@metamask-previews/eip1193-permission-middleware 0.1.0-preview-b69c669
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -0
- package/LICENSE +20 -0
- package/README.md +15 -0
- package/dist/index.cjs +10 -0
- package/dist/index.cjs.map +1 -0
- package/dist/index.d.cts +4 -0
- package/dist/index.d.cts.map +1 -0
- package/dist/index.d.mts +4 -0
- package/dist/index.d.mts.map +1 -0
- package/dist/index.mjs +4 -0
- package/dist/index.mjs.map +1 -0
- package/dist/types.cjs +19 -0
- package/dist/types.cjs.map +1 -0
- package/dist/types.d.cts +11 -0
- package/dist/types.d.cts.map +1 -0
- package/dist/types.d.mts +11 -0
- package/dist/types.d.mts.map +1 -0
- package/dist/types.mjs +16 -0
- package/dist/types.mjs.map +1 -0
- package/dist/wallet-getPermissions.cjs +66 -0
- package/dist/wallet-getPermissions.cjs.map +1 -0
- package/dist/wallet-getPermissions.d.cts +32 -0
- package/dist/wallet-getPermissions.d.cts.map +1 -0
- package/dist/wallet-getPermissions.d.mts +32 -0
- package/dist/wallet-getPermissions.d.mts.map +1 -0
- package/dist/wallet-getPermissions.mjs +63 -0
- package/dist/wallet-getPermissions.mjs.map +1 -0
- package/dist/wallet-requestPermissions.cjs +93 -0
- package/dist/wallet-requestPermissions.cjs.map +1 -0
- package/dist/wallet-requestPermissions.d.cts +37 -0
- package/dist/wallet-requestPermissions.d.cts.map +1 -0
- package/dist/wallet-requestPermissions.d.mts +37 -0
- package/dist/wallet-requestPermissions.d.mts.map +1 -0
- package/dist/wallet-requestPermissions.mjs +91 -0
- package/dist/wallet-requestPermissions.mjs.map +1 -0
- package/dist/wallet-revokePermissions.cjs +52 -0
- package/dist/wallet-revokePermissions.cjs.map +1 -0
- package/dist/wallet-revokePermissions.d.cts +27 -0
- package/dist/wallet-revokePermissions.d.cts.map +1 -0
- package/dist/wallet-revokePermissions.d.mts +27 -0
- package/dist/wallet-revokePermissions.d.mts.map +1 -0
- package/dist/wallet-revokePermissions.mjs +49 -0
- package/dist/wallet-revokePermissions.mjs.map +1 -0
- package/package.json +75 -0
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
All notable changes to this project will be documented in this file.
|
|
4
|
+
|
|
5
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
|
+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
|
+
|
|
8
|
+
## [Unreleased]
|
|
9
|
+
|
|
10
|
+
## [0.1.0]
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
|
|
14
|
+
- Initial release
|
|
15
|
+
|
|
16
|
+
[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/eip1193-permission-middleware@0.1.0...HEAD
|
|
17
|
+
[0.1.0]: https://github.com/MetaMask/core/releases/tag/@metamask/eip1193-permission-middleware@0.1.0
|
package/LICENSE
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2025 MetaMask
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
package/README.md
ADDED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# `@metamask/eip1193-permission-middleware`
|
|
2
|
+
|
|
3
|
+
Implements the JSON-RPC methods for managing permissions as referenced in [EIP-2255](https://eips.ethereum.org/EIPS/eip-2255) and [MIP-2](https://github.com/MetaMask/metamask-improvement-proposals/blob/main/MIPs/mip-2.md), but adapted to support [chain-agnostic permission caveats](https://npmjs.com/package/@metamask/chain-agnostic-permission).
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
`yarn add @metamask/eip1193-permission-middleware`
|
|
8
|
+
|
|
9
|
+
or
|
|
10
|
+
|
|
11
|
+
`npm install @metamask/eip1193-permission-middleware`
|
|
12
|
+
|
|
13
|
+
## Contributing
|
|
14
|
+
|
|
15
|
+
This package is part of a monorepo. Instructions for contributing can be found in the [monorepo README](https://github.com/MetaMask/core#readme).
|
package/dist/index.cjs
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.revokePermissionsHandler = exports.requestPermissionsHandler = exports.getPermissionsHandler = void 0;
|
|
4
|
+
var wallet_getPermissions_1 = require("./wallet-getPermissions.cjs");
|
|
5
|
+
Object.defineProperty(exports, "getPermissionsHandler", { enumerable: true, get: function () { return wallet_getPermissions_1.getPermissionsHandler; } });
|
|
6
|
+
var wallet_requestPermissions_1 = require("./wallet-requestPermissions.cjs");
|
|
7
|
+
Object.defineProperty(exports, "requestPermissionsHandler", { enumerable: true, get: function () { return wallet_requestPermissions_1.requestPermissionsHandler; } });
|
|
8
|
+
var wallet_revokePermissions_1 = require("./wallet-revokePermissions.cjs");
|
|
9
|
+
Object.defineProperty(exports, "revokePermissionsHandler", { enumerable: true, get: function () { return wallet_revokePermissions_1.revokePermissionsHandler; } });
|
|
10
|
+
//# sourceMappingURL=index.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.cjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,qEAAgE;AAAvD,8HAAA,qBAAqB,OAAA;AAC9B,6EAAwE;AAA/D,sIAAA,yBAAyB,OAAA;AAClC,2EAAsE;AAA7D,oIAAA,wBAAwB,OAAA","sourcesContent":["export { getPermissionsHandler } from './wallet-getPermissions';\nexport { requestPermissionsHandler } from './wallet-requestPermissions';\nexport { revokePermissionsHandler } from './wallet-revokePermissions';\n"]}
|
package/dist/index.d.cts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC"}
|
package/dist/index.d.mts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC"}
|
package/dist/index.mjs
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,oCAAgC;AAChE,OAAO,EAAE,yBAAyB,EAAE,wCAAoC;AACxE,OAAO,EAAE,wBAAwB,EAAE,uCAAmC","sourcesContent":["export { getPermissionsHandler } from './wallet-getPermissions';\nexport { requestPermissionsHandler } from './wallet-requestPermissions';\nexport { revokePermissionsHandler } from './wallet-revokePermissions';\n"]}
|
package/dist/types.cjs
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// There is no logic in this file.
|
|
3
|
+
/* istanbul ignore file */
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.RestrictedMethods = exports.EndowmentTypes = exports.CaveatTypes = void 0;
|
|
6
|
+
var CaveatTypes;
|
|
7
|
+
(function (CaveatTypes) {
|
|
8
|
+
CaveatTypes["RestrictReturnedAccounts"] = "restrictReturnedAccounts";
|
|
9
|
+
CaveatTypes["RestrictNetworkSwitching"] = "restrictNetworkSwitching";
|
|
10
|
+
})(CaveatTypes || (exports.CaveatTypes = CaveatTypes = {}));
|
|
11
|
+
var EndowmentTypes;
|
|
12
|
+
(function (EndowmentTypes) {
|
|
13
|
+
EndowmentTypes["PermittedChains"] = "endowment:permitted-chains";
|
|
14
|
+
})(EndowmentTypes || (exports.EndowmentTypes = EndowmentTypes = {}));
|
|
15
|
+
var RestrictedMethods;
|
|
16
|
+
(function (RestrictedMethods) {
|
|
17
|
+
RestrictedMethods["EthAccounts"] = "eth_accounts";
|
|
18
|
+
})(RestrictedMethods || (exports.RestrictedMethods = RestrictedMethods = {}));
|
|
19
|
+
//# sourceMappingURL=types.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.cjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,kCAAkC;AAClC,0BAA0B;;;AAE1B,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,oEAAqD,CAAA;IACrD,oEAAqD,CAAA;AACvD,CAAC,EAHW,WAAW,2BAAX,WAAW,QAGtB;AAED,IAAY,cAEX;AAFD,WAAY,cAAc;IACxB,gEAA8C,CAAA;AAChD,CAAC,EAFW,cAAc,8BAAd,cAAc,QAEzB;AAED,IAAY,iBAEX;AAFD,WAAY,iBAAiB;IAC3B,iDAA4B,CAAA;AAC9B,CAAC,EAFW,iBAAiB,iCAAjB,iBAAiB,QAE5B","sourcesContent":["// There is no logic in this file.\n/* istanbul ignore file */\n\nexport enum CaveatTypes {\n RestrictReturnedAccounts = 'restrictReturnedAccounts',\n RestrictNetworkSwitching = 'restrictNetworkSwitching',\n}\n\nexport enum EndowmentTypes {\n PermittedChains = 'endowment:permitted-chains',\n}\n\nexport enum RestrictedMethods {\n EthAccounts = 'eth_accounts',\n}\n"]}
|
package/dist/types.d.cts
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export declare enum CaveatTypes {
|
|
2
|
+
RestrictReturnedAccounts = "restrictReturnedAccounts",
|
|
3
|
+
RestrictNetworkSwitching = "restrictNetworkSwitching"
|
|
4
|
+
}
|
|
5
|
+
export declare enum EndowmentTypes {
|
|
6
|
+
PermittedChains = "endowment:permitted-chains"
|
|
7
|
+
}
|
|
8
|
+
export declare enum RestrictedMethods {
|
|
9
|
+
EthAccounts = "eth_accounts"
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=types.d.cts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA,oBAAY,WAAW;IACrB,wBAAwB,6BAA6B;IACrD,wBAAwB,6BAA6B;CACtD;AAED,oBAAY,cAAc;IACxB,eAAe,+BAA+B;CAC/C;AAED,oBAAY,iBAAiB;IAC3B,WAAW,iBAAiB;CAC7B"}
|
package/dist/types.d.mts
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export declare enum CaveatTypes {
|
|
2
|
+
RestrictReturnedAccounts = "restrictReturnedAccounts",
|
|
3
|
+
RestrictNetworkSwitching = "restrictNetworkSwitching"
|
|
4
|
+
}
|
|
5
|
+
export declare enum EndowmentTypes {
|
|
6
|
+
PermittedChains = "endowment:permitted-chains"
|
|
7
|
+
}
|
|
8
|
+
export declare enum RestrictedMethods {
|
|
9
|
+
EthAccounts = "eth_accounts"
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=types.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA,oBAAY,WAAW;IACrB,wBAAwB,6BAA6B;IACrD,wBAAwB,6BAA6B;CACtD;AAED,oBAAY,cAAc;IACxB,eAAe,+BAA+B;CAC/C;AAED,oBAAY,iBAAiB;IAC3B,WAAW,iBAAiB;CAC7B"}
|
package/dist/types.mjs
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
// There is no logic in this file.
|
|
2
|
+
/* istanbul ignore file */
|
|
3
|
+
export var CaveatTypes;
|
|
4
|
+
(function (CaveatTypes) {
|
|
5
|
+
CaveatTypes["RestrictReturnedAccounts"] = "restrictReturnedAccounts";
|
|
6
|
+
CaveatTypes["RestrictNetworkSwitching"] = "restrictNetworkSwitching";
|
|
7
|
+
})(CaveatTypes || (CaveatTypes = {}));
|
|
8
|
+
export var EndowmentTypes;
|
|
9
|
+
(function (EndowmentTypes) {
|
|
10
|
+
EndowmentTypes["PermittedChains"] = "endowment:permitted-chains";
|
|
11
|
+
})(EndowmentTypes || (EndowmentTypes = {}));
|
|
12
|
+
export var RestrictedMethods;
|
|
13
|
+
(function (RestrictedMethods) {
|
|
14
|
+
RestrictedMethods["EthAccounts"] = "eth_accounts";
|
|
15
|
+
})(RestrictedMethods || (RestrictedMethods = {}));
|
|
16
|
+
//# sourceMappingURL=types.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.mjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,0BAA0B;AAE1B,MAAM,CAAN,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,oEAAqD,CAAA;IACrD,oEAAqD,CAAA;AACvD,CAAC,EAHW,WAAW,KAAX,WAAW,QAGtB;AAED,MAAM,CAAN,IAAY,cAEX;AAFD,WAAY,cAAc;IACxB,gEAA8C,CAAA;AAChD,CAAC,EAFW,cAAc,KAAd,cAAc,QAEzB;AAED,MAAM,CAAN,IAAY,iBAEX;AAFD,WAAY,iBAAiB;IAC3B,iDAA4B,CAAA;AAC9B,CAAC,EAFW,iBAAiB,KAAjB,iBAAiB,QAE5B","sourcesContent":["// There is no logic in this file.\n/* istanbul ignore file */\n\nexport enum CaveatTypes {\n RestrictReturnedAccounts = 'restrictReturnedAccounts',\n RestrictNetworkSwitching = 'restrictNetworkSwitching',\n}\n\nexport enum EndowmentTypes {\n PermittedChains = 'endowment:permitted-chains',\n}\n\nexport enum RestrictedMethods {\n EthAccounts = 'eth_accounts',\n}\n"]}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getPermissionsHandler = void 0;
|
|
4
|
+
const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
|
|
5
|
+
const permission_controller_1 = require("@metamask/permission-controller");
|
|
6
|
+
const types_1 = require("./types.cjs");
|
|
7
|
+
exports.getPermissionsHandler = {
|
|
8
|
+
methodNames: [permission_controller_1.MethodNames.GetPermissions],
|
|
9
|
+
implementation: getPermissionsImplementation,
|
|
10
|
+
hookNames: {
|
|
11
|
+
getPermissionsForOrigin: true,
|
|
12
|
+
getAccounts: true,
|
|
13
|
+
},
|
|
14
|
+
};
|
|
15
|
+
/**
|
|
16
|
+
* Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
|
|
17
|
+
* It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
|
|
18
|
+
*
|
|
19
|
+
* @param _req - The JsonRpcEngine request - unused
|
|
20
|
+
* @param res - The JsonRpcEngine result object
|
|
21
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
22
|
+
* @param end - JsonRpcEngine end() callback
|
|
23
|
+
* @param options - Method hooks passed to the method implementation
|
|
24
|
+
* @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
|
|
25
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
26
|
+
* @returns A promise that resolves to nothing
|
|
27
|
+
*/
|
|
28
|
+
async function getPermissionsImplementation(_req, res, _next, end, { getPermissionsForOrigin, getAccounts, }) {
|
|
29
|
+
const permissions = { ...getPermissionsForOrigin() };
|
|
30
|
+
const caip25Endowment = permissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
|
|
31
|
+
const caip25CaveatValue = caip25Endowment?.caveats?.find(({ type }) => type === chain_agnostic_permission_1.Caip25CaveatType)?.value;
|
|
32
|
+
delete permissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
|
|
33
|
+
if (caip25CaveatValue) {
|
|
34
|
+
// We cannot derive ethAccounts directly from the CAIP-25 permission
|
|
35
|
+
// because the accounts will not be in order of lastSelected
|
|
36
|
+
const ethAccounts = getAccounts({ ignoreLock: true });
|
|
37
|
+
if (ethAccounts.length > 0) {
|
|
38
|
+
permissions[types_1.RestrictedMethods.EthAccounts] = {
|
|
39
|
+
...caip25Endowment,
|
|
40
|
+
parentCapability: types_1.RestrictedMethods.EthAccounts,
|
|
41
|
+
caveats: [
|
|
42
|
+
{
|
|
43
|
+
type: types_1.CaveatTypes.RestrictReturnedAccounts,
|
|
44
|
+
value: ethAccounts,
|
|
45
|
+
},
|
|
46
|
+
],
|
|
47
|
+
};
|
|
48
|
+
}
|
|
49
|
+
const ethChainIds = (0, chain_agnostic_permission_1.getPermittedEthChainIds)(caip25CaveatValue);
|
|
50
|
+
if (ethChainIds.length > 0) {
|
|
51
|
+
permissions[types_1.EndowmentTypes.PermittedChains] = {
|
|
52
|
+
...caip25Endowment,
|
|
53
|
+
parentCapability: types_1.EndowmentTypes.PermittedChains,
|
|
54
|
+
caveats: [
|
|
55
|
+
{
|
|
56
|
+
type: types_1.CaveatTypes.RestrictNetworkSwitching,
|
|
57
|
+
value: ethChainIds,
|
|
58
|
+
},
|
|
59
|
+
],
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
res.result = Object.values(permissions);
|
|
64
|
+
return end();
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=wallet-getPermissions.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-getPermissions.cjs","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":";;;AACA,mFAI6C;AAK7C,2EAKyC;AAOzC,uCAAyE;AAE5D,QAAA,qBAAqB,GAAG;IACnC,WAAW,EAAE,CAAC,mCAAW,CAAC,cAAc,CAAC;IACzC,cAAc,EAAE,4BAA4B;IAC5C,SAAS,EAAE;QACT,uBAAuB,EAAE,IAAI;QAC7B,WAAW,EAAE,IAAI;KAClB;CACF,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,4BAA4B,CACzC,IAA4B,EAC5B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,uBAAuB,EACvB,WAAW,GASZ;IAED,MAAM,WAAW,GAAG,EAAE,GAAG,uBAAuB,EAAE,EAAE,CAAC;IACrD,MAAM,eAAe,GAAG,WAAW,CAAC,yDAA6B,CAAC,CAAC;IACnE,MAAM,iBAAiB,GAAG,eAAe,EAAE,OAAO,EAAE,IAAI,CACtD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,4CAAgB,CACxC,EAAE,KAAsC,CAAC;IAC1C,OAAO,WAAW,CAAC,yDAA6B,CAAC,CAAC;IAElD,IAAI,iBAAiB,EAAE;QACrB,oEAAoE;QACpE,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,yBAAiB,CAAC,WAAW,CAAC,GAAG;gBAC3C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,yBAAiB,CAAC,WAAW;gBAC/C,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;QAED,MAAM,WAAW,GAAG,IAAA,mDAAuB,EAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,sBAAc,CAAC,eAAe,CAAC,GAAG;gBAC5C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,sBAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACxC,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type CaveatSpecificationConstraint,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const getPermissionsHandler = {\n methodNames: [MethodNames.GetPermissions],\n implementation: getPermissionsImplementation,\n hookNames: {\n getPermissionsForOrigin: true,\n getAccounts: true,\n },\n};\n\n/**\n * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.\n * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.\n *\n * @param _req - The JsonRpcEngine request - unused\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @returns A promise that resolves to nothing\n */\nasync function getPermissionsImplementation(\n _req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getPermissionsForOrigin,\n getAccounts,\n }: {\n getPermissionsForOrigin: () => ReturnType<\n PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n >['getPermissions']\n >;\n getAccounts: (options?: { ignoreLock?: boolean }) => string[];\n },\n) {\n const permissions = { ...getPermissionsForOrigin() };\n const caip25Endowment = permissions[Caip25EndowmentPermissionName];\n const caip25CaveatValue = caip25Endowment?.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n delete permissions[Caip25EndowmentPermissionName];\n\n if (caip25CaveatValue) {\n // We cannot derive ethAccounts directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts({ ignoreLock: true });\n\n if (ethAccounts.length > 0) {\n permissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n }\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n permissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(permissions);\n return end();\n}\n"]}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint } from "@metamask/permission-controller";
|
|
3
|
+
import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const getPermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof getPermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
getPermissionsForOrigin: boolean;
|
|
9
|
+
getAccounts: boolean;
|
|
10
|
+
};
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
|
|
14
|
+
* It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
|
|
15
|
+
*
|
|
16
|
+
* @param _req - The JsonRpcEngine request - unused
|
|
17
|
+
* @param res - The JsonRpcEngine result object
|
|
18
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
19
|
+
* @param end - JsonRpcEngine end() callback
|
|
20
|
+
* @param options - Method hooks passed to the method implementation
|
|
21
|
+
* @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
|
|
22
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
23
|
+
* @returns A promise that resolves to nothing
|
|
24
|
+
*/
|
|
25
|
+
declare function getPermissionsImplementation(_req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getPermissionsForOrigin, getAccounts, }: {
|
|
26
|
+
getPermissionsForOrigin: () => ReturnType<PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>['getPermissions']>;
|
|
27
|
+
getAccounts: (options?: {
|
|
28
|
+
ignoreLock?: boolean;
|
|
29
|
+
}) => string[];
|
|
30
|
+
}): Promise<void>;
|
|
31
|
+
export {};
|
|
32
|
+
//# sourceMappingURL=wallet-getPermissions.d.cts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-getPermissions.d.cts","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EACL,KAAK,6BAA6B,EAClC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACvC,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAIzB,eAAO,MAAM,qBAAqB;;;;;;;CAOjC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,4BAA4B,CACzC,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC5B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,uBAAuB,EACvB,WAAW,GACZ,EAAE;IACD,uBAAuB,EAAE,MAAM,UAAU,CACvC,oBAAoB,CAClB,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC,gBAAgB,CAAC,CACpB,CAAC;IACF,WAAW,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,KAAK,MAAM,EAAE,CAAC;CAC/D,iBA6CF"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint } from "@metamask/permission-controller";
|
|
3
|
+
import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const getPermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof getPermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
getPermissionsForOrigin: boolean;
|
|
9
|
+
getAccounts: boolean;
|
|
10
|
+
};
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
|
|
14
|
+
* It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
|
|
15
|
+
*
|
|
16
|
+
* @param _req - The JsonRpcEngine request - unused
|
|
17
|
+
* @param res - The JsonRpcEngine result object
|
|
18
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
19
|
+
* @param end - JsonRpcEngine end() callback
|
|
20
|
+
* @param options - Method hooks passed to the method implementation
|
|
21
|
+
* @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
|
|
22
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
23
|
+
* @returns A promise that resolves to nothing
|
|
24
|
+
*/
|
|
25
|
+
declare function getPermissionsImplementation(_req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getPermissionsForOrigin, getAccounts, }: {
|
|
26
|
+
getPermissionsForOrigin: () => ReturnType<PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>['getPermissions']>;
|
|
27
|
+
getAccounts: (options?: {
|
|
28
|
+
ignoreLock?: boolean;
|
|
29
|
+
}) => string[];
|
|
30
|
+
}): Promise<void>;
|
|
31
|
+
export {};
|
|
32
|
+
//# sourceMappingURL=wallet-getPermissions.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-getPermissions.d.mts","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EACL,KAAK,6BAA6B,EAClC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACvC,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAIzB,eAAO,MAAM,qBAAqB;;;;;;;CAOjC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,iBAAe,4BAA4B,CACzC,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC5B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,uBAAuB,EACvB,WAAW,GACZ,EAAE;IACD,uBAAuB,EAAE,MAAM,UAAU,CACvC,oBAAoB,CAClB,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC,gBAAgB,CAAC,CACpB,CAAC;IACF,WAAW,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,KAAK,MAAM,EAAE,CAAC;CAC/D,iBA6CF"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
import { Caip25CaveatType, Caip25EndowmentPermissionName, getPermittedEthChainIds } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import { MethodNames } from "@metamask/permission-controller";
|
|
3
|
+
import { CaveatTypes, EndowmentTypes, RestrictedMethods } from "./types.mjs";
|
|
4
|
+
export const getPermissionsHandler = {
|
|
5
|
+
methodNames: [MethodNames.GetPermissions],
|
|
6
|
+
implementation: getPermissionsImplementation,
|
|
7
|
+
hookNames: {
|
|
8
|
+
getPermissionsForOrigin: true,
|
|
9
|
+
getAccounts: true,
|
|
10
|
+
},
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.
|
|
14
|
+
* It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.
|
|
15
|
+
*
|
|
16
|
+
* @param _req - The JsonRpcEngine request - unused
|
|
17
|
+
* @param res - The JsonRpcEngine result object
|
|
18
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
19
|
+
* @param end - JsonRpcEngine end() callback
|
|
20
|
+
* @param options - Method hooks passed to the method implementation
|
|
21
|
+
* @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
|
|
22
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
23
|
+
* @returns A promise that resolves to nothing
|
|
24
|
+
*/
|
|
25
|
+
async function getPermissionsImplementation(_req, res, _next, end, { getPermissionsForOrigin, getAccounts, }) {
|
|
26
|
+
const permissions = { ...getPermissionsForOrigin() };
|
|
27
|
+
const caip25Endowment = permissions[Caip25EndowmentPermissionName];
|
|
28
|
+
const caip25CaveatValue = caip25Endowment?.caveats?.find(({ type }) => type === Caip25CaveatType)?.value;
|
|
29
|
+
delete permissions[Caip25EndowmentPermissionName];
|
|
30
|
+
if (caip25CaveatValue) {
|
|
31
|
+
// We cannot derive ethAccounts directly from the CAIP-25 permission
|
|
32
|
+
// because the accounts will not be in order of lastSelected
|
|
33
|
+
const ethAccounts = getAccounts({ ignoreLock: true });
|
|
34
|
+
if (ethAccounts.length > 0) {
|
|
35
|
+
permissions[RestrictedMethods.EthAccounts] = {
|
|
36
|
+
...caip25Endowment,
|
|
37
|
+
parentCapability: RestrictedMethods.EthAccounts,
|
|
38
|
+
caveats: [
|
|
39
|
+
{
|
|
40
|
+
type: CaveatTypes.RestrictReturnedAccounts,
|
|
41
|
+
value: ethAccounts,
|
|
42
|
+
},
|
|
43
|
+
],
|
|
44
|
+
};
|
|
45
|
+
}
|
|
46
|
+
const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);
|
|
47
|
+
if (ethChainIds.length > 0) {
|
|
48
|
+
permissions[EndowmentTypes.PermittedChains] = {
|
|
49
|
+
...caip25Endowment,
|
|
50
|
+
parentCapability: EndowmentTypes.PermittedChains,
|
|
51
|
+
caveats: [
|
|
52
|
+
{
|
|
53
|
+
type: CaveatTypes.RestrictNetworkSwitching,
|
|
54
|
+
value: ethChainIds,
|
|
55
|
+
},
|
|
56
|
+
],
|
|
57
|
+
};
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
res.result = Object.values(permissions);
|
|
61
|
+
return end();
|
|
62
|
+
}
|
|
63
|
+
//# sourceMappingURL=wallet-getPermissions.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-getPermissions.mjs","sourceRoot":"","sources":["../src/wallet-getPermissions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,uBAAuB,EACxB,4CAA4C;AAK7C,OAAO,EAEL,WAAW,EAGZ,wCAAwC;AAOzC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAEzE,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,WAAW,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC;IACzC,cAAc,EAAE,4BAA4B;IAC5C,SAAS,EAAE;QACT,uBAAuB,EAAE,IAAI;QAC7B,WAAW,EAAE,IAAI;KAClB;CACF,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,4BAA4B,CACzC,IAA4B,EAC5B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,uBAAuB,EACvB,WAAW,GASZ;IAED,MAAM,WAAW,GAAG,EAAE,GAAG,uBAAuB,EAAE,EAAE,CAAC;IACrD,MAAM,eAAe,GAAG,WAAW,CAAC,6BAA6B,CAAC,CAAC;IACnE,MAAM,iBAAiB,GAAG,eAAe,EAAE,OAAO,EAAE,IAAI,CACtD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,gBAAgB,CACxC,EAAE,KAAsC,CAAC;IAC1C,OAAO,WAAW,CAAC,6BAA6B,CAAC,CAAC;IAElD,IAAI,iBAAiB,EAAE;QACrB,oEAAoE;QACpE,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,iBAAiB,CAAC,WAAW,CAAC,GAAG;gBAC3C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,iBAAiB,CAAC,WAAW;gBAC/C,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;QAED,MAAM,WAAW,GAAG,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,WAAW,CAAC,cAAc,CAAC,eAAe,CAAC,GAAG;gBAC5C,GAAG,eAAe;gBAClB,gBAAgB,EAAE,cAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACxC,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type CaveatSpecificationConstraint,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const getPermissionsHandler = {\n methodNames: [MethodNames.GetPermissions],\n implementation: getPermissionsImplementation,\n hookNames: {\n getPermissionsForOrigin: true,\n getAccounts: true,\n },\n};\n\n/**\n * Get Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_getPermissions` RPC method.\n * It makes use of a CAIP-25 endowment permission returned by `getPermissionsForOrigin` hook, if it exists.\n *\n * @param _req - The JsonRpcEngine request - unused\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @returns A promise that resolves to nothing\n */\nasync function getPermissionsImplementation(\n _req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getPermissionsForOrigin,\n getAccounts,\n }: {\n getPermissionsForOrigin: () => ReturnType<\n PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n >['getPermissions']\n >;\n getAccounts: (options?: { ignoreLock?: boolean }) => string[];\n },\n) {\n const permissions = { ...getPermissionsForOrigin() };\n const caip25Endowment = permissions[Caip25EndowmentPermissionName];\n const caip25CaveatValue = caip25Endowment?.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n delete permissions[Caip25EndowmentPermissionName];\n\n if (caip25CaveatValue) {\n // We cannot derive ethAccounts directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts({ ignoreLock: true });\n\n if (ethAccounts.length > 0) {\n permissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n }\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n permissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(permissions);\n return end();\n}\n"]}
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.requestPermissionsHandler = void 0;
|
|
4
|
+
const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
|
|
5
|
+
const controller_utils_1 = require("@metamask/controller-utils");
|
|
6
|
+
const permission_controller_1 = require("@metamask/permission-controller");
|
|
7
|
+
const lodash_1 = require("lodash");
|
|
8
|
+
const types_1 = require("./types.cjs");
|
|
9
|
+
exports.requestPermissionsHandler = {
|
|
10
|
+
methodNames: [permission_controller_1.MethodNames.RequestPermissions],
|
|
11
|
+
implementation: requestPermissionsImplementation,
|
|
12
|
+
hookNames: {
|
|
13
|
+
getAccounts: true,
|
|
14
|
+
requestPermissionsForOrigin: true,
|
|
15
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: true,
|
|
16
|
+
},
|
|
17
|
+
};
|
|
18
|
+
/**
|
|
19
|
+
* Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
|
|
20
|
+
* The request object is expected to contain a CAIP-25 endowment permission.
|
|
21
|
+
*
|
|
22
|
+
* @param req - The JsonRpcEngine request
|
|
23
|
+
* @param res - The JsonRpcEngine result object
|
|
24
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
25
|
+
* @param end - JsonRpcEngine end() callback
|
|
26
|
+
* @param options - Method hooks passed to the method implementation
|
|
27
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
28
|
+
* @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
|
|
29
|
+
* @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
|
|
30
|
+
* @returns Nothing.
|
|
31
|
+
*/
|
|
32
|
+
async function requestPermissionsImplementation(req, res, _next, end, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }) {
|
|
33
|
+
const { params } = req;
|
|
34
|
+
if (!Array.isArray(params) || !(0, controller_utils_1.isPlainObject)(params[0])) {
|
|
35
|
+
return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
|
|
36
|
+
}
|
|
37
|
+
let [requestedPermissions] = params;
|
|
38
|
+
delete requestedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
|
|
39
|
+
const caip25EquivalentPermissions = (0, lodash_1.pick)(requestedPermissions, [
|
|
40
|
+
types_1.RestrictedMethods.EthAccounts,
|
|
41
|
+
types_1.EndowmentTypes.PermittedChains,
|
|
42
|
+
]);
|
|
43
|
+
delete requestedPermissions[types_1.RestrictedMethods.EthAccounts];
|
|
44
|
+
delete requestedPermissions[types_1.EndowmentTypes.PermittedChains];
|
|
45
|
+
const hasCaip25EquivalentPermissions = Object.keys(caip25EquivalentPermissions).length > 0;
|
|
46
|
+
if (hasCaip25EquivalentPermissions) {
|
|
47
|
+
const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(caip25EquivalentPermissions);
|
|
48
|
+
requestedPermissions = { ...requestedPermissions, ...caip25Permission };
|
|
49
|
+
}
|
|
50
|
+
let grantedPermissions = {};
|
|
51
|
+
const [frozenGrantedPermissions] = await requestPermissionsForOrigin(requestedPermissions);
|
|
52
|
+
grantedPermissions = { ...frozenGrantedPermissions };
|
|
53
|
+
if (hasCaip25EquivalentPermissions) {
|
|
54
|
+
const caip25Endowment = grantedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
|
|
55
|
+
if (!caip25Endowment) {
|
|
56
|
+
throw new Error(`could not find ${chain_agnostic_permission_1.Caip25EndowmentPermissionName} permission.`);
|
|
57
|
+
}
|
|
58
|
+
const caip25CaveatValue = caip25Endowment.caveats?.find(({ type }) => type === chain_agnostic_permission_1.Caip25CaveatType)?.value;
|
|
59
|
+
if (!caip25CaveatValue) {
|
|
60
|
+
throw new Error(`could not find ${chain_agnostic_permission_1.Caip25CaveatType} in granted ${chain_agnostic_permission_1.Caip25EndowmentPermissionName} permission.`);
|
|
61
|
+
}
|
|
62
|
+
delete grantedPermissions[chain_agnostic_permission_1.Caip25EndowmentPermissionName];
|
|
63
|
+
// We cannot derive correct eth_accounts value directly from the CAIP-25 permission
|
|
64
|
+
// because the accounts will not be in order of lastSelected
|
|
65
|
+
const ethAccounts = getAccounts();
|
|
66
|
+
grantedPermissions[types_1.RestrictedMethods.EthAccounts] = {
|
|
67
|
+
...caip25Endowment,
|
|
68
|
+
parentCapability: types_1.RestrictedMethods.EthAccounts,
|
|
69
|
+
caveats: [
|
|
70
|
+
{
|
|
71
|
+
type: types_1.CaveatTypes.RestrictReturnedAccounts,
|
|
72
|
+
value: ethAccounts,
|
|
73
|
+
},
|
|
74
|
+
],
|
|
75
|
+
};
|
|
76
|
+
const ethChainIds = (0, chain_agnostic_permission_1.getPermittedEthChainIds)(caip25CaveatValue);
|
|
77
|
+
if (ethChainIds.length > 0) {
|
|
78
|
+
grantedPermissions[types_1.EndowmentTypes.PermittedChains] = {
|
|
79
|
+
...caip25Endowment,
|
|
80
|
+
parentCapability: types_1.EndowmentTypes.PermittedChains,
|
|
81
|
+
caveats: [
|
|
82
|
+
{
|
|
83
|
+
type: types_1.CaveatTypes.RestrictNetworkSwitching,
|
|
84
|
+
value: ethChainIds,
|
|
85
|
+
},
|
|
86
|
+
],
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
res.result = Object.values(grantedPermissions).filter((permission) => permission !== undefined);
|
|
91
|
+
return end();
|
|
92
|
+
}
|
|
93
|
+
//# sourceMappingURL=wallet-requestPermissions.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-requestPermissions.cjs","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":";;;AACA,mFAI6C;AAC7C,iEAA2D;AAK3D,2EASyC;AAMzC,mCAA8B;AAE9B,uCAAyE;AAE5D,QAAA,yBAAyB,GAAG;IACvC,WAAW,EAAE,CAAC,mCAAW,CAAC,kBAAkB,CAAC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,SAAS,EAAE;QACT,WAAW,EAAE,IAAI;QACjB,2BAA2B,EAAE,IAAI;QACjC,iDAAiD,EAAE,IAAI;KACxD;CACF,CAAC;AAWF;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,gCAAgC,CAC7C,GAAgE,EAChE,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GASlD;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAA,gCAAa,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;QACvD,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;IACpC,OAAO,oBAAoB,CAAC,yDAA6B,CAAC,CAAC;IAE3D,MAAM,2BAA2B,GAE7B,IAAA,aAAI,EAAC,oBAAoB,EAAE;QAC7B,yBAAiB,CAAC,WAAW;QAC7B,sBAAc,CAAC,eAAe;KAC/B,CAAC,CAAC;IACH,OAAO,oBAAoB,CAAC,yBAAiB,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,oBAAoB,CAAC,sBAAc,CAAC,eAAe,CAAC,CAAC;IAE5D,MAAM,8BAA8B,GAClC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtD,IAAI,8BAA8B,EAAE;QAClC,MAAM,gBAAgB,GAAG,iDAAiD,CACxE,2BAA2B,CAC5B,CAAC;QACF,oBAAoB,GAAG,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,GAAuB,EAAE,CAAC;IAEhD,MAAM,CAAC,wBAAwB,CAAC,GAC9B,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,CAAC;IAE1D,kBAAkB,GAAG,EAAE,GAAG,wBAAwB,EAAE,CAAC;IAErD,IAAI,8BAA8B,EAAE;QAClC,MAAM,eAAe,GAAG,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QAE1E,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,kBAAkB,yDAA6B,cAAc,CAC9D,CAAC;SACH;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CACrD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,4CAAgB,CACxC,EAAE,KAAsC,CAAC;QAC1C,IAAI,CAAC,iBAAiB,EAAE;YACtB,MAAM,IAAI,KAAK,CACb,kBAAkB,4CAAgB,eAAe,yDAA6B,cAAc,CAC7F,CAAC;SACH;QAED,OAAO,kBAAkB,CAAC,yDAA6B,CAAC,CAAC;QACzD,mFAAmF;QACnF,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;QAElC,kBAAkB,CAAC,yBAAiB,CAAC,WAAW,CAAC,GAAG;YAClD,GAAG,eAAe;YAClB,gBAAgB,EAAE,yBAAiB,CAAC,WAAW;YAC/C,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;oBAC1C,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC;QAEF,MAAM,WAAW,GAAG,IAAA,mDAAuB,EAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,kBAAkB,CAAC,sBAAc,CAAC,eAAe,CAAC,GAAG;gBACnD,GAAG,eAAe;gBAClB,gBAAgB,EAAE,sBAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,mBAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM,CACnD,CACE,UAAqE,EACR,EAAE,CAC/D,UAAU,KAAK,SAAS,CAC3B,CAAC;IACF,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport { isPlainObject } from '@metamask/controller-utils';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type Caveat,\n type CaveatSpecificationConstraint,\n invalidParams,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n type RequestedPermissions,\n type ValidPermission,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { pick } from 'lodash';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const requestPermissionsHandler = {\n methodNames: [MethodNames.RequestPermissions],\n implementation: requestPermissionsImplementation,\n hookNames: {\n getAccounts: true,\n requestPermissionsForOrigin: true,\n getCaip25PermissionFromLegacyPermissionsForOrigin: true,\n },\n};\n\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\ntype GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\n/**\n * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.\n * The request object is expected to contain a CAIP-25 endowment permission.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.\n * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.\n * @returns Nothing.\n */\nasync function requestPermissionsImplementation(\n req: JsonRpcRequest<[RequestedPermissions]> & { origin: string },\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getAccounts,\n requestPermissionsForOrigin,\n getCaip25PermissionFromLegacyPermissionsForOrigin,\n }: {\n getAccounts: () => string[];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n ) => Promise<[GrantedPermissions]>;\n getCaip25PermissionFromLegacyPermissionsForOrigin: (\n requestedPermissions?: RequestedPermissions,\n ) => RequestedPermissions;\n },\n) {\n const { params } = req;\n\n if (!Array.isArray(params) || !isPlainObject(params[0])) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n let [requestedPermissions] = params;\n delete requestedPermissions[Caip25EndowmentPermissionName];\n\n const caip25EquivalentPermissions: Partial<\n Pick<RequestedPermissions, 'eth_accounts' | 'endowment:permitted-chains'>\n > = pick(requestedPermissions, [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ]);\n delete requestedPermissions[RestrictedMethods.EthAccounts];\n delete requestedPermissions[EndowmentTypes.PermittedChains];\n\n const hasCaip25EquivalentPermissions =\n Object.keys(caip25EquivalentPermissions).length > 0;\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(\n caip25EquivalentPermissions,\n );\n requestedPermissions = { ...requestedPermissions, ...caip25Permission };\n }\n\n let grantedPermissions: GrantedPermissions = {};\n\n const [frozenGrantedPermissions] =\n await requestPermissionsForOrigin(requestedPermissions);\n\n grantedPermissions = { ...frozenGrantedPermissions };\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];\n\n if (!caip25Endowment) {\n throw new Error(\n `could not find ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n const caip25CaveatValue = caip25Endowment.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n if (!caip25CaveatValue) {\n throw new Error(\n `could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n delete grantedPermissions[Caip25EndowmentPermissionName];\n // We cannot derive correct eth_accounts value directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts();\n\n grantedPermissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n grantedPermissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(grantedPermissions).filter(\n (\n permission: ValidPermission<string, Caveat<string, Json>> | undefined,\n ): permission is ValidPermission<string, Caveat<string, Json>> =>\n permission !== undefined,\n );\n return end();\n}\n"]}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint, type RequestedPermissions } from "@metamask/permission-controller";
|
|
3
|
+
import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const requestPermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof requestPermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
getAccounts: boolean;
|
|
9
|
+
requestPermissionsForOrigin: boolean;
|
|
10
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: boolean;
|
|
11
|
+
};
|
|
12
|
+
};
|
|
13
|
+
type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
|
|
14
|
+
type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
|
|
15
|
+
/**
|
|
16
|
+
* Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
|
|
17
|
+
* The request object is expected to contain a CAIP-25 endowment permission.
|
|
18
|
+
*
|
|
19
|
+
* @param req - The JsonRpcEngine request
|
|
20
|
+
* @param res - The JsonRpcEngine result object
|
|
21
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
22
|
+
* @param end - JsonRpcEngine end() callback
|
|
23
|
+
* @param options - Method hooks passed to the method implementation
|
|
24
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
25
|
+
* @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
|
|
26
|
+
* @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
|
|
27
|
+
* @returns Nothing.
|
|
28
|
+
*/
|
|
29
|
+
declare function requestPermissionsImplementation(req: JsonRpcRequest<[RequestedPermissions]> & {
|
|
30
|
+
origin: string;
|
|
31
|
+
}, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }: {
|
|
32
|
+
getAccounts: () => string[];
|
|
33
|
+
requestPermissionsForOrigin: (requestedPermissions: RequestedPermissions) => Promise<[GrantedPermissions]>;
|
|
34
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: (requestedPermissions?: RequestedPermissions) => RequestedPermissions;
|
|
35
|
+
}): Promise<void>;
|
|
36
|
+
export {};
|
|
37
|
+
//# sourceMappingURL=wallet-requestPermissions.d.cts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-requestPermissions.d.cts","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAEL,KAAK,6BAA6B,EAElC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACtC,KAAK,oBAAoB,EAE1B,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAKzB,eAAO,MAAM,yBAAyB;;;;;;;;CAQrC,CAAC;AAEF,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,KAAK,kBAAkB,GAAG,OAAO,CAC/B,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL;;;;;;;;;;;;;GAaG;AACH,iBAAe,gCAAgC,CAC7C,GAAG,EAAE,cAAc,CAAC,CAAC,oBAAoB,CAAC,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAChE,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GAClD,EAAE;IACD,WAAW,EAAE,MAAM,MAAM,EAAE,CAAC;IAC5B,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,KACvC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,iDAAiD,EAAE,CACjD,oBAAoB,CAAC,EAAE,oBAAoB,KACxC,oBAAoB,CAAC;CAC3B,iBA8FF"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { type CaveatSpecificationConstraint, MethodNames, type PermissionController, type PermissionSpecificationConstraint, type RequestedPermissions } from "@metamask/permission-controller";
|
|
3
|
+
import type { Json, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const requestPermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof requestPermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
getAccounts: boolean;
|
|
9
|
+
requestPermissionsForOrigin: boolean;
|
|
10
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: boolean;
|
|
11
|
+
};
|
|
12
|
+
};
|
|
13
|
+
type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
|
|
14
|
+
type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
|
|
15
|
+
/**
|
|
16
|
+
* Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
|
|
17
|
+
* The request object is expected to contain a CAIP-25 endowment permission.
|
|
18
|
+
*
|
|
19
|
+
* @param req - The JsonRpcEngine request
|
|
20
|
+
* @param res - The JsonRpcEngine result object
|
|
21
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
22
|
+
* @param end - JsonRpcEngine end() callback
|
|
23
|
+
* @param options - Method hooks passed to the method implementation
|
|
24
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
25
|
+
* @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
|
|
26
|
+
* @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
|
|
27
|
+
* @returns Nothing.
|
|
28
|
+
*/
|
|
29
|
+
declare function requestPermissionsImplementation(req: JsonRpcRequest<[RequestedPermissions]> & {
|
|
30
|
+
origin: string;
|
|
31
|
+
}, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }: {
|
|
32
|
+
getAccounts: () => string[];
|
|
33
|
+
requestPermissionsForOrigin: (requestedPermissions: RequestedPermissions) => Promise<[GrantedPermissions]>;
|
|
34
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: (requestedPermissions?: RequestedPermissions) => RequestedPermissions;
|
|
35
|
+
}): Promise<void>;
|
|
36
|
+
export {};
|
|
37
|
+
//# sourceMappingURL=wallet-requestPermissions.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-requestPermissions.d.mts","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAEL,KAAK,6BAA6B,EAElC,WAAW,EACX,KAAK,oBAAoB,EACzB,KAAK,iCAAiC,EACtC,KAAK,oBAAoB,EAE1B,wCAAwC;AACzC,OAAO,KAAK,EACV,IAAI,EACJ,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAKzB,eAAO,MAAM,yBAAyB;;;;;;;;CAQrC,CAAC;AAEF,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,KAAK,kBAAkB,GAAG,OAAO,CAC/B,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL;;;;;;;;;;;;;GAaG;AACH,iBAAe,gCAAgC,CAC7C,GAAG,EAAE,cAAc,CAAC,CAAC,oBAAoB,CAAC,CAAC,GAAG;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,EAChE,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GAClD,EAAE;IACD,WAAW,EAAE,MAAM,MAAM,EAAE,CAAC;IAC5B,2BAA2B,EAAE,CAC3B,oBAAoB,EAAE,oBAAoB,KACvC,OAAO,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACnC,iDAAiD,EAAE,CACjD,oBAAoB,CAAC,EAAE,oBAAoB,KACxC,oBAAoB,CAAC;CAC3B,iBA8FF"}
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
import { Caip25CaveatType, Caip25EndowmentPermissionName, getPermittedEthChainIds } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import { isPlainObject } from "@metamask/controller-utils";
|
|
3
|
+
import { invalidParams, MethodNames } from "@metamask/permission-controller";
|
|
4
|
+
import $lodash from "lodash";
|
|
5
|
+
const { pick } = $lodash;
|
|
6
|
+
import { CaveatTypes, EndowmentTypes, RestrictedMethods } from "./types.mjs";
|
|
7
|
+
export const requestPermissionsHandler = {
|
|
8
|
+
methodNames: [MethodNames.RequestPermissions],
|
|
9
|
+
implementation: requestPermissionsImplementation,
|
|
10
|
+
hookNames: {
|
|
11
|
+
getAccounts: true,
|
|
12
|
+
requestPermissionsForOrigin: true,
|
|
13
|
+
getCaip25PermissionFromLegacyPermissionsForOrigin: true,
|
|
14
|
+
},
|
|
15
|
+
};
|
|
16
|
+
/**
|
|
17
|
+
* Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.
|
|
18
|
+
* The request object is expected to contain a CAIP-25 endowment permission.
|
|
19
|
+
*
|
|
20
|
+
* @param req - The JsonRpcEngine request
|
|
21
|
+
* @param res - The JsonRpcEngine result object
|
|
22
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
23
|
+
* @param end - JsonRpcEngine end() callback
|
|
24
|
+
* @param options - Method hooks passed to the method implementation
|
|
25
|
+
* @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.
|
|
26
|
+
* @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.
|
|
27
|
+
* @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.
|
|
28
|
+
* @returns Nothing.
|
|
29
|
+
*/
|
|
30
|
+
async function requestPermissionsImplementation(req, res, _next, end, { getAccounts, requestPermissionsForOrigin, getCaip25PermissionFromLegacyPermissionsForOrigin, }) {
|
|
31
|
+
const { params } = req;
|
|
32
|
+
if (!Array.isArray(params) || !isPlainObject(params[0])) {
|
|
33
|
+
return end(invalidParams({ data: { request: req } }));
|
|
34
|
+
}
|
|
35
|
+
let [requestedPermissions] = params;
|
|
36
|
+
delete requestedPermissions[Caip25EndowmentPermissionName];
|
|
37
|
+
const caip25EquivalentPermissions = pick(requestedPermissions, [
|
|
38
|
+
RestrictedMethods.EthAccounts,
|
|
39
|
+
EndowmentTypes.PermittedChains,
|
|
40
|
+
]);
|
|
41
|
+
delete requestedPermissions[RestrictedMethods.EthAccounts];
|
|
42
|
+
delete requestedPermissions[EndowmentTypes.PermittedChains];
|
|
43
|
+
const hasCaip25EquivalentPermissions = Object.keys(caip25EquivalentPermissions).length > 0;
|
|
44
|
+
if (hasCaip25EquivalentPermissions) {
|
|
45
|
+
const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(caip25EquivalentPermissions);
|
|
46
|
+
requestedPermissions = { ...requestedPermissions, ...caip25Permission };
|
|
47
|
+
}
|
|
48
|
+
let grantedPermissions = {};
|
|
49
|
+
const [frozenGrantedPermissions] = await requestPermissionsForOrigin(requestedPermissions);
|
|
50
|
+
grantedPermissions = { ...frozenGrantedPermissions };
|
|
51
|
+
if (hasCaip25EquivalentPermissions) {
|
|
52
|
+
const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];
|
|
53
|
+
if (!caip25Endowment) {
|
|
54
|
+
throw new Error(`could not find ${Caip25EndowmentPermissionName} permission.`);
|
|
55
|
+
}
|
|
56
|
+
const caip25CaveatValue = caip25Endowment.caveats?.find(({ type }) => type === Caip25CaveatType)?.value;
|
|
57
|
+
if (!caip25CaveatValue) {
|
|
58
|
+
throw new Error(`could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`);
|
|
59
|
+
}
|
|
60
|
+
delete grantedPermissions[Caip25EndowmentPermissionName];
|
|
61
|
+
// We cannot derive correct eth_accounts value directly from the CAIP-25 permission
|
|
62
|
+
// because the accounts will not be in order of lastSelected
|
|
63
|
+
const ethAccounts = getAccounts();
|
|
64
|
+
grantedPermissions[RestrictedMethods.EthAccounts] = {
|
|
65
|
+
...caip25Endowment,
|
|
66
|
+
parentCapability: RestrictedMethods.EthAccounts,
|
|
67
|
+
caveats: [
|
|
68
|
+
{
|
|
69
|
+
type: CaveatTypes.RestrictReturnedAccounts,
|
|
70
|
+
value: ethAccounts,
|
|
71
|
+
},
|
|
72
|
+
],
|
|
73
|
+
};
|
|
74
|
+
const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);
|
|
75
|
+
if (ethChainIds.length > 0) {
|
|
76
|
+
grantedPermissions[EndowmentTypes.PermittedChains] = {
|
|
77
|
+
...caip25Endowment,
|
|
78
|
+
parentCapability: EndowmentTypes.PermittedChains,
|
|
79
|
+
caveats: [
|
|
80
|
+
{
|
|
81
|
+
type: CaveatTypes.RestrictNetworkSwitching,
|
|
82
|
+
value: ethChainIds,
|
|
83
|
+
},
|
|
84
|
+
],
|
|
85
|
+
};
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
res.result = Object.values(grantedPermissions).filter((permission) => permission !== undefined);
|
|
89
|
+
return end();
|
|
90
|
+
}
|
|
91
|
+
//# sourceMappingURL=wallet-requestPermissions.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-requestPermissions.mjs","sourceRoot":"","sources":["../src/wallet-requestPermissions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,uBAAuB,EACxB,4CAA4C;AAC7C,OAAO,EAAE,aAAa,EAAE,mCAAmC;AAK3D,OAAO,EAGL,aAAa,EACb,WAAW,EAKZ,wCAAwC;;;AAQzC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAEzE,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,WAAW,EAAE,CAAC,WAAW,CAAC,kBAAkB,CAAC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,SAAS,EAAE;QACT,WAAW,EAAE,IAAI;QACjB,2BAA2B,EAAE,IAAI;QACjC,iDAAiD,EAAE,IAAI;KACxD;CACF,CAAC;AAWF;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,gCAAgC,CAC7C,GAAgE,EAChE,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,WAAW,EACX,2BAA2B,EAC3B,iDAAiD,GASlD;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;QACvD,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;IACpC,OAAO,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;IAE3D,MAAM,2BAA2B,GAE7B,IAAI,CAAC,oBAAoB,EAAE;QAC7B,iBAAiB,CAAC,WAAW;QAC7B,cAAc,CAAC,eAAe;KAC/B,CAAC,CAAC;IACH,OAAO,oBAAoB,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,oBAAoB,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IAE5D,MAAM,8BAA8B,GAClC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtD,IAAI,8BAA8B,EAAE;QAClC,MAAM,gBAAgB,GAAG,iDAAiD,CACxE,2BAA2B,CAC5B,CAAC;QACF,oBAAoB,GAAG,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,EAAE,CAAC;KACzE;IAED,IAAI,kBAAkB,GAAuB,EAAE,CAAC;IAEhD,MAAM,CAAC,wBAAwB,CAAC,GAC9B,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,CAAC;IAE1D,kBAAkB,GAAG,EAAE,GAAG,wBAAwB,EAAE,CAAC;IAErD,IAAI,8BAA8B,EAAE;QAClC,MAAM,eAAe,GAAG,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QAE1E,IAAI,CAAC,eAAe,EAAE;YACpB,MAAM,IAAI,KAAK,CACb,kBAAkB,6BAA6B,cAAc,CAC9D,CAAC;SACH;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CACrD,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,KAAK,gBAAgB,CACxC,EAAE,KAAsC,CAAC;QAC1C,IAAI,CAAC,iBAAiB,EAAE;YACtB,MAAM,IAAI,KAAK,CACb,kBAAkB,gBAAgB,eAAe,6BAA6B,cAAc,CAC7F,CAAC;SACH;QAED,OAAO,kBAAkB,CAAC,6BAA6B,CAAC,CAAC;QACzD,mFAAmF;QACnF,4DAA4D;QAC5D,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;QAElC,kBAAkB,CAAC,iBAAiB,CAAC,WAAW,CAAC,GAAG;YAClD,GAAG,eAAe;YAClB,gBAAgB,EAAE,iBAAiB,CAAC,WAAW;YAC/C,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;oBAC1C,KAAK,EAAE,WAAW;iBACnB;aACF;SACF,CAAC;QAEF,MAAM,WAAW,GAAG,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;QAE/D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,kBAAkB,CAAC,cAAc,CAAC,eAAe,CAAC,GAAG;gBACnD,GAAG,eAAe;gBAClB,gBAAgB,EAAE,cAAc,CAAC,eAAe;gBAChD,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,WAAW,CAAC,wBAAwB;wBAC1C,KAAK,EAAE,WAAW;qBACnB;iBACF;aACF,CAAC;SACH;KACF;IAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM,CACnD,CACE,UAAqE,EACR,EAAE,CAC/D,UAAU,KAAK,SAAS,CAC3B,CAAC;IACF,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type { Caip25CaveatValue } from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getPermittedEthChainIds,\n} from '@metamask/chain-agnostic-permission';\nimport { isPlainObject } from '@metamask/controller-utils';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n type Caveat,\n type CaveatSpecificationConstraint,\n invalidParams,\n MethodNames,\n type PermissionController,\n type PermissionSpecificationConstraint,\n type RequestedPermissions,\n type ValidPermission,\n} from '@metamask/permission-controller';\nimport type {\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { pick } from 'lodash';\n\nimport { CaveatTypes, EndowmentTypes, RestrictedMethods } from './types';\n\nexport const requestPermissionsHandler = {\n methodNames: [MethodNames.RequestPermissions],\n implementation: requestPermissionsImplementation,\n hookNames: {\n getAccounts: true,\n requestPermissionsForOrigin: true,\n getCaip25PermissionFromLegacyPermissionsForOrigin: true,\n },\n};\n\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\ntype GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\n/**\n * Request Permissions implementation to be used in JsonRpcEngine middleware, specifically for `wallet_requestPermissions` RPC method.\n * The request object is expected to contain a CAIP-25 endowment permission.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getAccounts - A hook that returns the permitted eth accounts for the origin sorted by lastSelected.\n * @param options.getCaip25PermissionFromLegacyPermissionsForOrigin - A hook that returns a CAIP-25 permission from a legacy `eth_accounts` and `endowment:permitted-chains` permission.\n * @param options.requestPermissionsForOrigin - A hook that requests CAIP-25 permissions for the origin.\n * @returns Nothing.\n */\nasync function requestPermissionsImplementation(\n req: JsonRpcRequest<[RequestedPermissions]> & { origin: string },\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n getAccounts,\n requestPermissionsForOrigin,\n getCaip25PermissionFromLegacyPermissionsForOrigin,\n }: {\n getAccounts: () => string[];\n requestPermissionsForOrigin: (\n requestedPermissions: RequestedPermissions,\n ) => Promise<[GrantedPermissions]>;\n getCaip25PermissionFromLegacyPermissionsForOrigin: (\n requestedPermissions?: RequestedPermissions,\n ) => RequestedPermissions;\n },\n) {\n const { params } = req;\n\n if (!Array.isArray(params) || !isPlainObject(params[0])) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n let [requestedPermissions] = params;\n delete requestedPermissions[Caip25EndowmentPermissionName];\n\n const caip25EquivalentPermissions: Partial<\n Pick<RequestedPermissions, 'eth_accounts' | 'endowment:permitted-chains'>\n > = pick(requestedPermissions, [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ]);\n delete requestedPermissions[RestrictedMethods.EthAccounts];\n delete requestedPermissions[EndowmentTypes.PermittedChains];\n\n const hasCaip25EquivalentPermissions =\n Object.keys(caip25EquivalentPermissions).length > 0;\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Permission = getCaip25PermissionFromLegacyPermissionsForOrigin(\n caip25EquivalentPermissions,\n );\n requestedPermissions = { ...requestedPermissions, ...caip25Permission };\n }\n\n let grantedPermissions: GrantedPermissions = {};\n\n const [frozenGrantedPermissions] =\n await requestPermissionsForOrigin(requestedPermissions);\n\n grantedPermissions = { ...frozenGrantedPermissions };\n\n if (hasCaip25EquivalentPermissions) {\n const caip25Endowment = grantedPermissions[Caip25EndowmentPermissionName];\n\n if (!caip25Endowment) {\n throw new Error(\n `could not find ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n const caip25CaveatValue = caip25Endowment.caveats?.find(\n ({ type }) => type === Caip25CaveatType,\n )?.value as Caip25CaveatValue | undefined;\n if (!caip25CaveatValue) {\n throw new Error(\n `could not find ${Caip25CaveatType} in granted ${Caip25EndowmentPermissionName} permission.`,\n );\n }\n\n delete grantedPermissions[Caip25EndowmentPermissionName];\n // We cannot derive correct eth_accounts value directly from the CAIP-25 permission\n // because the accounts will not be in order of lastSelected\n const ethAccounts = getAccounts();\n\n grantedPermissions[RestrictedMethods.EthAccounts] = {\n ...caip25Endowment,\n parentCapability: RestrictedMethods.EthAccounts,\n caveats: [\n {\n type: CaveatTypes.RestrictReturnedAccounts,\n value: ethAccounts,\n },\n ],\n };\n\n const ethChainIds = getPermittedEthChainIds(caip25CaveatValue);\n\n if (ethChainIds.length > 0) {\n grantedPermissions[EndowmentTypes.PermittedChains] = {\n ...caip25Endowment,\n parentCapability: EndowmentTypes.PermittedChains,\n caveats: [\n {\n type: CaveatTypes.RestrictNetworkSwitching,\n value: ethChainIds,\n },\n ],\n };\n }\n }\n\n res.result = Object.values(grantedPermissions).filter(\n (\n permission: ValidPermission<string, Caveat<string, Json>> | undefined,\n ): permission is ValidPermission<string, Caveat<string, Json>> =>\n permission !== undefined,\n );\n return end();\n}\n"]}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.revokePermissionsHandler = void 0;
|
|
4
|
+
const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
|
|
5
|
+
const permission_controller_1 = require("@metamask/permission-controller");
|
|
6
|
+
const utils_1 = require("@metamask/utils");
|
|
7
|
+
const types_1 = require("./types.cjs");
|
|
8
|
+
exports.revokePermissionsHandler = {
|
|
9
|
+
methodNames: [permission_controller_1.MethodNames.RevokePermissions],
|
|
10
|
+
implementation: revokePermissionsImplementation,
|
|
11
|
+
hookNames: {
|
|
12
|
+
revokePermissionsForOrigin: true,
|
|
13
|
+
updateCaveat: true,
|
|
14
|
+
},
|
|
15
|
+
};
|
|
16
|
+
/**
|
|
17
|
+
* Revoke Permissions implementation to be used in JsonRpcEngine middleware.
|
|
18
|
+
*
|
|
19
|
+
* @param req - The JsonRpcEngine request
|
|
20
|
+
* @param res - The JsonRpcEngine result object
|
|
21
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
22
|
+
* @param end - JsonRpcEngine end() callback
|
|
23
|
+
* @param options - Method hooks passed to the method implementation
|
|
24
|
+
* @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
|
|
25
|
+
* @returns Nothing.
|
|
26
|
+
*/
|
|
27
|
+
function revokePermissionsImplementation(req, res, _next, end, { revokePermissionsForOrigin, }) {
|
|
28
|
+
const { params } = req;
|
|
29
|
+
const param = params?.[0];
|
|
30
|
+
if (!param) {
|
|
31
|
+
return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
|
|
32
|
+
}
|
|
33
|
+
// For now, this API revokes the entire permission key
|
|
34
|
+
// even if caveats are specified.
|
|
35
|
+
const permissionKeys = Object.keys(param).filter((name) => name !== chain_agnostic_permission_1.Caip25EndowmentPermissionName);
|
|
36
|
+
if (!(0, utils_1.isNonEmptyArray)(permissionKeys)) {
|
|
37
|
+
return end((0, permission_controller_1.invalidParams)({ data: { request: req } }));
|
|
38
|
+
}
|
|
39
|
+
const caip25EquivalentPermissions = [
|
|
40
|
+
types_1.RestrictedMethods.EthAccounts,
|
|
41
|
+
types_1.EndowmentTypes.PermittedChains,
|
|
42
|
+
];
|
|
43
|
+
const relevantPermissionKeys = permissionKeys.filter((name) => !caip25EquivalentPermissions.includes(name));
|
|
44
|
+
const shouldRevokeLegacyPermission = relevantPermissionKeys.length !== permissionKeys.length;
|
|
45
|
+
if (shouldRevokeLegacyPermission) {
|
|
46
|
+
relevantPermissionKeys.push(chain_agnostic_permission_1.Caip25EndowmentPermissionName);
|
|
47
|
+
}
|
|
48
|
+
revokePermissionsForOrigin(relevantPermissionKeys);
|
|
49
|
+
res.result = null;
|
|
50
|
+
return end();
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=wallet-revokePermissions.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-revokePermissions.cjs","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":";;;AAAA,mFAAoF;AAKpF,2EAA6E;AAC7E,2CAKyB;AAEzB,uCAA4D;AAE/C,QAAA,wBAAwB,GAAG;IACtC,WAAW,EAAE,CAAC,mCAAW,CAAC,iBAAiB,CAAC;IAC5C,cAAc,EAAE,+BAA+B;IAC/C,SAAS,EAAE;QACT,0BAA0B,EAAE,IAAI;QAChC,YAAY,EAAE,IAAI;KACnB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAS,+BAA+B,CACtC,GAA2B,EAC3B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,0BAA0B,GAG3B;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IAE1B,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,sDAAsD;IACtD,iCAAiC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAC9C,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,yDAA6B,CACjD,CAAC;IAEF,IAAI,CAAC,IAAA,uBAAe,EAAC,cAAc,CAAC,EAAE;QACpC,OAAO,GAAG,CAAC,IAAA,qCAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,MAAM,2BAA2B,GAAa;QAC5C,yBAAiB,CAAC,WAAW;QAC7B,sBAAc,CAAC,eAAe;KAC/B,CAAC;IACF,MAAM,sBAAsB,GAAG,cAAc,CAAC,MAAM,CAClD,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,4BAA4B,GAChC,sBAAsB,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM,CAAC;IAE1D,IAAI,4BAA4B,EAAE;QAChC,sBAAsB,CAAC,IAAI,CAAC,yDAA6B,CAAC,CAAC;KAC5D;IAED,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;IAEnD,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IAElB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import { Caip25EndowmentPermissionName } from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport { invalidParams, MethodNames } from '@metamask/permission-controller';\nimport {\n isNonEmptyArray,\n type Json,\n type JsonRpcRequest,\n type PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { EndowmentTypes, RestrictedMethods } from './types';\n\nexport const revokePermissionsHandler = {\n methodNames: [MethodNames.RevokePermissions],\n implementation: revokePermissionsImplementation,\n hookNames: {\n revokePermissionsForOrigin: true,\n updateCaveat: true,\n },\n};\n\n/**\n * Revoke Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin\n * @returns Nothing.\n */\nfunction revokePermissionsImplementation(\n req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n revokePermissionsForOrigin,\n }: {\n revokePermissionsForOrigin: (permissionKeys: string[]) => void;\n },\n) {\n const { params } = req;\n\n const param = params?.[0];\n\n if (!param) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n // For now, this API revokes the entire permission key\n // even if caveats are specified.\n const permissionKeys = Object.keys(param).filter(\n (name) => name !== Caip25EndowmentPermissionName,\n );\n\n if (!isNonEmptyArray(permissionKeys)) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n const caip25EquivalentPermissions: string[] = [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ];\n const relevantPermissionKeys = permissionKeys.filter(\n (name: string) => !caip25EquivalentPermissions.includes(name),\n );\n\n const shouldRevokeLegacyPermission =\n relevantPermissionKeys.length !== permissionKeys.length;\n\n if (shouldRevokeLegacyPermission) {\n relevantPermissionKeys.push(Caip25EndowmentPermissionName);\n }\n\n revokePermissionsForOrigin(relevantPermissionKeys);\n\n res.result = null;\n\n return end();\n}\n"]}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { MethodNames } from "@metamask/permission-controller";
|
|
3
|
+
import { type Json, type JsonRpcRequest, type PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const revokePermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof revokePermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
revokePermissionsForOrigin: boolean;
|
|
9
|
+
updateCaveat: boolean;
|
|
10
|
+
};
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Revoke Permissions implementation to be used in JsonRpcEngine middleware.
|
|
14
|
+
*
|
|
15
|
+
* @param req - The JsonRpcEngine request
|
|
16
|
+
* @param res - The JsonRpcEngine result object
|
|
17
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
18
|
+
* @param end - JsonRpcEngine end() callback
|
|
19
|
+
* @param options - Method hooks passed to the method implementation
|
|
20
|
+
* @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
|
|
21
|
+
* @returns Nothing.
|
|
22
|
+
*/
|
|
23
|
+
declare function revokePermissionsImplementation(req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { revokePermissionsForOrigin, }: {
|
|
24
|
+
revokePermissionsForOrigin: (permissionKeys: string[]) => void;
|
|
25
|
+
}): void;
|
|
26
|
+
export {};
|
|
27
|
+
//# sourceMappingURL=wallet-revokePermissions.d.cts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-revokePermissions.d.cts","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAAiB,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EAEL,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC5B,wBAAwB;AAIzB,eAAO,MAAM,wBAAwB;;;;;;;CAOpC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,iBAAS,+BAA+B,CACtC,GAAG,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,0BAA0B,GAC3B,EAAE;IACD,0BAA0B,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;CAChE,QAwCF"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import type { AsyncJsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
|
+
import { MethodNames } from "@metamask/permission-controller";
|
|
3
|
+
import { type Json, type JsonRpcRequest, type PendingJsonRpcResponse } from "@metamask/utils";
|
|
4
|
+
export declare const revokePermissionsHandler: {
|
|
5
|
+
methodNames: MethodNames[];
|
|
6
|
+
implementation: typeof revokePermissionsImplementation;
|
|
7
|
+
hookNames: {
|
|
8
|
+
revokePermissionsForOrigin: boolean;
|
|
9
|
+
updateCaveat: boolean;
|
|
10
|
+
};
|
|
11
|
+
};
|
|
12
|
+
/**
|
|
13
|
+
* Revoke Permissions implementation to be used in JsonRpcEngine middleware.
|
|
14
|
+
*
|
|
15
|
+
* @param req - The JsonRpcEngine request
|
|
16
|
+
* @param res - The JsonRpcEngine result object
|
|
17
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
18
|
+
* @param end - JsonRpcEngine end() callback
|
|
19
|
+
* @param options - Method hooks passed to the method implementation
|
|
20
|
+
* @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
|
|
21
|
+
* @returns Nothing.
|
|
22
|
+
*/
|
|
23
|
+
declare function revokePermissionsImplementation(req: JsonRpcRequest<Json[]>, res: PendingJsonRpcResponse<Json>, _next: AsyncJsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, { revokePermissionsForOrigin, }: {
|
|
24
|
+
revokePermissionsForOrigin: (permissionKeys: string[]) => void;
|
|
25
|
+
}): void;
|
|
26
|
+
export {};
|
|
27
|
+
//# sourceMappingURL=wallet-revokePermissions.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-revokePermissions.d.mts","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,8BAA8B,EAC9B,wBAAwB,EACzB,kCAAkC;AACnC,OAAO,EAAiB,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EAEL,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC5B,wBAAwB;AAIzB,eAAO,MAAM,wBAAwB;;;;;;;CAOpC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,iBAAS,+BAA+B,CACtC,GAAG,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,IAAI,CAAC,EACjC,KAAK,EAAE,8BAA8B,EACrC,GAAG,EAAE,wBAAwB,EAC7B,EACE,0BAA0B,GAC3B,EAAE;IACD,0BAA0B,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,IAAI,CAAC;CAChE,QAwCF"}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
import { Caip25EndowmentPermissionName } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import { invalidParams, MethodNames } from "@metamask/permission-controller";
|
|
3
|
+
import { isNonEmptyArray } from "@metamask/utils";
|
|
4
|
+
import { EndowmentTypes, RestrictedMethods } from "./types.mjs";
|
|
5
|
+
export const revokePermissionsHandler = {
|
|
6
|
+
methodNames: [MethodNames.RevokePermissions],
|
|
7
|
+
implementation: revokePermissionsImplementation,
|
|
8
|
+
hookNames: {
|
|
9
|
+
revokePermissionsForOrigin: true,
|
|
10
|
+
updateCaveat: true,
|
|
11
|
+
},
|
|
12
|
+
};
|
|
13
|
+
/**
|
|
14
|
+
* Revoke Permissions implementation to be used in JsonRpcEngine middleware.
|
|
15
|
+
*
|
|
16
|
+
* @param req - The JsonRpcEngine request
|
|
17
|
+
* @param res - The JsonRpcEngine result object
|
|
18
|
+
* @param _next - JsonRpcEngine next() callback - unused
|
|
19
|
+
* @param end - JsonRpcEngine end() callback
|
|
20
|
+
* @param options - Method hooks passed to the method implementation
|
|
21
|
+
* @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
|
|
22
|
+
* @returns Nothing.
|
|
23
|
+
*/
|
|
24
|
+
function revokePermissionsImplementation(req, res, _next, end, { revokePermissionsForOrigin, }) {
|
|
25
|
+
const { params } = req;
|
|
26
|
+
const param = params?.[0];
|
|
27
|
+
if (!param) {
|
|
28
|
+
return end(invalidParams({ data: { request: req } }));
|
|
29
|
+
}
|
|
30
|
+
// For now, this API revokes the entire permission key
|
|
31
|
+
// even if caveats are specified.
|
|
32
|
+
const permissionKeys = Object.keys(param).filter((name) => name !== Caip25EndowmentPermissionName);
|
|
33
|
+
if (!isNonEmptyArray(permissionKeys)) {
|
|
34
|
+
return end(invalidParams({ data: { request: req } }));
|
|
35
|
+
}
|
|
36
|
+
const caip25EquivalentPermissions = [
|
|
37
|
+
RestrictedMethods.EthAccounts,
|
|
38
|
+
EndowmentTypes.PermittedChains,
|
|
39
|
+
];
|
|
40
|
+
const relevantPermissionKeys = permissionKeys.filter((name) => !caip25EquivalentPermissions.includes(name));
|
|
41
|
+
const shouldRevokeLegacyPermission = relevantPermissionKeys.length !== permissionKeys.length;
|
|
42
|
+
if (shouldRevokeLegacyPermission) {
|
|
43
|
+
relevantPermissionKeys.push(Caip25EndowmentPermissionName);
|
|
44
|
+
}
|
|
45
|
+
revokePermissionsForOrigin(relevantPermissionKeys);
|
|
46
|
+
res.result = null;
|
|
47
|
+
return end();
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=wallet-revokePermissions.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-revokePermissions.mjs","sourceRoot":"","sources":["../src/wallet-revokePermissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,4CAA4C;AAKpF,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,wCAAwC;AAC7E,OAAO,EACL,eAAe,EAIhB,wBAAwB;AAEzB,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,oBAAgB;AAE5D,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,WAAW,EAAE,CAAC,WAAW,CAAC,iBAAiB,CAAC;IAC5C,cAAc,EAAE,+BAA+B;IAC/C,SAAS,EAAE;QACT,0BAA0B,EAAE,IAAI;QAChC,YAAY,EAAE,IAAI;KACnB;CACF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAS,+BAA+B,CACtC,GAA2B,EAC3B,GAAiC,EACjC,KAAqC,EACrC,GAA6B,EAC7B,EACE,0BAA0B,GAG3B;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IAE1B,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,sDAAsD;IACtD,iCAAiC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAC9C,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,6BAA6B,CACjD,CAAC;IAEF,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,EAAE;QACpC,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;KACvD;IAED,MAAM,2BAA2B,GAAa;QAC5C,iBAAiB,CAAC,WAAW;QAC7B,cAAc,CAAC,eAAe;KAC/B,CAAC;IACF,MAAM,sBAAsB,GAAG,cAAc,CAAC,MAAM,CAClD,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC9D,CAAC;IAEF,MAAM,4BAA4B,GAChC,sBAAsB,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM,CAAC;IAE1D,IAAI,4BAA4B,EAAE;QAChC,sBAAsB,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;KAC5D;IAED,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;IAEnD,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;IAElB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import { Caip25EndowmentPermissionName } from '@metamask/chain-agnostic-permission';\nimport type {\n AsyncJsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport { invalidParams, MethodNames } from '@metamask/permission-controller';\nimport {\n isNonEmptyArray,\n type Json,\n type JsonRpcRequest,\n type PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport { EndowmentTypes, RestrictedMethods } from './types';\n\nexport const revokePermissionsHandler = {\n methodNames: [MethodNames.RevokePermissions],\n implementation: revokePermissionsImplementation,\n hookNames: {\n revokePermissionsForOrigin: true,\n updateCaveat: true,\n },\n};\n\n/**\n * Revoke Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin\n * @returns Nothing.\n */\nfunction revokePermissionsImplementation(\n req: JsonRpcRequest<Json[]>,\n res: PendingJsonRpcResponse<Json>,\n _next: AsyncJsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n {\n revokePermissionsForOrigin,\n }: {\n revokePermissionsForOrigin: (permissionKeys: string[]) => void;\n },\n) {\n const { params } = req;\n\n const param = params?.[0];\n\n if (!param) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n // For now, this API revokes the entire permission key\n // even if caveats are specified.\n const permissionKeys = Object.keys(param).filter(\n (name) => name !== Caip25EndowmentPermissionName,\n );\n\n if (!isNonEmptyArray(permissionKeys)) {\n return end(invalidParams({ data: { request: req } }));\n }\n\n const caip25EquivalentPermissions: string[] = [\n RestrictedMethods.EthAccounts,\n EndowmentTypes.PermittedChains,\n ];\n const relevantPermissionKeys = permissionKeys.filter(\n (name: string) => !caip25EquivalentPermissions.includes(name),\n );\n\n const shouldRevokeLegacyPermission =\n relevantPermissionKeys.length !== permissionKeys.length;\n\n if (shouldRevokeLegacyPermission) {\n relevantPermissionKeys.push(Caip25EndowmentPermissionName);\n }\n\n revokePermissionsForOrigin(relevantPermissionKeys);\n\n res.result = null;\n\n return end();\n}\n"]}
|
package/package.json
ADDED
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@metamask-previews/eip1193-permission-middleware",
|
|
3
|
+
"version": "0.1.0-preview-b69c669",
|
|
4
|
+
"description": "Implements the JSON-RPC methods for managing permissions as referenced in EIP-2255 and MIP-2 and inspired by MIP-5, but supporting chain-agnostic permission caveats in alignment with @metamask/multichain-api-middleware",
|
|
5
|
+
"keywords": [
|
|
6
|
+
"MetaMask",
|
|
7
|
+
"Ethereum"
|
|
8
|
+
],
|
|
9
|
+
"homepage": "https://github.com/MetaMask/core/tree/main/packages/eip1193-permission-middleware#readme",
|
|
10
|
+
"bugs": {
|
|
11
|
+
"url": "https://github.com/MetaMask/core/issues"
|
|
12
|
+
},
|
|
13
|
+
"repository": {
|
|
14
|
+
"type": "git",
|
|
15
|
+
"url": "https://github.com/MetaMask/core.git"
|
|
16
|
+
},
|
|
17
|
+
"license": "MIT",
|
|
18
|
+
"sideEffects": false,
|
|
19
|
+
"exports": {
|
|
20
|
+
".": {
|
|
21
|
+
"import": {
|
|
22
|
+
"types": "./dist/index.d.mts",
|
|
23
|
+
"default": "./dist/index.mjs"
|
|
24
|
+
},
|
|
25
|
+
"require": {
|
|
26
|
+
"types": "./dist/index.d.cts",
|
|
27
|
+
"default": "./dist/index.cjs"
|
|
28
|
+
}
|
|
29
|
+
},
|
|
30
|
+
"./package.json": "./package.json"
|
|
31
|
+
},
|
|
32
|
+
"main": "./dist/index.cjs",
|
|
33
|
+
"types": "./dist/index.d.cts",
|
|
34
|
+
"files": [
|
|
35
|
+
"dist/"
|
|
36
|
+
],
|
|
37
|
+
"scripts": {
|
|
38
|
+
"build": "ts-bridge --project tsconfig.build.json --verbose --clean --no-references",
|
|
39
|
+
"build:docs": "typedoc",
|
|
40
|
+
"changelog:update": "../../scripts/update-changelog.sh @metamask/eip1193-permission-middleware",
|
|
41
|
+
"changelog:validate": "../../scripts/validate-changelog.sh @metamask/eip1193-permission-middleware",
|
|
42
|
+
"publish:preview": "yarn npm publish --tag preview",
|
|
43
|
+
"since-latest-release": "../../scripts/since-latest-release.sh",
|
|
44
|
+
"test": "NODE_OPTIONS=--experimental-vm-modules jest --reporters=jest-silent-reporter",
|
|
45
|
+
"test:clean": "NODE_OPTIONS=--experimental-vm-modules jest --clearCache",
|
|
46
|
+
"test:verbose": "NODE_OPTIONS=--experimental-vm-modules jest --verbose",
|
|
47
|
+
"test:watch": "NODE_OPTIONS=--experimental-vm-modules jest --watch"
|
|
48
|
+
},
|
|
49
|
+
"dependencies": {
|
|
50
|
+
"@metamask/chain-agnostic-permission": "^0.1.0",
|
|
51
|
+
"@metamask/controller-utils": "^11.6.0",
|
|
52
|
+
"@metamask/json-rpc-engine": "^10.0.3",
|
|
53
|
+
"@metamask/permission-controller": "^11.0.6",
|
|
54
|
+
"@metamask/utils": "^11.2.0",
|
|
55
|
+
"lodash": "^4.17.21"
|
|
56
|
+
},
|
|
57
|
+
"devDependencies": {
|
|
58
|
+
"@metamask/auto-changelog": "^3.4.4",
|
|
59
|
+
"@metamask/rpc-errors": "^7.0.2",
|
|
60
|
+
"@types/jest": "^27.4.1",
|
|
61
|
+
"deepmerge": "^4.2.2",
|
|
62
|
+
"jest": "^27.5.1",
|
|
63
|
+
"ts-jest": "^27.1.4",
|
|
64
|
+
"typedoc": "^0.24.8",
|
|
65
|
+
"typedoc-plugin-missing-exports": "^2.0.0",
|
|
66
|
+
"typescript": "~5.2.2"
|
|
67
|
+
},
|
|
68
|
+
"engines": {
|
|
69
|
+
"node": "^18.18 || >=20"
|
|
70
|
+
},
|
|
71
|
+
"publishConfig": {
|
|
72
|
+
"access": "public",
|
|
73
|
+
"registry": "https://registry.npmjs.org/"
|
|
74
|
+
}
|
|
75
|
+
}
|