;
7
+ hookNames: {
8
+ getPermissionsForOrigin: boolean;
9
+ getAccounts: boolean;
10
+ };
11
+ };
12
+ /**
13
+ * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
14
+ * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
15
+ *
16
+ * @param _req - The JsonRpcEngine request - unused
17
+ * @param res - The JsonRpcEngine result object
18
+ * @param _next - JsonRpcEngine next() callback - unused
19
+ * @param end - JsonRpcEngine end() callback
20
+ * @param options - Method hooks passed to the method implementation
21
+ * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
22
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
23
+ * @returns A promise that resolves to nothing
24
+ */
25
+ declare function getPermissionsImplementation(_req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getPermissionsForOrigin, getAccounts, }: {
26
+ getPermissionsForOrigin: () => ReturnType<PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>['getPermissions']>;
27
+ getAccounts: (options?: {
28
+ ignoreLock?: boolean;
29
+ }) => string[];
30
+ }): Promise<void>;
31
+ export {};
32
+ //# sourceMappingURL=wallet-getPermissions.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-getPermissions.d.cts","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EACL,KAAK,6BAA6B,EAClC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACvC,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAIzB,eAAO,MAAM,qBAAqB;;;;;;;CAOjC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,4BAA4B,CACzC,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC5B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,uBAAuB,EACvB,WAAW,GACZ,EAAE;IACD,uBAAuB,EAAE,MAAM,UAAU,CACvC,oBAAoB,CAClB,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC,gBAAgB,CAAC,CACpB,CAAC;IACF,WAAW,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,KAAK,MAAM,EAAE,CAAC;CAC/D,iBA6CF"}
@@ -0,0 +1,32 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint } from "@metamask/permission-controller";
3
+ import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const getPermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof getPermissionsImplementation;
7
+ hookNames: {
8
+ getPermissionsForOrigin: boolean;
9
+ getAccounts: boolean;
10
+ };
11
+ };
12
+ /**
13
+ * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
14
+ * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
15
+ *
16
+ * @param _req - The JsonRpcEngine request - unused
17
+ * @param res - The JsonRpcEngine result object
18
+ * @param _next - JsonRpcEngine next() callback - unused
19
+ * @param end - JsonRpcEngine end() callback
20
+ * @param options - Method hooks passed to the method implementation
21
+ * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
22
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
23
+ * @returns A promise that resolves to nothing
24
+ */
25
+ declare function getPermissionsImplementation(_req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getPermissionsForOrigin, getAccounts, }: {
26
+ getPermissionsForOrigin: () => ReturnType<PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>['getPermissions']>;
27
+ getAccounts: (options?: {
28
+ ignoreLock?: boolean;
29
+ }) => string[];
30
+ }): Promise<void>;
31
+ export {};
32
+ //# sourceMappingURL=wallet-getPermissions.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-getPermissions.d.mts","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EACL,KAAK,6BAA6B,EAClC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACvC,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAIzB,eAAO,MAAM,qBAAqB;;;;;;;CAOjC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,4BAA4B,CACzC,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC5B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,uBAAuB,EACvB,WAAW,GACZ,EAAE;IACD,uBAAuB,EAAE,MAAM,UAAU,CACvC,oBAAoB,CAClB,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC,gBAAgB,CAAC,CACpB,CAAC;IACF,WAAW,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,KAAK,MAAM,EAAE,CAAC;CAC/D,iBA6CF"}
@@ -0,0 +1,63 @@
1
+ import { Caip25CaveatType, Caip25EndowmentPermissionName, getPermittedEthChainIds } from "@metamask/chain-agnostic-permission";
2
+ import { MethodNames } from "@metamask/permission-controller";
3
+ import { CaveatTypes, EndowmentTypes, RestrictedMethods } from "./types.mjs";
4
+ export const getPermissionsHandler = {
5
+ methodNames: [MethodNames.GetPermissions],
6
+ implementation: getPermissionsImplementation,
7
+ hookNames: {
8
+ getPermissionsForOrigin: true,
9
+ getAccounts: true,
10
+ },
11
+ };
12
+ /**
13
+ * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
14
+ * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
15
+ *
16
+ * @param _req - The JsonRpcEngine request - unused
17
+ * @param res - The JsonRpcEngine result object
18
+ * @param _next - JsonRpcEngine next() callback - unused
19
+ * @param end - JsonRpcEngine end() callback
20
+ * @param options - Method hooks passed to the method implementation
21
+ * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
22
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
23
+ * @returns A promise that resolves to nothing
24
+ */
25
+ async function getPermissionsImplementation(_req, res, _next, end, { getPermissionsForOrigin, getAccounts, }) {
26
+ const permissions = { ...getPermissionsForOrigin() };
27
+ const caip25Endowment = permissions[Caip25EndowmentPermissionName];
28
+ const caip25CaveatValue = caip25Endowment?.caveats?.find(({ type }) => type === Caip25CaveatType)?.value;
29
+ delete permissions[Caip25EndowmentPermissionName];
30
+ if (caip25CaveatValue) {
31
+ // We cannot derive ethAccounts directly from the CAIP-25 permission
32
+ // because the accounts will not be in order of lastSelected
33
+ const ethAccounts = getAccounts({ ignoreLock: true });
34
+ if (ethAccounts.length > 0) {
35
+ permissions[RestrictedMethods.EthAccounts] = {
36
+ ...caip25Endowment,
37
+ parentCapability: RestrictedMethods.EthAccounts,
38
+ caveats: [
39
+ {
40
+ type: CaveatTypes.RestrictReturnedAccounts,
41
+ value: ethAccounts,
42
+ },
43
+ ],
44
+ };
45
+ }
46
+ const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);
47
+ if (ethChainIds.length > 0) {
48
+ permissions[EndowmentTypes.PermittedChains] = {
49
+ ...caip25Endowment,
50
+ parentCapability: EndowmentTypes.PermittedChains,
51
+ caveats: [
52
+ {
53
+ type: CaveatTypes.RestrictNetworkSwitching,
54
+ value: ethChainIds,
55
+ },
56
+ ],
57
+ };
58
+ }
59
+ }
60
+ res.result = Object.values(permissions);
61
+ return end();
62
+ }
63
+ //# sourceMappingURL=wallet-getPermissions.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-getPermissions.mjs","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,uBAAuB,EACxB,4CAA4C;AAK7C,OAAO,EAEL,WAAW,EAGZ,wCAAwC;AAOzC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAEzE,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,WAAW,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC;IACzC,cAAc,EAAE,4BAA4B;IAC5C,SAAS,EAAE;QACT,uBAAuB,EAAE,IAAI;QAC7B,WAAW,EAAE,IAAI;KAClB;CACF,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,4BAA4B,CACzC,IAA4B,EAC5B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,uBAAuB,EACvB,WAAW,GASZ;IAED,MAAM,WAAW,GAAG,EAAE,GAAG,uBAAuB,EAAE,EAAE,CAAC;IACrD,MAAM,eAAe,GAAG,WAAW,CAAC,6BAA6B,CAAC,CAAC;IACnE,MAAM,iBAAiB,GAAG,eAAe,EAAE,OAAO,EAAE,IAAI,CACtD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,gBAAgB,CACxC,EAAE,KAAsC,CAAC;IAC1C,OAAO,WAAW,CAAC,6BAA6B,CAAC,CAAC;IAElD,IAAI,iBAAiB,EAAE;QACrB,oEAAoE;QACpE,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,iBAAiB,CAAC,WAAW,CAAC,GAAG;gBAC3C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,iBAAiB,CAAC,WAAW;gBAC/C,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;QAED,MAAM,WAAW,GAAG,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,cAAc,CAAC,eAAe,CAAC,GAAG;gBAC5C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,cAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACxC,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type CaveatSpecificationConstraint,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const getPermissionsHandler = {\n methodNames: [MethodNames.GetPermissions],\n implementation: getPermissionsImplementation,\n hookNames: {\n getPermissionsForOrigin: true,\n getAccounts: true,\n },\n};\n\n/**\n * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.\n * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.\n *\n * @param _req - The JsonRpcEngine request - unused\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @returns A promise that resolves to nothing\n */\nasync function getPermissionsImplementation(\n _req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getPermissionsForOrigin,\n getAccounts,\n }: {\n getPermissionsForOrigin: () => ReturnType<\n PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n >['getPermissions']\n >;\n getAccounts: (options?: { ignoreLock?: boolean }) => string[];\n },\n) {\n const permissions = { ...getPermissionsForOrigin() };\n const caip25Endowment = permissions[Caip25EndowmentPermissionName];\n const caip25CaveatValue = caip25Endowment?.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n delete permissions[Caip25EndowmentPermissionName];\n\n if (caip25CaveatValue) {\n // We cannot derive ethAccounts directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts({ ignoreLock: true });\n\n if (ethAccounts.length > 0) {\n permissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n }\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n permissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(permissions);\n return end();\n}\n"]}
@@ -0,0 +1,93 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.requestPermissionsHandler = void 0;
4
+ const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
5
+ const controller_utils_1 = require("@metamask/controller-utils");
6
+ const permission_controller_1 = require("@metamask/permission-controller");
7
+ const lodash_1 = require("lodash");
8
+ const types_1 = require("./types.cjs");
9
+ exports.requestPermissionsHandler = {
10
+ methodNames: [permission_controller_1.MethodNames.RequestPermissions],
11
+ implementation: requestPermissionsImplementation,
12
+ hookNames: {
13
+ getAccounts: true,
14
+ requestPermissionsForOrigin: true,
15
+ getCaip25PermissionFromLegacyPermissionsForOrigin: true,
16
+ },
17
+ };
18
+ /**
19
+ * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
20
+ * The request object is expected to contain a CAIP-25 endowment permission.
21
+ *
22
+ * @param req - The JsonRpcEngine request
23
+ * @param res - The JsonRpcEngine result object
24
+ * @param _next - JsonRpcEngine next() callback - unused
25
+ * @param end - JsonRpcEngine end() callback
26
+ * @param options - Method hooks passed to the method implementation
27
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
28
+ * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
29
+ * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
30
+ * @returns Nothing.
31
+ */
32
+ async function requestPermissionsImplementation(req, res, _next, end, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }) {
33
+ const { params } = req;
34
+ if (!Array.isArray(params) || !(0, controller_utils_1.isPlainObject)(params[0])) {
35
+ return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
36
+ }
37
+ let [requestedPermissions] = params;
38
+ delete requestedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
39
+ const caip25EquivalentPermissions = (0, lodash_1.pick)(requestedPermissions, [
40
+ types_1.RestrictedMethods.EthAccounts,
41
+ types_1.EndowmentTypes.PermittedChains,
42
+ ]);
43
+ delete requestedPermissions[types_1.RestrictedMethods.EthAccounts];
44
+ delete requestedPermissions[types_1.EndowmentTypes.PermittedChains];
45
+ const hasCaip25EquivalentPermissions = Object.keys(caip25EquivalentPermissions).length > 0;
46
+ if (hasCaip25EquivalentPermissions) {
47
+ const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(caip25EquivalentPermissions);
48
+ requestedPermissions = { ...requestedPermissions, ...caip25Permission };
49
+ }
50
+ let grantedPermissions = {};
51
+ const [frozenGrantedPermissions] = await requestPermissionsForOrigin(requestedPermissions);
52
+ grantedPermissions = { ...frozenGrantedPermissions };
53
+ if (hasCaip25EquivalentPermissions) {
54
+ const caip25Endowment = grantedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
55
+ if (!caip25Endowment) {
56
+ throw new Error(`could not find ${chain_agnostic_permission_1.Caip25EndowmentPermissionName} permission.`);
57
+ }
58
+ const caip25CaveatValue = caip25Endowment.caveats?.find(({ type }) => type === chain_agnostic_permission_1.Caip25CaveatType)?.value;
59
+ if (!caip25CaveatValue) {
60
+ throw new Error(`could not find ${chain_agnostic_permission_1.Caip25CaveatType} in granted ${chain_agnostic_permission_1.Caip25EndowmentPermissionName} permission.`);
61
+ }
62
+ delete grantedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
63
+ // We cannot derive correct eth_accounts value directly from the CAIP-25 permission
64
+ // because the accounts will not be in order of lastSelected
65
+ const ethAccounts = getAccounts();
66
+ grantedPermissions[types_1.RestrictedMethods.EthAccounts] = {
67
+ ...caip25Endowment,
68
+ parentCapability: types_1.RestrictedMethods.EthAccounts,
69
+ caveats: [
70
+ {
71
+ type: types_1.CaveatTypes.RestrictReturnedAccounts,
72
+ value: ethAccounts,
73
+ },
74
+ ],
75
+ };
76
+ const ethChainIds = (0, chain_agnostic_permission_1.getPermittedEthChainIds)(caip25CaveatValue);
77
+ if (ethChainIds.length > 0) {
78
+ grantedPermissions[types_1.EndowmentTypes.PermittedChains] = {
79
+ ...caip25Endowment,
80
+ parentCapability: types_1.EndowmentTypes.PermittedChains,
81
+ caveats: [
82
+ {
83
+ type: types_1.CaveatTypes.RestrictNetworkSwitching,
84
+ value: ethChainIds,
85
+ },
86
+ ],
87
+ };
88
+ }
89
+ }
90
+ res.result = Object.values(grantedPermissions).filter((permission) => permission !== undefined);
91
+ return end();
92
+ }
93
+ //# sourceMappingURL=wallet-requestPermissions.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-requestPermissions.cjs","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":";;;AACA,mFAI6C;AAC7C,iEAA2D;AAK3D,2EASyC;AAMzC,mCAA8B;AAE9B,uCAAyE;AAE5D,QAAA,yBAAyB,GAAG;IACvC,WAAW,EAAE,CAAC,mCAAW,CAAC,kBAAkB,CAAC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,SAAS,EAAE;QACT,WAAW,EAAE,IAAI;QACjB,2BAA2B,EAAE,IAAI;QACjC,iDAAiD,EAAE,IAAI;KACxD;CACF,CAAC;AAWF;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,gCAAgC,CAC7C,GAAgE,EAChE,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GASlD;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAA,gCAAa,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;QACvD,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;IACpC,OAAO,oBAAoB,CAAC,yDAA6B,CAAC,CAAC;IAE3D,MAAM,2BAA2B,GAE7B,IAAA,aAAI,EAAC,oBAAoB,EAAE;QAC7B,yBAAiB,CAAC,WAAW;QAC7B,sBAAc,CAAC,eAAe;KAC/B,CAAC,CAAC;IACH,OAAO,oBAAoB,CAAC,yBAAiB,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,oBAAoB,CAAC,sBAAc,CAAC,eAAe,CAAC,CAAC;IAE5D,MAAM,8BAA8B,GAClC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtD,IAAI,8BAA8B,EAAE;QAClC,MAAM,gBAAgB,GAAG,iDAAiD,CACxE,2BAA2B,CAC5B,CAAC;QACF,oBAAoB,GAAG,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,GAAuB,EAAE,CAAC;IAEhD,MAAM,CAAC,wBAAwB,CAAC,GAC9B,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,CAAC;IAE1D,kBAAkB,GAAG,EAAE,GAAG,wBAAwB,EAAE,CAAC;IAErD,IAAI,8BAA8B,EAAE;QAClC,MAAM,eAAe,GAAG,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QAE1E,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,kBAAkB,yDAA6B,cAAc,CAC9D,CAAC;SACH;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CACrD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,4CAAgB,CACxC,EAAE,KAAsC,CAAC;QAC1C,IAAI,CAAC,iBAAiB,EAAE;YACtB,MAAM,IAAI,KAAK,CACb,kBAAkB,4CAAgB,eAAe,yDAA6B,cAAc,CAC7F,CAAC;SACH;QAED,OAAO,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QACzD,mFAAmF;QACnF,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;QAElC,kBAAkB,CAAC,yBAAiB,CAAC,WAAW,CAAC,GAAG;YAClD,GAAG,eAAe;YAClB,gBAAgB,EAAE,yBAAiB,CAAC,WAAW;YAC/C,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;oBAC1C,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC;QAEF,MAAM,WAAW,GAAG,IAAA,mDAAuB,EAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,kBAAkB,CAAC,sBAAc,CAAC,eAAe,CAAC,GAAG;gBACnD,GAAG,eAAe;gBAClB,gBAAgB,EAAE,sBAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM,CACnD,CACE,UAAqE,EACR,EAAE,CAC/D,UAAU,KAAK,SAAS,CAC3B,CAAC;IACF,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport { isPlainObject } from '@metamask/controller-utils';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type Caveat,\n type CaveatSpecificationConstraint,\n invalidParams,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n type RequestedPermissions,\n type ValidPermission,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { pick } from 'lodash';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const requestPermissionsHandler = {\n methodNames: [MethodNames.RequestPermissions],\n implementation: requestPermissionsImplementation,\n hookNames: {\n getAccounts: true,\n requestPermissionsForOrigin: true,\n getCaip25PermissionFromLegacyPermissionsForOrigin: true,\n },\n};\n\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\ntype GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\n/**\n * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.\n * The request object is expected to contain a CAIP-25 endowment permission.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.\n * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.\n * @returns Nothing.\n */\nasync function requestPermissionsImplementation(\n req: JsonRpcRequest<[RequestedPermissions]> & { origin: string },\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getAccounts,\n requestPermissionsForOrigin,\n getCaip25PermissionFromLegacyPermissionsForOrigin,\n }: {\n getAccounts: () => string[];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n ) => Promise<[GrantedPermissions]>;\n getCaip25PermissionFromLegacyPermissionsForOrigin: (\n requestedPermissions?: RequestedPermissions,\n ) => RequestedPermissions;\n },\n) {\n const { params } = req;\n\n if (!Array.isArray(params) || !isPlainObject(params[0])) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n let [requestedPermissions] = params;\n delete requestedPermissions[Caip25EndowmentPermissionName];\n\n const caip25EquivalentPermissions: Partial<\n Pick<RequestedPermissions, 'eth_accounts' | 'endowment:permitted-chains'>\n > = pick(requestedPermissions, [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ]);\n delete requestedPermissions[RestrictedMethods.EthAccounts];\n delete requestedPermissions[EndowmentTypes.PermittedChains];\n\n const hasCaip25EquivalentPermissions =\n Object.keys(caip25EquivalentPermissions).length > 0;\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(\n caip25EquivalentPermissions,\n );\n requestedPermissions = { ...requestedPermissions, ...caip25Permission };\n }\n\n let grantedPermissions: GrantedPermissions = {};\n\n const [frozenGrantedPermissions] =\n await requestPermissionsForOrigin(requestedPermissions);\n\n grantedPermissions = { ...frozenGrantedPermissions };\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];\n\n if (!caip25Endowment) {\n throw new Error(\n `could not find ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n const caip25CaveatValue = caip25Endowment.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n if (!caip25CaveatValue) {\n throw new Error(\n `could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n delete grantedPermissions[Caip25EndowmentPermissionName];\n // We cannot derive correct eth_accounts value directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts();\n\n grantedPermissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n grantedPermissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(grantedPermissions).filter(\n (\n permission: ValidPermission<string, Caveat<string, Json>> | undefined,\n ): permission is ValidPermission<string, Caveat<string, Json>> =>\n permission !== undefined,\n );\n return end();\n}\n"]}
@@ -0,0 +1,37 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint, type RequestedPermissions } from "@metamask/permission-controller";
3
+ import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const requestPermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof requestPermissionsImplementation;
7
+ hookNames: {
8
+ getAccounts: boolean;
9
+ requestPermissionsForOrigin: boolean;
10
+ getCaip25PermissionFromLegacyPermissionsForOrigin: boolean;
11
+ };
12
+ };
13
+ type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
14
+ type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
15
+ /**
16
+ * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
17
+ * The request object is expected to contain a CAIP-25 endowment permission.
18
+ *
19
+ * @param req - The JsonRpcEngine request
20
+ * @param res - The JsonRpcEngine result object
21
+ * @param _next - JsonRpcEngine next() callback - unused
22
+ * @param end - JsonRpcEngine end() callback
23
+ * @param options - Method hooks passed to the method implementation
24
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
25
+ * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
26
+ * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
27
+ * @returns Nothing.
28
+ */
29
+ declare function requestPermissionsImplementation(req: JsonRpcRequest<[RequestedPermissions]> & {
30
+ origin: string;
31
+ }, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }: {
32
+ getAccounts: () => string[];
33
+ requestPermissionsForOrigin: (requestedPermissions: RequestedPermissions) => Promise<[GrantedPermissions]>;
34
+ getCaip25PermissionFromLegacyPermissionsForOrigin: (requestedPermissions?: RequestedPermissions) => RequestedPermissions;
35
+ }): Promise<void>;
36
+ export {};
37
+ //# sourceMappingURL=wallet-requestPermissions.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-requestPermissions.d.cts","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAEL,KAAK,6BAA6B,EAElC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACtC,KAAK,oBAAoB,EAE1B,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAKzB,eAAO,MAAM,yBAAyB;;;;;;;;CAQrC,CAAC;AAEF,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,KAAK,kBAAkB,GAAG,OAAO,CAC/B,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL;;;;;;;;;;;;;GAaG;AACH,iBAAe,gCAAgC,CAC7C,GAAG,EAAE,cAAc,CAAC,CAAC,oBAAoB,CAAC,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAChE,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GAClD,EAAE;IACD,WAAW,EAAE,MAAM,MAAM,EAAE,CAAC;IAC5B,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,KACvC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,iDAAiD,EAAE,CACjD,oBAAoB,CAAC,EAAE,oBAAoB,KACxC,oBAAoB,CAAC;CAC3B,iBA8FF"}
@@ -0,0 +1,37 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint, type RequestedPermissions } from "@metamask/permission-controller";
3
+ import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const requestPermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof requestPermissionsImplementation;
7
+ hookNames: {
8
+ getAccounts: boolean;
9
+ requestPermissionsForOrigin: boolean;
10
+ getCaip25PermissionFromLegacyPermissionsForOrigin: boolean;
11
+ };
12
+ };
13
+ type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
14
+ type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
15
+ /**
16
+ * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
17
+ * The request object is expected to contain a CAIP-25 endowment permission.
18
+ *
19
+ * @param req - The JsonRpcEngine request
20
+ * @param res - The JsonRpcEngine result object
21
+ * @param _next - JsonRpcEngine next() callback - unused
22
+ * @param end - JsonRpcEngine end() callback
23
+ * @param options - Method hooks passed to the method implementation
24
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
25
+ * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
26
+ * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
27
+ * @returns Nothing.
28
+ */
29
+ declare function requestPermissionsImplementation(req: JsonRpcRequest<[RequestedPermissions]> & {
30
+ origin: string;
31
+ }, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }: {
32
+ getAccounts: () => string[];
33
+ requestPermissionsForOrigin: (requestedPermissions: RequestedPermissions) => Promise<[GrantedPermissions]>;
34
+ getCaip25PermissionFromLegacyPermissionsForOrigin: (requestedPermissions?: RequestedPermissions) => RequestedPermissions;
35
+ }): Promise<void>;
36
+ export {};
37
+ //# sourceMappingURL=wallet-requestPermissions.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-requestPermissions.d.mts","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAEL,KAAK,6BAA6B,EAElC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACtC,KAAK,oBAAoB,EAE1B,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAKzB,eAAO,MAAM,yBAAyB;;;;;;;;CAQrC,CAAC;AAEF,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,KAAK,kBAAkB,GAAG,OAAO,CAC/B,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL;;;;;;;;;;;;;GAaG;AACH,iBAAe,gCAAgC,CAC7C,GAAG,EAAE,cAAc,CAAC,CAAC,oBAAoB,CAAC,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAChE,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GAClD,EAAE;IACD,WAAW,EAAE,MAAM,MAAM,EAAE,CAAC;IAC5B,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,KACvC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,iDAAiD,EAAE,CACjD,oBAAoB,CAAC,EAAE,oBAAoB,KACxC,oBAAoB,CAAC;CAC3B,iBA8FF"}
@@ -0,0 +1,91 @@
1
+ import { Caip25CaveatType, Caip25EndowmentPermissionName, getPermittedEthChainIds } from "@metamask/chain-agnostic-permission";
2
+ import { isPlainObject } from "@metamask/controller-utils";
3
+ import { invalidParams, MethodNames } from "@metamask/permission-controller";
4
+ import $lodash from "lodash";
5
+ const { pick } = $lodash;
6
+ import { CaveatTypes, EndowmentTypes, RestrictedMethods } from "./types.mjs";
7
+ export const requestPermissionsHandler = {
8
+ methodNames: [MethodNames.RequestPermissions],
9
+ implementation: requestPermissionsImplementation,
10
+ hookNames: {
11
+ getAccounts: true,
12
+ requestPermissionsForOrigin: true,
13
+ getCaip25PermissionFromLegacyPermissionsForOrigin: true,
14
+ },
15
+ };
16
+ /**
17
+ * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
18
+ * The request object is expected to contain a CAIP-25 endowment permission.
19
+ *
20
+ * @param req - The JsonRpcEngine request
21
+ * @param res - The JsonRpcEngine result object
22
+ * @param _next - JsonRpcEngine next() callback - unused
23
+ * @param end - JsonRpcEngine end() callback
24
+ * @param options - Method hooks passed to the method implementation
25
+ * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
26
+ * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
27
+ * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
28
+ * @returns Nothing.
29
+ */
30
+ async function requestPermissionsImplementation(req, res, _next, end, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }) {
31
+ const { params } = req;
32
+ if (!Array.isArray(params) || !isPlainObject(params[0])) {
33
+ return end(invalidParams({ data: { request: req } }));
34
+ }
35
+ let [requestedPermissions] = params;
36
+ delete requestedPermissions[Caip25EndowmentPermissionName];
37
+ const caip25EquivalentPermissions = pick(requestedPermissions, [
38
+ RestrictedMethods.EthAccounts,
39
+ EndowmentTypes.PermittedChains,
40
+ ]);
41
+ delete requestedPermissions[RestrictedMethods.EthAccounts];
42
+ delete requestedPermissions[EndowmentTypes.PermittedChains];
43
+ const hasCaip25EquivalentPermissions = Object.keys(caip25EquivalentPermissions).length > 0;
44
+ if (hasCaip25EquivalentPermissions) {
45
+ const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(caip25EquivalentPermissions);
46
+ requestedPermissions = { ...requestedPermissions, ...caip25Permission };
47
+ }
48
+ let grantedPermissions = {};
49
+ const [frozenGrantedPermissions] = await requestPermissionsForOrigin(requestedPermissions);
50
+ grantedPermissions = { ...frozenGrantedPermissions };
51
+ if (hasCaip25EquivalentPermissions) {
52
+ const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];
53
+ if (!caip25Endowment) {
54
+ throw new Error(`could not find ${Caip25EndowmentPermissionName} permission.`);
55
+ }
56
+ const caip25CaveatValue = caip25Endowment.caveats?.find(({ type }) => type === Caip25CaveatType)?.value;
57
+ if (!caip25CaveatValue) {
58
+ throw new Error(`could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`);
59
+ }
60
+ delete grantedPermissions[Caip25EndowmentPermissionName];
61
+ // We cannot derive correct eth_accounts value directly from the CAIP-25 permission
62
+ // because the accounts will not be in order of lastSelected
63
+ const ethAccounts = getAccounts();
64
+ grantedPermissions[RestrictedMethods.EthAccounts] = {
65
+ ...caip25Endowment,
66
+ parentCapability: RestrictedMethods.EthAccounts,
67
+ caveats: [
68
+ {
69
+ type: CaveatTypes.RestrictReturnedAccounts,
70
+ value: ethAccounts,
71
+ },
72
+ ],
73
+ };
74
+ const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);
75
+ if (ethChainIds.length > 0) {
76
+ grantedPermissions[EndowmentTypes.PermittedChains] = {
77
+ ...caip25Endowment,
78
+ parentCapability: EndowmentTypes.PermittedChains,
79
+ caveats: [
80
+ {
81
+ type: CaveatTypes.RestrictNetworkSwitching,
82
+ value: ethChainIds,
83
+ },
84
+ ],
85
+ };
86
+ }
87
+ }
88
+ res.result = Object.values(grantedPermissions).filter((permission) => permission !== undefined);
89
+ return end();
90
+ }
91
+ //# sourceMappingURL=wallet-requestPermissions.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-requestPermissions.mjs","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,uBAAuB,EACxB,4CAA4C;AAC7C,OAAO,EAAE,aAAa,EAAE,mCAAmC;AAK3D,OAAO,EAGL,aAAa,EACb,WAAW,EAKZ,wCAAwC;;;AAQzC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAEzE,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,WAAW,EAAE,CAAC,WAAW,CAAC,kBAAkB,CAAC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,SAAS,EAAE;QACT,WAAW,EAAE,IAAI;QACjB,2BAA2B,EAAE,IAAI;QACjC,iDAAiD,EAAE,IAAI;KACxD;CACF,CAAC;AAWF;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,gCAAgC,CAC7C,GAAgE,EAChE,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GASlD;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;QACvD,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;IACpC,OAAO,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;IAE3D,MAAM,2BAA2B,GAE7B,IAAI,CAAC,oBAAoB,EAAE;QAC7B,iBAAiB,CAAC,WAAW;QAC7B,cAAc,CAAC,eAAe;KAC/B,CAAC,CAAC;IACH,OAAO,oBAAoB,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,oBAAoB,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAE5D,MAAM,8BAA8B,GAClC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtD,IAAI,8BAA8B,EAAE;QAClC,MAAM,gBAAgB,GAAG,iDAAiD,CACxE,2BAA2B,CAC5B,CAAC;QACF,oBAAoB,GAAG,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,GAAuB,EAAE,CAAC;IAEhD,MAAM,CAAC,wBAAwB,CAAC,GAC9B,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,CAAC;IAE1D,kBAAkB,GAAG,EAAE,GAAG,wBAAwB,EAAE,CAAC;IAErD,IAAI,8BAA8B,EAAE;QAClC,MAAM,eAAe,GAAG,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QAE1E,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,kBAAkB,6BAA6B,cAAc,CAC9D,CAAC;SACH;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CACrD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,gBAAgB,CACxC,EAAE,KAAsC,CAAC;QAC1C,IAAI,CAAC,iBAAiB,EAAE;YACtB,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,eAAe,6BAA6B,cAAc,CAC7F,CAAC;SACH;QAED,OAAO,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QACzD,mFAAmF;QACnF,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;QAElC,kBAAkB,CAAC,iBAAiB,CAAC,WAAW,CAAC,GAAG;YAClD,GAAG,eAAe;YAClB,gBAAgB,EAAE,iBAAiB,CAAC,WAAW;YAC/C,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;oBAC1C,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC;QAEF,MAAM,WAAW,GAAG,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,kBAAkB,CAAC,cAAc,CAAC,eAAe,CAAC,GAAG;gBACnD,GAAG,eAAe;gBAClB,gBAAgB,EAAE,cAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM,CACnD,CACE,UAAqE,EACR,EAAE,CAC/D,UAAU,KAAK,SAAS,CAC3B,CAAC;IACF,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport { isPlainObject } from '@metamask/controller-utils';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type Caveat,\n type CaveatSpecificationConstraint,\n invalidParams,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n type RequestedPermissions,\n type ValidPermission,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { pick } from 'lodash';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const requestPermissionsHandler = {\n methodNames: [MethodNames.RequestPermissions],\n implementation: requestPermissionsImplementation,\n hookNames: {\n getAccounts: true,\n requestPermissionsForOrigin: true,\n getCaip25PermissionFromLegacyPermissionsForOrigin: true,\n },\n};\n\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\ntype GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\n/**\n * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.\n * The request object is expected to contain a CAIP-25 endowment permission.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.\n * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.\n * @returns Nothing.\n */\nasync function requestPermissionsImplementation(\n req: JsonRpcRequest<[RequestedPermissions]> & { origin: string },\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getAccounts,\n requestPermissionsForOrigin,\n getCaip25PermissionFromLegacyPermissionsForOrigin,\n }: {\n getAccounts: () => string[];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n ) => Promise<[GrantedPermissions]>;\n getCaip25PermissionFromLegacyPermissionsForOrigin: (\n requestedPermissions?: RequestedPermissions,\n ) => RequestedPermissions;\n },\n) {\n const { params } = req;\n\n if (!Array.isArray(params) || !isPlainObject(params[0])) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n let [requestedPermissions] = params;\n delete requestedPermissions[Caip25EndowmentPermissionName];\n\n const caip25EquivalentPermissions: Partial<\n Pick<RequestedPermissions, 'eth_accounts' | 'endowment:permitted-chains'>\n > = pick(requestedPermissions, [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ]);\n delete requestedPermissions[RestrictedMethods.EthAccounts];\n delete requestedPermissions[EndowmentTypes.PermittedChains];\n\n const hasCaip25EquivalentPermissions =\n Object.keys(caip25EquivalentPermissions).length > 0;\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(\n caip25EquivalentPermissions,\n );\n requestedPermissions = { ...requestedPermissions, ...caip25Permission };\n }\n\n let grantedPermissions: GrantedPermissions = {};\n\n const [frozenGrantedPermissions] =\n await requestPermissionsForOrigin(requestedPermissions);\n\n grantedPermissions = { ...frozenGrantedPermissions };\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];\n\n if (!caip25Endowment) {\n throw new Error(\n `could not find ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n const caip25CaveatValue = caip25Endowment.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n if (!caip25CaveatValue) {\n throw new Error(\n `could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n delete grantedPermissions[Caip25EndowmentPermissionName];\n // We cannot derive correct eth_accounts value directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts();\n\n grantedPermissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n grantedPermissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(grantedPermissions).filter(\n (\n permission: ValidPermission<string, Caveat<string, Json>> | undefined,\n ): permission is ValidPermission<string, Caveat<string, Json>> =>\n permission !== undefined,\n );\n return end();\n}\n"]}
@@ -0,0 +1,52 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.revokePermissionsHandler = void 0;
4
+ const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
5
+ const permission_controller_1 = require("@metamask/permission-controller");
6
+ const utils_1 = require("@metamask/utils");
7
+ const types_1 = require("./types.cjs");
8
+ exports.revokePermissionsHandler = {
9
+ methodNames: [permission_controller_1.MethodNames.RevokePermissions],
10
+ implementation: revokePermissionsImplementation,
11
+ hookNames: {
12
+ revokePermissionsForOrigin: true,
13
+ updateCaveat: true,
14
+ },
15
+ };
16
+ /**
17
+ * Revoke Permissions implementation to be used in JsonRpcEngine middleware.
18
+ *
19
+ * @param req - The JsonRpcEngine request
20
+ * @param res - The JsonRpcEngine result object
21
+ * @param _next - JsonRpcEngine next() callback - unused
22
+ * @param end - JsonRpcEngine end() callback
23
+ * @param options - Method hooks passed to the method implementation
24
+ * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
25
+ * @returns Nothing.
26
+ */
27
+ function revokePermissionsImplementation(req, res, _next, end, { revokePermissionsForOrigin, }) {
28
+ const { params } = req;
29
+ const param = params?.[0];
30
+ if (!param) {
31
+ return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
32
+ }
33
+ // For now, this API revokes the entire permission key
34
+ // even if caveats are specified.
35
+ const permissionKeys = Object.keys(param).filter((name) => name !== chain_agnostic_permission_1.Caip25EndowmentPermissionName);
36
+ if (!(0, utils_1.isNonEmptyArray)(permissionKeys)) {
37
+ return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
38
+ }
39
+ const caip25EquivalentPermissions = [
40
+ types_1.RestrictedMethods.EthAccounts,
41
+ types_1.EndowmentTypes.PermittedChains,
42
+ ];
43
+ const relevantPermissionKeys = permissionKeys.filter((name) => !caip25EquivalentPermissions.includes(name));
44
+ const shouldRevokeLegacyPermission = relevantPermissionKeys.length !== permissionKeys.length;
45
+ if (shouldRevokeLegacyPermission) {
46
+ relevantPermissionKeys.push(chain_agnostic_permission_1.Caip25EndowmentPermissionName);
47
+ }
48
+ revokePermissionsForOrigin(relevantPermissionKeys);
49
+ res.result = null;
50
+ return end();
51
+ }
52
+ //# sourceMappingURL=wallet-revokePermissions.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-revokePermissions.cjs","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":";;;AAAA,mFAAoF;AAKpF,2EAA6E;AAC7E,2CAKyB;AAEzB,uCAA4D;AAE/C,QAAA,wBAAwB,GAAG;IACtC,WAAW,EAAE,CAAC,mCAAW,CAAC,iBAAiB,CAAC;IAC5C,cAAc,EAAE,+BAA+B;IAC/C,SAAS,EAAE;QACT,0BAA0B,EAAE,IAAI;QAChC,YAAY,EAAE,IAAI;KACnB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAS,+BAA+B,CACtC,GAA2B,EAC3B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,0BAA0B,GAG3B;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IAE1B,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,sDAAsD;IACtD,iCAAiC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAC9C,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,yDAA6B,CACjD,CAAC;IAEF,IAAI,CAAC,IAAA,uBAAe,EAAC,cAAc,CAAC,EAAE;QACpC,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,MAAM,2BAA2B,GAAa;QAC5C,yBAAiB,CAAC,WAAW;QAC7B,sBAAc,CAAC,eAAe;KAC/B,CAAC;IACF,MAAM,sBAAsB,GAAG,cAAc,CAAC,MAAM,CAClD,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,4BAA4B,GAChC,sBAAsB,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM,CAAC;IAE1D,IAAI,4BAA4B,EAAE;QAChC,sBAAsB,CAAC,IAAI,CAAC,yDAA6B,CAAC,CAAC;KAC5D;IAED,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;IAEnD,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IAElB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import { Caip25EndowmentPermissionName } from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport { invalidParams, MethodNames } from '@metamask/permission-controller';\nimport {\n isNonEmptyArray,\n type Json,\n type JsonRpcRequest,\n type PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { EndowmentTypes, RestrictedMethods } from './types';\n\nexport const revokePermissionsHandler = {\n methodNames: [MethodNames.RevokePermissions],\n implementation: revokePermissionsImplementation,\n hookNames: {\n revokePermissionsForOrigin: true,\n updateCaveat: true,\n },\n};\n\n/**\n * Revoke Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin\n * @returns Nothing.\n */\nfunction revokePermissionsImplementation(\n req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n revokePermissionsForOrigin,\n }: {\n revokePermissionsForOrigin: (permissionKeys: string[]) => void;\n },\n) {\n const { params } = req;\n\n const param = params?.[0];\n\n if (!param) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n // For now, this API revokes the entire permission key\n // even if caveats are specified.\n const permissionKeys = Object.keys(param).filter(\n (name) => name !== Caip25EndowmentPermissionName,\n );\n\n if (!isNonEmptyArray(permissionKeys)) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n const caip25EquivalentPermissions: string[] = [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ];\n const relevantPermissionKeys = permissionKeys.filter(\n (name: string) => !caip25EquivalentPermissions.includes(name),\n );\n\n const shouldRevokeLegacyPermission =\n relevantPermissionKeys.length !== permissionKeys.length;\n\n if (shouldRevokeLegacyPermission) {\n relevantPermissionKeys.push(Caip25EndowmentPermissionName);\n }\n\n revokePermissionsForOrigin(relevantPermissionKeys);\n\n res.result = null;\n\n return end();\n}\n"]}
@@ -0,0 +1,27 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { MethodNames } from "@metamask/permission-controller";
3
+ import { type Json, type JsonRpcRequest, type PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const revokePermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof revokePermissionsImplementation;
7
+ hookNames: {
8
+ revokePermissionsForOrigin: boolean;
9
+ updateCaveat: boolean;
10
+ };
11
+ };
12
+ /**
13
+ * Revoke Permissions implementation to be used in JsonRpcEngine middleware.
14
+ *
15
+ * @param req - The JsonRpcEngine request
16
+ * @param res - The JsonRpcEngine result object
17
+ * @param _next - JsonRpcEngine next() callback - unused
18
+ * @param end - JsonRpcEngine end() callback
19
+ * @param options - Method hooks passed to the method implementation
20
+ * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
21
+ * @returns Nothing.
22
+ */
23
+ declare function revokePermissionsImplementation(req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { revokePermissionsForOrigin, }: {
24
+ revokePermissionsForOrigin: (permissionKeys: string[]) => void;
25
+ }): void;
26
+ export {};
27
+ //# sourceMappingURL=wallet-revokePermissions.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-revokePermissions.d.cts","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAAiB,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EAEL,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC5B,wBAAwB;AAIzB,eAAO,MAAM,wBAAwB;;;;;;;CAOpC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,iBAAS,+BAA+B,CACtC,GAAG,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,0BAA0B,GAC3B,EAAE;IACD,0BAA0B,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;CAChE,QAwCF"}
@@ -0,0 +1,27 @@
1
+ import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
2
+ import { MethodNames } from "@metamask/permission-controller";
3
+ import { type Json, type JsonRpcRequest, type PendingJsonRpcResponse } from "@metamask/utils";
4
+ export declare const revokePermissionsHandler: {
5
+ methodNames: MethodNames[];
6
+ implementation: typeof revokePermissionsImplementation;
7
+ hookNames: {
8
+ revokePermissionsForOrigin: boolean;
9
+ updateCaveat: boolean;
10
+ };
11
+ };
12
+ /**
13
+ * Revoke Permissions implementation to be used in JsonRpcEngine middleware.
14
+ *
15
+ * @param req - The JsonRpcEngine request
16
+ * @param res - The JsonRpcEngine result object
17
+ * @param _next - JsonRpcEngine next() callback - unused
18
+ * @param end - JsonRpcEngine end() callback
19
+ * @param options - Method hooks passed to the method implementation
20
+ * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
21
+ * @returns Nothing.
22
+ */
23
+ declare function revokePermissionsImplementation(req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { revokePermissionsForOrigin, }: {
24
+ revokePermissionsForOrigin: (permissionKeys: string[]) => void;
25
+ }): void;
26
+ export {};
27
+ //# sourceMappingURL=wallet-revokePermissions.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-revokePermissions.d.mts","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAAiB,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EAEL,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC5B,wBAAwB;AAIzB,eAAO,MAAM,wBAAwB;;;;;;;CAOpC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,iBAAS,+BAA+B,CACtC,GAAG,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,0BAA0B,GAC3B,EAAE;IACD,0BAA0B,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;CAChE,QAwCF"}
@@ -0,0 +1,49 @@
1
+ import { Caip25EndowmentPermissionName } from "@metamask/chain-agnostic-permission";
2
+ import { invalidParams, MethodNames } from "@metamask/permission-controller";
3
+ import { isNonEmptyArray } from "@metamask/utils";
4
+ import { EndowmentTypes, RestrictedMethods } from "./types.mjs";
5
+ export const revokePermissionsHandler = {
6
+ methodNames: [MethodNames.RevokePermissions],
7
+ implementation: revokePermissionsImplementation,
8
+ hookNames: {
9
+ revokePermissionsForOrigin: true,
10
+ updateCaveat: true,
11
+ },
12
+ };
13
+ /**
14
+ * Revoke Permissions implementation to be used in JsonRpcEngine middleware.
15
+ *
16
+ * @param req - The JsonRpcEngine request
17
+ * @param res - The JsonRpcEngine result object
18
+ * @param _next - JsonRpcEngine next() callback - unused
19
+ * @param end - JsonRpcEngine end() callback
20
+ * @param options - Method hooks passed to the method implementation
21
+ * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
22
+ * @returns Nothing.
23
+ */
24
+ function revokePermissionsImplementation(req, res, _next, end, { revokePermissionsForOrigin, }) {
25
+ const { params } = req;
26
+ const param = params?.[0];
27
+ if (!param) {
28
+ return end(invalidParams({ data: { request: req } }));
29
+ }
30
+ // For now, this API revokes the entire permission key
31
+ // even if caveats are specified.
32
+ const permissionKeys = Object.keys(param).filter((name) => name !== Caip25EndowmentPermissionName);
33
+ if (!isNonEmptyArray(permissionKeys)) {
34
+ return end(invalidParams({ data: { request: req } }));
35
+ }
36
+ const caip25EquivalentPermissions = [
37
+ RestrictedMethods.EthAccounts,
38
+ EndowmentTypes.PermittedChains,
39
+ ];
40
+ const relevantPermissionKeys = permissionKeys.filter((name) => !caip25EquivalentPermissions.includes(name));
41
+ const shouldRevokeLegacyPermission = relevantPermissionKeys.length !== permissionKeys.length;
42
+ if (shouldRevokeLegacyPermission) {
43
+ relevantPermissionKeys.push(Caip25EndowmentPermissionName);
44
+ }
45
+ revokePermissionsForOrigin(relevantPermissionKeys);
46
+ res.result = null;
47
+ return end();
48
+ }
49
+ //# sourceMappingURL=wallet-revokePermissions.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wallet-revokePermissions.mjs","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,4CAA4C;AAKpF,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EACL,eAAe,EAIhB,wBAAwB;AAEzB,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAE5D,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,WAAW,EAAE,CAAC,WAAW,CAAC,iBAAiB,CAAC;IAC5C,cAAc,EAAE,+BAA+B;IAC/C,SAAS,EAAE;QACT,0BAA0B,EAAE,IAAI;QAChC,YAAY,EAAE,IAAI;KACnB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAS,+BAA+B,CACtC,GAA2B,EAC3B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,0BAA0B,GAG3B;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IAE1B,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,sDAAsD;IACtD,iCAAiC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAC9C,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,6BAA6B,CACjD,CAAC;IAEF,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,EAAE;QACpC,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,MAAM,2BAA2B,GAAa;QAC5C,iBAAiB,CAAC,WAAW;QAC7B,cAAc,CAAC,eAAe;KAC/B,CAAC;IACF,MAAM,sBAAsB,GAAG,cAAc,CAAC,MAAM,CAClD,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,4BAA4B,GAChC,sBAAsB,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM,CAAC;IAE1D,IAAI,4BAA4B,EAAE;QAChC,sBAAsB,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;KAC5D;IAED,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;IAEnD,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IAElB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import { Caip25EndowmentPermissionName } from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport { invalidParams, MethodNames } from '@metamask/permission-controller';\nimport {\n isNonEmptyArray,\n type Json,\n type JsonRpcRequest,\n type PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { EndowmentTypes, RestrictedMethods } from './types';\n\nexport const revokePermissionsHandler = {\n methodNames: [MethodNames.RevokePermissions],\n implementation: revokePermissionsImplementation,\n hookNames: {\n revokePermissionsForOrigin: true,\n updateCaveat: true,\n },\n};\n\n/**\n * Revoke Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin\n * @returns Nothing.\n */\nfunction revokePermissionsImplementation(\n req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n revokePermissionsForOrigin,\n }: {\n revokePermissionsForOrigin: (permissionKeys: string[]) => void;\n },\n) {\n const { params } = req;\n\n const param = params?.[0];\n\n if (!param) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n // For now, this API revokes the entire permission key\n // even if caveats are specified.\n const permissionKeys = Object.keys(param).filter(\n (name) => name !== Caip25EndowmentPermissionName,\n );\n\n if (!isNonEmptyArray(permissionKeys)) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n const caip25EquivalentPermissions: string[] = [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ];\n const relevantPermissionKeys = permissionKeys.filter(\n (name: string) => !caip25EquivalentPermissions.includes(name),\n );\n\n const shouldRevokeLegacyPermission =\n relevantPermissionKeys.length !== permissionKeys.length;\n\n if (shouldRevokeLegacyPermission) {\n relevantPermissionKeys.push(Caip25EndowmentPermissionName);\n }\n\n revokePermissionsForOrigin(relevantPermissionKeys);\n\n res.result = null;\n\n return end();\n}\n"]}
package/package.json ADDED
@@ -0,0 +1,75 @@
1
+ {
2
+ "name": "@metamask-previews/eip1193-permission-middleware",
3
+ "version": "0.1.0-preview-b69c669",
4
+ "description": "Implements the JSON-RPC methods for managing permissions as referenced in EIP-2255 and MIP-2 and inspired by MIP-5, but supporting chain-agnostic permission caveats in alignment with @metamask/multichain-api-middleware",
5
+ "keywords": [
6
+ "MetaMask",
7
+ "Ethereum"
8
+ ],
9
+ "homepage": "https://github.com/MetaMask/core/tree/main/packages/eip1193-permission-middleware#readme",
10
+ "bugs": {
11
+ "url": "https://github.com/MetaMask/core/issues"
12
+ },
13
+ "repository": {
14
+ "type": "git",
15
+ "url": "https://github.com/MetaMask/core.git"
16
+ },
17
+ "license": "MIT",
18
+ "sideEffects": false,
19
+ "exports": {
20
+ ".": {
21
+ "import": {
22
+ "types": "./dist/index.d.mts",
23
+ "default": "./dist/index.mjs"
24
+ },
25
+ "require": {
26
+ "types": "./dist/index.d.cts",
27
+ "default": "./dist/index.cjs"
28
+ }
29
+ },
30
+ "./package.json": "./package.json"
31
+ },
32
+ "main": "./dist/index.cjs",
33
+ "types": "./dist/index.d.cts",
34
+ "files": [
35
+ "dist/"
36
+ ],
37
+ "scripts": {
38
+ "build": "ts-bridge --project tsconfig.build.json --verbose --clean --no-references",
39
+ "build:docs": "typedoc",
40
+ "changelog:update": "../../scripts/update-changelog.sh @metamask/eip1193-permission-middleware",
41
+ "changelog:validate": "../../scripts/validate-changelog.sh @metamask/eip1193-permission-middleware",
42
+ "publish:preview": "yarn npm publish --tag preview",
43
+ "since-latest-release": "../../scripts/since-latest-release.sh",
44
+ "test": "NODE_OPTIONS=--experimental-vm-modules jest --reporters=jest-silent-reporter",
45
+ "test:clean": "NODE_OPTIONS=--experimental-vm-modules jest --clearCache",
46
+ "test:verbose": "NODE_OPTIONS=--experimental-vm-modules jest --verbose",
47
+ "test:watch": "NODE_OPTIONS=--experimental-vm-modules jest --watch"
48
+ },
49
+ "dependencies": {
50
+ "@metamask/chain-agnostic-permission": "^0.1.0",
51
+ "@metamask/controller-utils": "^11.6.0",
52
+ "@metamask/json-rpc-engine": "^10.0.3",
53
+ "@metamask/permission-controller": "^11.0.6",
54
+ "@metamask/utils": "^11.2.0",
55
+ "lodash": "^4.17.21"
56
+ },
57
+ "devDependencies": {
58
+ "@metamask/auto-changelog": "^3.4.4",
59
+ "@metamask/rpc-errors": "^7.0.2",
60
+ "@types/jest": "^27.4.1",
61
+ "deepmerge": "^4.2.2",
62
+ "jest": "^27.5.1",
63
+ "ts-jest": "^27.1.4",
64
+ "typedoc": "^0.24.8",
65
+ "typedoc-plugin-missing-exports": "^2.0.0",
66
+ "typescript": "~5.2.2"
67
+ },
68
+ "engines": {
69
+ "node": "^18.18 || >=20"
70
+ },
71
+ "publishConfig": {
72
+ "access": "public",
73
+ "registry": "https://registry.npmjs.org/"
74
+ }
75
+ }