@metamask-previews/multichain-api-middleware 1.0.0-preview-8ccfcb37 → 1.1.0-preview-a5441fae
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -1
- package/dist/handlers/types.cjs.map +1 -1
- package/dist/handlers/types.d.cts +7 -1
- package/dist/handlers/types.d.cts.map +1 -1
- package/dist/handlers/types.d.mts +7 -1
- package/dist/handlers/types.d.mts.map +1 -1
- package/dist/handlers/types.mjs.map +1 -1
- package/dist/handlers/wallet-invokeMethod.cjs +1 -1
- package/dist/handlers/wallet-invokeMethod.cjs.map +1 -1
- package/dist/handlers/wallet-invokeMethod.mjs +1 -1
- package/dist/handlers/wallet-invokeMethod.mjs.map +1 -1
- package/dist/handlers/wallet-revokeSession.cjs +47 -3
- package/dist/handlers/wallet-revokeSession.cjs.map +1 -1
- package/dist/handlers/wallet-revokeSession.d.cts +11 -5
- package/dist/handlers/wallet-revokeSession.d.cts.map +1 -1
- package/dist/handlers/wallet-revokeSession.d.mts +11 -5
- package/dist/handlers/wallet-revokeSession.d.mts.map +1 -1
- package/dist/handlers/wallet-revokeSession.mjs +49 -5
- package/dist/handlers/wallet-revokeSession.mjs.map +1 -1
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
|
@@ -9,6 +9,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
9
9
|
|
|
10
10
|
### Changed
|
|
11
11
|
|
|
12
|
+
- Bump `@metamask/utils` from `^11.8.0` to `^11.8.1` ([#6708](https://github.com/MetaMask/core/pull/6708))
|
|
13
|
+
- `wallet_invokeMethod` requests no longer fail with unauthorized error if the `isMultichainOrigin` property is false on the requesting origin's CAIP-25 Permission.
|
|
14
|
+
|
|
15
|
+
## [1.1.0]
|
|
16
|
+
|
|
17
|
+
### Changed
|
|
18
|
+
|
|
19
|
+
- Add partial permission revoke into `wallet_revokeSession` ([#6668](https://github.com/MetaMask/core/pull/6668))
|
|
12
20
|
- Bump `@metamask/chain-agnostic-permission` from `1.0.0` to `1.1.1` ([#6241](https://github.com/MetaMask/core/pull/6241), [#6345](https://github.com/MetaMask/core/pull/6241))
|
|
13
21
|
- Bump `@metamask/controller-utils` from `^11.10.0` to `^11.14.0` ([#6069](https://github.com/MetaMask/core/pull/6069), [#6303](https://github.com/MetaMask/core/pull/6303), [#6620](https://github.com/MetaMask/core/pull/6620), [#6629](https://github.com/MetaMask/core/pull/6629))
|
|
14
22
|
- Bump `@metamask/network-controller` from `^24.0.0` to `^24.2.0` ([#6148](https://github.com/MetaMask/core/pull/6148), [#6303](https://github.com/MetaMask/core/pull/6303), [#6678](https://github.com/MetaMask/core/pull/6678))
|
|
@@ -75,7 +83,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
75
83
|
|
|
76
84
|
- Initial release
|
|
77
85
|
|
|
78
|
-
[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@1.
|
|
86
|
+
[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@1.1.0...HEAD
|
|
87
|
+
[1.1.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@1.0.0...@metamask/multichain-api-middleware@1.1.0
|
|
79
88
|
[1.0.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.4.0...@metamask/multichain-api-middleware@1.0.0
|
|
80
89
|
[0.4.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.3.0...@metamask/multichain-api-middleware@0.4.0
|
|
81
90
|
[0.3.0]: https://github.com/MetaMask/core/compare/@metamask/multichain-api-middleware@0.2.0...@metamask/multichain-api-middleware@0.3.0
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.cjs","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"types.cjs","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":";;;AAWA;;GAEG;AACH,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,sEAAwC,CAAA;IACxC,4DAA8B,CAAA;AAChC,CAAC,EAHW,0BAA0B,0CAA1B,0BAA0B,QAGrC","sourcesContent":["import type {\n Caip25CaveatType,\n Caip25CaveatValue,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n Caveat,\n CaveatSpecificationConstraint,\n PermissionController,\n PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\n\n/**\n * Multichain API notifications currently supported by/known to the wallet.\n */\nexport enum MultichainApiNotifications {\n sessionChanged = 'wallet_sessionChanged',\n walletNotify = 'wallet_notify',\n}\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\nexport type GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\nexport type WalletRevokeSessionHooks = {\n revokePermissionForOrigin: (permissionName: string) => void;\n updateCaveat: (\n target: string,\n caveatType: string,\n caveatValue: Caip25CaveatValue,\n ) => void;\n getCaveatForOrigin: (\n endowmentPermissionName: string,\n caveatType: string,\n ) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;\n};\n"]}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import type {
|
|
1
|
+
import type { Caip25CaveatType, Caip25CaveatValue } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import type { Caveat, CaveatSpecificationConstraint, PermissionController, PermissionSpecificationConstraint } from "@metamask/permission-controller";
|
|
2
3
|
/**
|
|
3
4
|
* Multichain API notifications currently supported by/known to the wallet.
|
|
4
5
|
*/
|
|
@@ -8,5 +9,10 @@ export declare enum MultichainApiNotifications {
|
|
|
8
9
|
}
|
|
9
10
|
type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
|
|
10
11
|
export type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
|
|
12
|
+
export type WalletRevokeSessionHooks = {
|
|
13
|
+
revokePermissionForOrigin: (permissionName: string) => void;
|
|
14
|
+
updateCaveat: (target: string, caveatType: string, caveatValue: Caip25CaveatValue) => void;
|
|
15
|
+
getCaveatForOrigin: (endowmentPermissionName: string, caveatType: string) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;
|
|
16
|
+
};
|
|
11
17
|
export {};
|
|
12
18
|
//# sourceMappingURL=types.d.cts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,6BAA6B,EAC7B,oBAAoB,EACpB,iCAAiC,EAClC,wCAAwC;AAEzC;;GAEG;AACH,oBAAY,0BAA0B;IACpC,cAAc,0BAA0B;IACxC,YAAY,kBAAkB;CAC/B;AACD,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,iBAAiB,EAClB,4CAA4C;AAC7C,OAAO,KAAK,EACV,MAAM,EACN,6BAA6B,EAC7B,oBAAoB,EACpB,iCAAiC,EAClC,wCAAwC;AAEzC;;GAEG;AACH,oBAAY,0BAA0B;IACpC,cAAc,0BAA0B;IACxC,YAAY,kBAAkB;CAC/B;AACD,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL,MAAM,MAAM,wBAAwB,GAAG;IACrC,yBAAyB,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,IAAI,CAAC;IAC5D,YAAY,EAAE,CACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,iBAAiB,KAC3B,IAAI,CAAC;IACV,kBAAkB,EAAE,CAClB,uBAAuB,EAAE,MAAM,EAC/B,UAAU,EAAE,MAAM,KACf,MAAM,CAAC,OAAO,gBAAgB,EAAE,iBAAiB,CAAC,CAAC;CACzD,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import type {
|
|
1
|
+
import type { Caip25CaveatType, Caip25CaveatValue } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import type { Caveat, CaveatSpecificationConstraint, PermissionController, PermissionSpecificationConstraint } from "@metamask/permission-controller";
|
|
2
3
|
/**
|
|
3
4
|
* Multichain API notifications currently supported by/known to the wallet.
|
|
4
5
|
*/
|
|
@@ -8,5 +9,10 @@ export declare enum MultichainApiNotifications {
|
|
|
8
9
|
}
|
|
9
10
|
type AbstractPermissionController = PermissionController<PermissionSpecificationConstraint, CaveatSpecificationConstraint>;
|
|
10
11
|
export type GrantedPermissions = Awaited<ReturnType<AbstractPermissionController['requestPermissions']>>[0];
|
|
12
|
+
export type WalletRevokeSessionHooks = {
|
|
13
|
+
revokePermissionForOrigin: (permissionName: string) => void;
|
|
14
|
+
updateCaveat: (target: string, caveatType: string, caveatValue: Caip25CaveatValue) => void;
|
|
15
|
+
getCaveatForOrigin: (endowmentPermissionName: string, caveatType: string) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;
|
|
16
|
+
};
|
|
11
17
|
export {};
|
|
12
18
|
//# sourceMappingURL=types.d.mts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,6BAA6B,EAC7B,oBAAoB,EACpB,iCAAiC,EAClC,wCAAwC;AAEzC;;GAEG;AACH,oBAAY,0BAA0B;IACpC,cAAc,0BAA0B;IACxC,YAAY,kBAAkB;CAC/B;AACD,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,iBAAiB,EAClB,4CAA4C;AAC7C,OAAO,KAAK,EACV,MAAM,EACN,6BAA6B,EAC7B,oBAAoB,EACpB,iCAAiC,EAClC,wCAAwC;AAEzC;;GAEG;AACH,oBAAY,0BAA0B;IACpC,cAAc,0BAA0B;IACxC,YAAY,kBAAkB;CAC/B;AACD,KAAK,4BAA4B,GAAG,oBAAoB,CACtD,iCAAiC,EACjC,6BAA6B,CAC9B,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,UAAU,CAAC,4BAA4B,CAAC,oBAAoB,CAAC,CAAC,CAC/D,CAAC,CAAC,CAAC,CAAC;AAEL,MAAM,MAAM,wBAAwB,GAAG;IACrC,yBAAyB,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,IAAI,CAAC;IAC5D,YAAY,EAAE,CACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,iBAAiB,KAC3B,IAAI,CAAC;IACV,kBAAkB,EAAE,CAClB,uBAAuB,EAAE,MAAM,EAC/B,UAAU,EAAE,MAAM,KACf,MAAM,CAAC,OAAO,gBAAgB,EAAE,iBAAiB,CAAC,CAAC;CACzD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.mjs","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"types.mjs","sourceRoot":"","sources":["../../src/handlers/types.ts"],"names":[],"mappings":"AAWA;;GAEG;AACH,MAAM,CAAN,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,sEAAwC,CAAA;IACxC,4DAA8B,CAAA;AAChC,CAAC,EAHW,0BAA0B,KAA1B,0BAA0B,QAGrC","sourcesContent":["import type {\n Caip25CaveatType,\n Caip25CaveatValue,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n Caveat,\n CaveatSpecificationConstraint,\n PermissionController,\n PermissionSpecificationConstraint,\n} from '@metamask/permission-controller';\n\n/**\n * Multichain API notifications currently supported by/known to the wallet.\n */\nexport enum MultichainApiNotifications {\n sessionChanged = 'wallet_sessionChanged',\n walletNotify = 'wallet_notify',\n}\ntype AbstractPermissionController = PermissionController<\n PermissionSpecificationConstraint,\n CaveatSpecificationConstraint\n>;\n\nexport type GrantedPermissions = Awaited<\n ReturnType<AbstractPermissionController['requestPermissions']>\n>[0];\n\nexport type WalletRevokeSessionHooks = {\n revokePermissionForOrigin: (permissionName: string) => void;\n updateCaveat: (\n target: string,\n caveatType: string,\n caveatValue: Caip25CaveatValue,\n ) => void;\n getCaveatForOrigin: (\n endowmentPermissionName: string,\n caveatType: string,\n ) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;\n};\n"]}
|
|
@@ -31,7 +31,7 @@ async function walletInvokeMethodHandler(request, response, next, end, hooks) {
|
|
|
31
31
|
catch {
|
|
32
32
|
// noop
|
|
33
33
|
}
|
|
34
|
-
if (!caveat
|
|
34
|
+
if (!caveat) {
|
|
35
35
|
return end(rpc_errors_1.providerErrors.unauthorized());
|
|
36
36
|
}
|
|
37
37
|
const scopeObject = (0, chain_agnostic_permission_1.getSessionScopes)(caveat.value, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-invokeMethod.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-invokeMethod.ts"],"names":[],"mappings":";;;AAIA,mFAM6C;AAG7C,qDAAiE;AASjE,2CAAkE;AAUlE;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,yBAAyB,CACtC,OAAkC,EAClC,QAAgC,EAChC,IAAgB,EAChB,GAA4B,EAC5B,KAaC;IAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAE1D,IAAA,uDAA2B,EAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,MAAM,CAAC;IACX,IAAI;QACF,MAAM,GAAG,KAAK,CAAC,kBAAkB,CAC/B,yDAA6B,EAC7B,4CAAgB,CACjB,CAAC;KACH;IAAC,MAAM;QACN,OAAO;KACR;IACD,IAAI,CAAC,MAAM,EAAE
|
|
1
|
+
{"version":3,"file":"wallet-invokeMethod.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-invokeMethod.ts"],"names":[],"mappings":";;;AAIA,mFAM6C;AAG7C,qDAAiE;AASjE,2CAAkE;AAUlE;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,yBAAyB,CACtC,OAAkC,EAClC,QAAgC,EAChC,IAAgB,EAChB,GAA4B,EAC5B,KAaC;IAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAE1D,IAAA,uDAA2B,EAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,MAAM,CAAC;IACX,IAAI;QACF,MAAM,GAAG,KAAK,CAAC,kBAAkB,CAC/B,yDAA6B,EAC7B,4CAAgB,CACjB,CAAC;KACH;IAAC,MAAM;QACN,OAAO;KACR;IACD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,GAAG,CAAC,2BAAc,CAAC,YAAY,EAAE,CAAC,CAAC;KAC3C;IAED,MAAM,WAAW,GAAG,IAAA,4CAAgB,EAAC,MAAM,CAAC,KAAK,EAAE;QACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;KAC3D,CAAC,CAAC,KAAK,CAAC,CAAC;IAEV,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE;QAC1D,OAAO,GAAG,CAAC,2BAAc,CAAC,YAAY,EAAE,CAAC,CAAC;KAC3C;IAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,IAAA,4CAAgB,EAAC,KAAK,CAAC,CAAC;IAEzD,MAAM,YAAY,GAChB,CAAC,SAAS,KAAK,0BAAkB,CAAC,MAAM;QACtC,CAAC,CAAC,SAAS,IAAI,SAAS,KAAK,0BAAkB,CAAC,MAAM,CAAC,CAAC;QAC1D,SAAS,KAAK,0BAAkB,CAAC,MAAM,CAAC;IAE1C,MAAM,gBAAgB,GAAG;QACvB,GAAG,OAAO;QACV,KAAK;QACL,MAAM,EAAE,cAAc,CAAC,MAAM;QAC7B,MAAM,EAAE,cAAc,CAAC,MAAM;KAC9B,CAAC;IAEF,IAAI,YAAY,EAAE;QAChB,IAAI,eAAe,CAAC;QACpB,IAAI,SAAS,KAAK,0BAAkB,CAAC,MAAM,EAAE;YAC3C,eAAe,GAAG,KAAK,CAAC,0BAA0B,EAAE,CAAC;SACtD;aAAM,IAAI,SAAS,KAAK,0BAAkB,CAAC,MAAM,EAAE;YAClD,IAAI,SAAS,EAAE;gBACb,eAAe,GAAG,KAAK,CAAC,4BAA4B,CAClD,IAAA,mBAAW,EAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CACrC,CAAC;aACH;SACF;QAED,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,CAAC,KAAK,CACX,0DAA0D,EAC1D,OAAO,CACR,CAAC;YACF,OAAO,GAAG,CAAC,sBAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;SAClC;QAED,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE;YACrB,GAAG,gBAAgB;YACnB,eAAe;SAChB,CAAC,CAAC;QACH,OAAO,IAAI,EAAE,CAAC;KACf;IAED,IAAI;QACF,QAAQ,CAAC,MAAM,GAAG,MAAM,KAAK,CAAC,4BAA4B,CAAC;YACzD,kBAAkB,EAAE,WAAW,CAAC,QAAQ;YACxC,uEAAuE;YACvE,kCAAkC;YAClC,KAAK,EAAE,KAAoB;YAC3B,OAAO,EAAE,gBAAgB;SAC1B,CAAC,CAAC;KACJ;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAY,CAAC,CAAC;KAC1B;IACD,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AACY,QAAA,kBAAkB,GAAG;IAChC,WAAW,EAAE,CAAC,qBAAqB,CAAC;IACpC,cAAc,EAAE,yBAAyB;IACzC,SAAS,EAAE;QACT,kBAAkB,EAAE,IAAI;QACxB,4BAA4B,EAAE,IAAI;QAClC,0BAA0B,EAAE,IAAI;QAChC,yBAAyB,EAAE,IAAI;QAC/B,4BAA4B,EAAE,IAAI;KACnC;CACF,CAAC","sourcesContent":["import type {\n Caip25CaveatValue,\n ExternalScopeString,\n} from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n assertIsInternalScopeString,\n getSessionScopes,\n parseScopeString,\n} from '@metamask/chain-agnostic-permission';\nimport type { NetworkClientId } from '@metamask/network-controller';\nimport type { Caveat } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n CaipAccountId,\n CaipChainId,\n Hex,\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { KnownCaipNamespace, numberToHex } from '@metamask/utils';\n\nexport type WalletInvokeMethodRequest = JsonRpcRequest & {\n origin: string;\n params: {\n scope: ExternalScopeString;\n request: Pick<JsonRpcRequest, 'method' | 'params'>;\n };\n};\n\n/**\n * Handler for the `wallet_invokeMethod` RPC method as specified by [CAIP-27](https://chainagnostic.org/CAIPs/caip-27).\n * The implementation below deviates from the linked spec in that it ignores the `sessionId` param\n * and instead uses the singular session for the origin if available.\n *\n * @param request - The request object.\n * @param response - The response object. Unused.\n * @param next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.getCaveatForOrigin - the hook for getting a caveat from a permission for an origin.\n * @param hooks.findNetworkClientIdByChainId - the hook for finding the networkClientId for a chainId.\n * @param hooks.getSelectedNetworkClientId - the hook for getting the current globally selected networkClientId.\n * @param hooks.getNonEvmSupportedMethods - A function that returns the supported methods for a non EVM scope.\n * @param hooks.handleNonEvmRequestForOrigin - A function that sends a request to the MultichainRouter for processing.\n * @returns Nothing.\n */\nasync function walletInvokeMethodHandler(\n request: WalletInvokeMethodRequest,\n response: PendingJsonRpcResponse,\n next: () => void,\n end: (error?: Error) => void,\n hooks: {\n getCaveatForOrigin: (\n endowmentPermissionName: string,\n caveatType: string,\n ) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;\n findNetworkClientIdByChainId: (chainId: Hex) => NetworkClientId | undefined;\n getSelectedNetworkClientId: () => NetworkClientId;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n handleNonEvmRequestForOrigin: (params: {\n connectedAddresses: CaipAccountId[];\n scope: CaipChainId;\n request: JsonRpcRequest;\n }) => Promise<Json>;\n },\n) {\n const { scope, request: wrappedRequest } = request.params;\n\n assertIsInternalScopeString(scope);\n\n let caveat;\n try {\n caveat = hooks.getCaveatForOrigin(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n );\n } catch {\n // noop\n }\n if (!caveat) {\n return end(providerErrors.unauthorized());\n }\n\n const scopeObject = getSessionScopes(caveat.value, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n })[scope];\n\n if (!scopeObject?.methods?.includes(wrappedRequest.method)) {\n return end(providerErrors.unauthorized());\n }\n\n const { namespace, reference } = parseScopeString(scope);\n\n const isEvmRequest =\n (namespace === KnownCaipNamespace.Wallet &&\n (!reference || reference === KnownCaipNamespace.Eip155)) ||\n namespace === KnownCaipNamespace.Eip155;\n\n const unwrappedRequest = {\n ...request,\n scope,\n method: wrappedRequest.method,\n params: wrappedRequest.params,\n };\n\n if (isEvmRequest) {\n let networkClientId;\n if (namespace === KnownCaipNamespace.Wallet) {\n networkClientId = hooks.getSelectedNetworkClientId();\n } else if (namespace === KnownCaipNamespace.Eip155) {\n if (reference) {\n networkClientId = hooks.findNetworkClientIdByChainId(\n numberToHex(parseInt(reference, 10)),\n );\n }\n }\n\n if (!networkClientId) {\n console.error(\n 'failed to resolve network client for wallet_invokeMethod',\n request,\n );\n return end(rpcErrors.internal());\n }\n\n Object.assign(request, {\n ...unwrappedRequest,\n networkClientId,\n });\n return next();\n }\n\n try {\n response.result = await hooks.handleNonEvmRequestForOrigin({\n connectedAddresses: scopeObject.accounts,\n // Type assertion: We know that scope is not \"wallet\" by now because it\n // is already being handled above.\n scope: scope as CaipChainId,\n request: unwrappedRequest,\n });\n } catch (err) {\n return end(err as Error);\n }\n return end();\n}\nexport const walletInvokeMethod = {\n methodNames: ['wallet_invokeMethod'],\n implementation: walletInvokeMethodHandler,\n hookNames: {\n getCaveatForOrigin: true,\n findNetworkClientIdByChainId: true,\n getSelectedNetworkClientId: true,\n getNonEvmSupportedMethods: true,\n handleNonEvmRequestForOrigin: true,\n },\n};\n"]}
|
|
@@ -28,7 +28,7 @@ async function walletInvokeMethodHandler(request, response, next, end, hooks) {
|
|
|
28
28
|
catch {
|
|
29
29
|
// noop
|
|
30
30
|
}
|
|
31
|
-
if (!caveat
|
|
31
|
+
if (!caveat) {
|
|
32
32
|
return end(providerErrors.unauthorized());
|
|
33
33
|
}
|
|
34
34
|
const scopeObject = getSessionScopes(caveat.value, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-invokeMethod.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-invokeMethod.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,2BAA2B,EAC3B,gBAAgB,EAChB,gBAAgB,EACjB,4CAA4C;AAG7C,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,6BAA6B;AASjE,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,wBAAwB;AAUlE;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,yBAAyB,CACtC,OAAkC,EAClC,QAAgC,EAChC,IAAgB,EAChB,GAA4B,EAC5B,KAaC;IAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAE1D,2BAA2B,CAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,MAAM,CAAC;IACX,IAAI;QACF,MAAM,GAAG,KAAK,CAAC,kBAAkB,CAC/B,6BAA6B,EAC7B,gBAAgB,CACjB,CAAC;KACH;IAAC,MAAM;QACN,OAAO;KACR;IACD,IAAI,CAAC,MAAM,EAAE
|
|
1
|
+
{"version":3,"file":"wallet-invokeMethod.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-invokeMethod.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,gBAAgB,EAChB,6BAA6B,EAC7B,2BAA2B,EAC3B,gBAAgB,EAChB,gBAAgB,EACjB,4CAA4C;AAG7C,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,6BAA6B;AASjE,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,wBAAwB;AAUlE;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,yBAAyB,CACtC,OAAkC,EAClC,QAAgC,EAChC,IAAgB,EAChB,GAA4B,EAC5B,KAaC;IAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAE1D,2BAA2B,CAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,MAAM,CAAC;IACX,IAAI;QACF,MAAM,GAAG,KAAK,CAAC,kBAAkB,CAC/B,6BAA6B,EAC7B,gBAAgB,CACjB,CAAC;KACH;IAAC,MAAM;QACN,OAAO;KACR;IACD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC;KAC3C;IAED,MAAM,WAAW,GAAG,gBAAgB,CAAC,MAAM,CAAC,KAAK,EAAE;QACjD,yBAAyB,EAAE,KAAK,CAAC,yBAAyB;KAC3D,CAAC,CAAC,KAAK,CAAC,CAAC;IAEV,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE;QAC1D,OAAO,GAAG,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC;KAC3C;IAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAEzD,MAAM,YAAY,GAChB,CAAC,SAAS,KAAK,kBAAkB,CAAC,MAAM;QACtC,CAAC,CAAC,SAAS,IAAI,SAAS,KAAK,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC1D,SAAS,KAAK,kBAAkB,CAAC,MAAM,CAAC;IAE1C,MAAM,gBAAgB,GAAG;QACvB,GAAG,OAAO;QACV,KAAK;QACL,MAAM,EAAE,cAAc,CAAC,MAAM;QAC7B,MAAM,EAAE,cAAc,CAAC,MAAM;KAC9B,CAAC;IAEF,IAAI,YAAY,EAAE;QAChB,IAAI,eAAe,CAAC;QACpB,IAAI,SAAS,KAAK,kBAAkB,CAAC,MAAM,EAAE;YAC3C,eAAe,GAAG,KAAK,CAAC,0BAA0B,EAAE,CAAC;SACtD;aAAM,IAAI,SAAS,KAAK,kBAAkB,CAAC,MAAM,EAAE;YAClD,IAAI,SAAS,EAAE;gBACb,eAAe,GAAG,KAAK,CAAC,4BAA4B,CAClD,WAAW,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CACrC,CAAC;aACH;SACF;QAED,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,CAAC,KAAK,CACX,0DAA0D,EAC1D,OAAO,CACR,CAAC;YACF,OAAO,GAAG,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;SAClC;QAED,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE;YACrB,GAAG,gBAAgB;YACnB,eAAe;SAChB,CAAC,CAAC;QACH,OAAO,IAAI,EAAE,CAAC;KACf;IAED,IAAI;QACF,QAAQ,CAAC,MAAM,GAAG,MAAM,KAAK,CAAC,4BAA4B,CAAC;YACzD,kBAAkB,EAAE,WAAW,CAAC,QAAQ;YACxC,uEAAuE;YACvE,kCAAkC;YAClC,KAAK,EAAE,KAAoB;YAC3B,OAAO,EAAE,gBAAgB;SAC1B,CAAC,CAAC;KACJ;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,GAAG,CAAC,GAAY,CAAC,CAAC;KAC1B;IACD,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AACD,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,WAAW,EAAE,CAAC,qBAAqB,CAAC;IACpC,cAAc,EAAE,yBAAyB;IACzC,SAAS,EAAE;QACT,kBAAkB,EAAE,IAAI;QACxB,4BAA4B,EAAE,IAAI;QAClC,0BAA0B,EAAE,IAAI;QAChC,yBAAyB,EAAE,IAAI;QAC/B,4BAA4B,EAAE,IAAI;KACnC;CACF,CAAC","sourcesContent":["import type {\n Caip25CaveatValue,\n ExternalScopeString,\n} from '@metamask/chain-agnostic-permission';\nimport {\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n assertIsInternalScopeString,\n getSessionScopes,\n parseScopeString,\n} from '@metamask/chain-agnostic-permission';\nimport type { NetworkClientId } from '@metamask/network-controller';\nimport type { Caveat } from '@metamask/permission-controller';\nimport { providerErrors, rpcErrors } from '@metamask/rpc-errors';\nimport type {\n CaipAccountId,\n CaipChainId,\n Hex,\n Json,\n JsonRpcRequest,\n PendingJsonRpcResponse,\n} from '@metamask/utils';\nimport { KnownCaipNamespace, numberToHex } from '@metamask/utils';\n\nexport type WalletInvokeMethodRequest = JsonRpcRequest & {\n origin: string;\n params: {\n scope: ExternalScopeString;\n request: Pick<JsonRpcRequest, 'method' | 'params'>;\n };\n};\n\n/**\n * Handler for the `wallet_invokeMethod` RPC method as specified by [CAIP-27](https://chainagnostic.org/CAIPs/caip-27).\n * The implementation below deviates from the linked spec in that it ignores the `sessionId` param\n * and instead uses the singular session for the origin if available.\n *\n * @param request - The request object.\n * @param response - The response object. Unused.\n * @param next - The next middleware function.\n * @param end - The end function.\n * @param hooks - The hooks object.\n * @param hooks.getCaveatForOrigin - the hook for getting a caveat from a permission for an origin.\n * @param hooks.findNetworkClientIdByChainId - the hook for finding the networkClientId for a chainId.\n * @param hooks.getSelectedNetworkClientId - the hook for getting the current globally selected networkClientId.\n * @param hooks.getNonEvmSupportedMethods - A function that returns the supported methods for a non EVM scope.\n * @param hooks.handleNonEvmRequestForOrigin - A function that sends a request to the MultichainRouter for processing.\n * @returns Nothing.\n */\nasync function walletInvokeMethodHandler(\n request: WalletInvokeMethodRequest,\n response: PendingJsonRpcResponse,\n next: () => void,\n end: (error?: Error) => void,\n hooks: {\n getCaveatForOrigin: (\n endowmentPermissionName: string,\n caveatType: string,\n ) => Caveat<typeof Caip25CaveatType, Caip25CaveatValue>;\n findNetworkClientIdByChainId: (chainId: Hex) => NetworkClientId | undefined;\n getSelectedNetworkClientId: () => NetworkClientId;\n getNonEvmSupportedMethods: (scope: CaipChainId) => string[];\n handleNonEvmRequestForOrigin: (params: {\n connectedAddresses: CaipAccountId[];\n scope: CaipChainId;\n request: JsonRpcRequest;\n }) => Promise<Json>;\n },\n) {\n const { scope, request: wrappedRequest } = request.params;\n\n assertIsInternalScopeString(scope);\n\n let caveat;\n try {\n caveat = hooks.getCaveatForOrigin(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n );\n } catch {\n // noop\n }\n if (!caveat) {\n return end(providerErrors.unauthorized());\n }\n\n const scopeObject = getSessionScopes(caveat.value, {\n getNonEvmSupportedMethods: hooks.getNonEvmSupportedMethods,\n })[scope];\n\n if (!scopeObject?.methods?.includes(wrappedRequest.method)) {\n return end(providerErrors.unauthorized());\n }\n\n const { namespace, reference } = parseScopeString(scope);\n\n const isEvmRequest =\n (namespace === KnownCaipNamespace.Wallet &&\n (!reference || reference === KnownCaipNamespace.Eip155)) ||\n namespace === KnownCaipNamespace.Eip155;\n\n const unwrappedRequest = {\n ...request,\n scope,\n method: wrappedRequest.method,\n params: wrappedRequest.params,\n };\n\n if (isEvmRequest) {\n let networkClientId;\n if (namespace === KnownCaipNamespace.Wallet) {\n networkClientId = hooks.getSelectedNetworkClientId();\n } else if (namespace === KnownCaipNamespace.Eip155) {\n if (reference) {\n networkClientId = hooks.findNetworkClientIdByChainId(\n numberToHex(parseInt(reference, 10)),\n );\n }\n }\n\n if (!networkClientId) {\n console.error(\n 'failed to resolve network client for wallet_invokeMethod',\n request,\n );\n return end(rpcErrors.internal());\n }\n\n Object.assign(request, {\n ...unwrappedRequest,\n networkClientId,\n });\n return next();\n }\n\n try {\n response.result = await hooks.handleNonEvmRequestForOrigin({\n connectedAddresses: scopeObject.accounts,\n // Type assertion: We know that scope is not \"wallet\" by now because it\n // is already being handled above.\n scope: scope as CaipChainId,\n request: unwrappedRequest,\n });\n } catch (err) {\n return end(err as Error);\n }\n return end();\n}\nexport const walletInvokeMethod = {\n methodNames: ['wallet_invokeMethod'],\n implementation: walletInvokeMethodHandler,\n hookNames: {\n getCaveatForOrigin: true,\n findNetworkClientIdByChainId: true,\n getSelectedNetworkClientId: true,\n getNonEvmSupportedMethods: true,\n handleNonEvmRequestForOrigin: true,\n },\n};\n"]}
|
|
@@ -4,6 +4,40 @@ exports.walletRevokeSession = void 0;
|
|
|
4
4
|
const chain_agnostic_permission_1 = require("@metamask/chain-agnostic-permission");
|
|
5
5
|
const permission_controller_1 = require("@metamask/permission-controller");
|
|
6
6
|
const rpc_errors_1 = require("@metamask/rpc-errors");
|
|
7
|
+
/**
|
|
8
|
+
* Revokes specific session scopes from an existing caveat.
|
|
9
|
+
* Fully revokes permission if no accounts remain permitted after iterating through scopes.
|
|
10
|
+
*
|
|
11
|
+
* @param scopes - Array of scope strings to remove from the caveat.
|
|
12
|
+
* @param hooks - The hooks object.
|
|
13
|
+
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
14
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
15
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
16
|
+
*/
|
|
17
|
+
function partialRevokePermissions(scopes, hooks) {
|
|
18
|
+
let updatedCaveatValue = hooks.getCaveatForOrigin(chain_agnostic_permission_1.Caip25EndowmentPermissionName, chain_agnostic_permission_1.Caip25CaveatType).value;
|
|
19
|
+
for (const scopeString of scopes) {
|
|
20
|
+
const result = chain_agnostic_permission_1.Caip25CaveatMutators[chain_agnostic_permission_1.Caip25CaveatType].removeScope(updatedCaveatValue, scopeString);
|
|
21
|
+
// If operation is a Noop, it means a scope was passed that was not present in the permission, so we proceed with the loop
|
|
22
|
+
if (result.operation === permission_controller_1.CaveatMutatorOperation.Noop) {
|
|
23
|
+
continue;
|
|
24
|
+
}
|
|
25
|
+
updatedCaveatValue = result?.value ?? {
|
|
26
|
+
requiredScopes: {},
|
|
27
|
+
optionalScopes: {},
|
|
28
|
+
sessionProperties: {},
|
|
29
|
+
isMultichainOrigin: true,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
const caipAccountIds = (0, chain_agnostic_permission_1.getCaipAccountIdsFromCaip25CaveatValue)(updatedCaveatValue);
|
|
33
|
+
// We fully revoke permission if no accounts are left after scope removal loop.
|
|
34
|
+
if (!caipAccountIds.length) {
|
|
35
|
+
hooks.revokePermissionForOrigin(chain_agnostic_permission_1.Caip25EndowmentPermissionName);
|
|
36
|
+
}
|
|
37
|
+
else {
|
|
38
|
+
hooks.updateCaveat(chain_agnostic_permission_1.Caip25EndowmentPermissionName, chain_agnostic_permission_1.Caip25CaveatType, updatedCaveatValue);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
7
41
|
/**
|
|
8
42
|
* Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).
|
|
9
43
|
* The implementation below deviates from the linked spec in that it ignores the `sessionId` param
|
|
@@ -11,17 +45,25 @@ const rpc_errors_1 = require("@metamask/rpc-errors");
|
|
|
11
45
|
* the handler also does not return an error if there is currently no active session and instead
|
|
12
46
|
* returns true which is the same result returned if an active session was actually revoked.
|
|
13
47
|
*
|
|
14
|
-
* @param
|
|
48
|
+
* @param request - The JSON-RPC request object. Unused.
|
|
15
49
|
* @param response - The JSON-RPC response object.
|
|
16
50
|
* @param _next - The next middleware function. Unused.
|
|
17
51
|
* @param end - The end callback function.
|
|
18
52
|
* @param hooks - The hooks object.
|
|
19
53
|
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
54
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
55
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
20
56
|
* @returns Nothing.
|
|
21
57
|
*/
|
|
22
|
-
async function walletRevokeSessionHandler(
|
|
58
|
+
async function walletRevokeSessionHandler(request, response, _next, end, hooks) {
|
|
59
|
+
const { params: { scopes }, } = request;
|
|
23
60
|
try {
|
|
24
|
-
|
|
61
|
+
if (scopes?.length) {
|
|
62
|
+
partialRevokePermissions(scopes, hooks);
|
|
63
|
+
}
|
|
64
|
+
else {
|
|
65
|
+
hooks.revokePermissionForOrigin(chain_agnostic_permission_1.Caip25EndowmentPermissionName);
|
|
66
|
+
}
|
|
25
67
|
}
|
|
26
68
|
catch (err) {
|
|
27
69
|
if (!(err instanceof permission_controller_1.UnrecognizedSubjectError) &&
|
|
@@ -38,6 +80,8 @@ exports.walletRevokeSession = {
|
|
|
38
80
|
implementation: walletRevokeSessionHandler,
|
|
39
81
|
hookNames: {
|
|
40
82
|
revokePermissionForOrigin: true,
|
|
83
|
+
updateCaveat: true,
|
|
84
|
+
getCaveatForOrigin: true,
|
|
41
85
|
},
|
|
42
86
|
};
|
|
43
87
|
//# sourceMappingURL=wallet-revokeSession.cjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-revokeSession.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"wallet-revokeSession.cjs","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":";;;AAAA,mFAK6C;AAK7C,2EAIyC;AACzC,qDAAiD;AAKjD;;;;;;;;;GASG;AACH,SAAS,wBAAwB,CAC/B,MAAgB,EAChB,KAA+B;IAE/B,IAAI,kBAAkB,GAAG,KAAK,CAAC,kBAAkB,CAC/C,yDAA6B,EAC7B,4CAAgB,CACjB,CAAC,KAAK,CAAC;IAER,KAAK,MAAM,WAAW,IAAI,MAAM,EAAE;QAChC,MAAM,MAAM,GAAG,gDAAoB,CAAC,4CAAgB,CAAC,CAAC,WAAW,CAC/D,kBAAkB,EAClB,WAAW,CACZ,CAAC;QAEF,0HAA0H;QAC1H,IAAI,MAAM,CAAC,SAAS,KAAK,8CAAsB,CAAC,IAAI,EAAE;YACpD,SAAS;SACV;QAED,kBAAkB,GAAG,MAAM,EAAE,KAAK,IAAI;YACpC,cAAc,EAAE,EAAE;YAClB,cAAc,EAAE,EAAE;YAClB,iBAAiB,EAAE,EAAE;YACrB,kBAAkB,EAAE,IAAI;SACzB,CAAC;KACH;IAED,MAAM,cAAc,GAClB,IAAA,kEAAsC,EAAC,kBAAkB,CAAC,CAAC;IAE7D,+EAA+E;IAC/E,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE;QAC1B,KAAK,CAAC,yBAAyB,CAAC,yDAA6B,CAAC,CAAC;KAChE;SAAM;QACL,KAAK,CAAC,YAAY,CAChB,yDAA6B,EAC7B,4CAAgB,EAChB,kBAAkB,CACnB,CAAC;KACH;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,0BAA0B,CACvC,OAGC,EACD,QAAwB,EACxB,KAAgC,EAChC,GAA6B,EAC7B,KAA+B;IAE/B,MAAM,EACJ,MAAM,EAAE,EAAE,MAAM,EAAE,GACnB,GAAG,OAAO,CAAC;IAEZ,IAAI;QACF,IAAI,MAAM,EAAE,MAAM,EAAE;YAClB,wBAAwB,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;SACzC;aAAM;YACL,KAAK,CAAC,yBAAyB,CAAC,yDAA6B,CAAC,CAAC;SAChE;KACF;IAAC,OAAO,GAAG,EAAE;QACZ,IACE,CAAC,CAAC,GAAG,YAAY,gDAAwB,CAAC;YAC1C,CAAC,CAAC,GAAG,YAAY,mDAA2B,CAAC,EAC7C;YACA,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnB,OAAO,GAAG,CAAC,sBAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;SAClC;KACF;IAED,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AACY,QAAA,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,yBAAyB,EAAE,IAAI;QAC/B,YAAY,EAAE,IAAI;QAClB,kBAAkB,EAAE,IAAI;KACzB;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatMutators,\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getCaipAccountIdsFromCaip25CaveatValue,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n JsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n CaveatMutatorOperation,\n PermissionDoesNotExistError,\n UnrecognizedSubjectError,\n} from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { JsonRpcSuccess, JsonRpcRequest } from '@metamask/utils';\n\nimport type { WalletRevokeSessionHooks } from './types';\n\n/**\n * Revokes specific session scopes from an existing caveat.\n * Fully revokes permission if no accounts remain permitted after iterating through scopes.\n *\n * @param scopes - Array of scope strings to remove from the caveat.\n * @param hooks - The hooks object.\n * @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.\n * @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.\n * @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.\n */\nfunction partialRevokePermissions(\n scopes: string[],\n hooks: WalletRevokeSessionHooks,\n) {\n let updatedCaveatValue = hooks.getCaveatForOrigin(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n ).value;\n\n for (const scopeString of scopes) {\n const result = Caip25CaveatMutators[Caip25CaveatType].removeScope(\n updatedCaveatValue,\n scopeString,\n );\n\n // If operation is a Noop, it means a scope was passed that was not present in the permission, so we proceed with the loop\n if (result.operation === CaveatMutatorOperation.Noop) {\n continue;\n }\n\n updatedCaveatValue = result?.value ?? {\n requiredScopes: {},\n optionalScopes: {},\n sessionProperties: {},\n isMultichainOrigin: true,\n };\n }\n\n const caipAccountIds =\n getCaipAccountIdsFromCaip25CaveatValue(updatedCaveatValue);\n\n // We fully revoke permission if no accounts are left after scope removal loop.\n if (!caipAccountIds.length) {\n hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);\n } else {\n hooks.updateCaveat(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n updatedCaveatValue,\n );\n }\n}\n\n/**\n * Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).\n * The implementation below deviates from the linked spec in that it ignores the `sessionId` param\n * and instead revokes the singular session for the origin if available. Additionally,\n * the handler also does not return an error if there is currently no active session and instead\n * returns true which is the same result returned if an active session was actually revoked.\n *\n * @param request - The JSON-RPC request object. Unused.\n * @param response - The JSON-RPC response object.\n * @param _next - The next middleware function. Unused.\n * @param end - The end callback function.\n * @param hooks - The hooks object.\n * @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.\n * @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.\n * @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.\n * @returns Nothing.\n */\nasync function walletRevokeSessionHandler(\n request: JsonRpcRequest & {\n origin: string;\n params: { scopes?: string[] };\n },\n response: JsonRpcSuccess,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: WalletRevokeSessionHooks,\n) {\n const {\n params: { scopes },\n } = request;\n\n try {\n if (scopes?.length) {\n partialRevokePermissions(scopes, hooks);\n } else {\n hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);\n }\n } catch (err) {\n if (\n !(err instanceof UnrecognizedSubjectError) &&\n !(err instanceof PermissionDoesNotExistError)\n ) {\n console.error(err);\n return end(rpcErrors.internal());\n }\n }\n\n response.result = true;\n return end();\n}\nexport const walletRevokeSession = {\n methodNames: ['wallet_revokeSession'],\n implementation: walletRevokeSessionHandler,\n hookNames: {\n revokePermissionForOrigin: true,\n updateCaveat: true,\n getCaveatForOrigin: true,\n },\n};\n"]}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import type { JsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
2
|
import type { JsonRpcSuccess, JsonRpcRequest } from "@metamask/utils";
|
|
3
|
+
import type { WalletRevokeSessionHooks } from "./types.cjs";
|
|
3
4
|
/**
|
|
4
5
|
* Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).
|
|
5
6
|
* The implementation below deviates from the linked spec in that it ignores the `sessionId` param
|
|
@@ -7,24 +8,29 @@ import type { JsonRpcSuccess, JsonRpcRequest } from "@metamask/utils";
|
|
|
7
8
|
* the handler also does not return an error if there is currently no active session and instead
|
|
8
9
|
* returns true which is the same result returned if an active session was actually revoked.
|
|
9
10
|
*
|
|
10
|
-
* @param
|
|
11
|
+
* @param request - The JSON-RPC request object. Unused.
|
|
11
12
|
* @param response - The JSON-RPC response object.
|
|
12
13
|
* @param _next - The next middleware function. Unused.
|
|
13
14
|
* @param end - The end callback function.
|
|
14
15
|
* @param hooks - The hooks object.
|
|
15
16
|
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
17
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
18
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
16
19
|
* @returns Nothing.
|
|
17
20
|
*/
|
|
18
|
-
declare function walletRevokeSessionHandler(
|
|
21
|
+
declare function walletRevokeSessionHandler(request: JsonRpcRequest & {
|
|
19
22
|
origin: string;
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
}
|
|
23
|
+
params: {
|
|
24
|
+
scopes?: string[];
|
|
25
|
+
};
|
|
26
|
+
}, response: JsonRpcSuccess, _next: JsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, hooks: WalletRevokeSessionHooks): Promise<void>;
|
|
23
27
|
export declare const walletRevokeSession: {
|
|
24
28
|
methodNames: string[];
|
|
25
29
|
implementation: typeof walletRevokeSessionHandler;
|
|
26
30
|
hookNames: {
|
|
27
31
|
revokePermissionForOrigin: boolean;
|
|
32
|
+
updateCaveat: boolean;
|
|
33
|
+
getCaveatForOrigin: boolean;
|
|
28
34
|
};
|
|
29
35
|
};
|
|
30
36
|
export {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-revokeSession.d.cts","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"wallet-revokeSession.d.cts","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,yBAAyB,EACzB,wBAAwB,EACzB,kCAAkC;AAOnC,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,wBAAwB;AAEtE,OAAO,KAAK,EAAE,wBAAwB,EAAE,oBAAgB;AAuDxD;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,0BAA0B,CACvC,OAAO,EAAE,cAAc,GAAG;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CAC/B,EACD,QAAQ,EAAE,cAAc,EACxB,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE,wBAAwB,iBAwBhC;AACD,eAAO,MAAM,mBAAmB;;;;;;;;CAQ/B,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import type { JsonRpcEngineNextCallback, JsonRpcEngineEndCallback } from "@metamask/json-rpc-engine";
|
|
2
2
|
import type { JsonRpcSuccess, JsonRpcRequest } from "@metamask/utils";
|
|
3
|
+
import type { WalletRevokeSessionHooks } from "./types.mjs";
|
|
3
4
|
/**
|
|
4
5
|
* Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).
|
|
5
6
|
* The implementation below deviates from the linked spec in that it ignores the `sessionId` param
|
|
@@ -7,24 +8,29 @@ import type { JsonRpcSuccess, JsonRpcRequest } from "@metamask/utils";
|
|
|
7
8
|
* the handler also does not return an error if there is currently no active session and instead
|
|
8
9
|
* returns true which is the same result returned if an active session was actually revoked.
|
|
9
10
|
*
|
|
10
|
-
* @param
|
|
11
|
+
* @param request - The JSON-RPC request object. Unused.
|
|
11
12
|
* @param response - The JSON-RPC response object.
|
|
12
13
|
* @param _next - The next middleware function. Unused.
|
|
13
14
|
* @param end - The end callback function.
|
|
14
15
|
* @param hooks - The hooks object.
|
|
15
16
|
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
17
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
18
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
16
19
|
* @returns Nothing.
|
|
17
20
|
*/
|
|
18
|
-
declare function walletRevokeSessionHandler(
|
|
21
|
+
declare function walletRevokeSessionHandler(request: JsonRpcRequest & {
|
|
19
22
|
origin: string;
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
}
|
|
23
|
+
params: {
|
|
24
|
+
scopes?: string[];
|
|
25
|
+
};
|
|
26
|
+
}, response: JsonRpcSuccess, _next: JsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, hooks: WalletRevokeSessionHooks): Promise<void>;
|
|
23
27
|
export declare const walletRevokeSession: {
|
|
24
28
|
methodNames: string[];
|
|
25
29
|
implementation: typeof walletRevokeSessionHandler;
|
|
26
30
|
hookNames: {
|
|
27
31
|
revokePermissionForOrigin: boolean;
|
|
32
|
+
updateCaveat: boolean;
|
|
33
|
+
getCaveatForOrigin: boolean;
|
|
28
34
|
};
|
|
29
35
|
};
|
|
30
36
|
export {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-revokeSession.d.mts","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"wallet-revokeSession.d.mts","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EACV,yBAAyB,EACzB,wBAAwB,EACzB,kCAAkC;AAOnC,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,wBAAwB;AAEtE,OAAO,KAAK,EAAE,wBAAwB,EAAE,oBAAgB;AAuDxD;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,0BAA0B,CACvC,OAAO,EAAE,cAAc,GAAG;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CAC/B,EACD,QAAQ,EAAE,cAAc,EACxB,KAAK,EAAE,yBAAyB,EAChC,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE,wBAAwB,iBAwBhC;AACD,eAAO,MAAM,mBAAmB;;;;;;;;CAQ/B,CAAC"}
|
|
@@ -1,6 +1,40 @@
|
|
|
1
|
-
import { Caip25EndowmentPermissionName } from "@metamask/chain-agnostic-permission";
|
|
2
|
-
import { PermissionDoesNotExistError, UnrecognizedSubjectError } from "@metamask/permission-controller";
|
|
1
|
+
import { Caip25CaveatMutators, Caip25CaveatType, Caip25EndowmentPermissionName, getCaipAccountIdsFromCaip25CaveatValue } from "@metamask/chain-agnostic-permission";
|
|
2
|
+
import { CaveatMutatorOperation, PermissionDoesNotExistError, UnrecognizedSubjectError } from "@metamask/permission-controller";
|
|
3
3
|
import { rpcErrors } from "@metamask/rpc-errors";
|
|
4
|
+
/**
|
|
5
|
+
* Revokes specific session scopes from an existing caveat.
|
|
6
|
+
* Fully revokes permission if no accounts remain permitted after iterating through scopes.
|
|
7
|
+
*
|
|
8
|
+
* @param scopes - Array of scope strings to remove from the caveat.
|
|
9
|
+
* @param hooks - The hooks object.
|
|
10
|
+
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
11
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
12
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
13
|
+
*/
|
|
14
|
+
function partialRevokePermissions(scopes, hooks) {
|
|
15
|
+
let updatedCaveatValue = hooks.getCaveatForOrigin(Caip25EndowmentPermissionName, Caip25CaveatType).value;
|
|
16
|
+
for (const scopeString of scopes) {
|
|
17
|
+
const result = Caip25CaveatMutators[Caip25CaveatType].removeScope(updatedCaveatValue, scopeString);
|
|
18
|
+
// If operation is a Noop, it means a scope was passed that was not present in the permission, so we proceed with the loop
|
|
19
|
+
if (result.operation === CaveatMutatorOperation.Noop) {
|
|
20
|
+
continue;
|
|
21
|
+
}
|
|
22
|
+
updatedCaveatValue = result?.value ?? {
|
|
23
|
+
requiredScopes: {},
|
|
24
|
+
optionalScopes: {},
|
|
25
|
+
sessionProperties: {},
|
|
26
|
+
isMultichainOrigin: true,
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
const caipAccountIds = getCaipAccountIdsFromCaip25CaveatValue(updatedCaveatValue);
|
|
30
|
+
// We fully revoke permission if no accounts are left after scope removal loop.
|
|
31
|
+
if (!caipAccountIds.length) {
|
|
32
|
+
hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);
|
|
33
|
+
}
|
|
34
|
+
else {
|
|
35
|
+
hooks.updateCaveat(Caip25EndowmentPermissionName, Caip25CaveatType, updatedCaveatValue);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
4
38
|
/**
|
|
5
39
|
* Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).
|
|
6
40
|
* The implementation below deviates from the linked spec in that it ignores the `sessionId` param
|
|
@@ -8,17 +42,25 @@ import { rpcErrors } from "@metamask/rpc-errors";
|
|
|
8
42
|
* the handler also does not return an error if there is currently no active session and instead
|
|
9
43
|
* returns true which is the same result returned if an active session was actually revoked.
|
|
10
44
|
*
|
|
11
|
-
* @param
|
|
45
|
+
* @param request - The JSON-RPC request object. Unused.
|
|
12
46
|
* @param response - The JSON-RPC response object.
|
|
13
47
|
* @param _next - The next middleware function. Unused.
|
|
14
48
|
* @param end - The end callback function.
|
|
15
49
|
* @param hooks - The hooks object.
|
|
16
50
|
* @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.
|
|
51
|
+
* @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.
|
|
52
|
+
* @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.
|
|
17
53
|
* @returns Nothing.
|
|
18
54
|
*/
|
|
19
|
-
async function walletRevokeSessionHandler(
|
|
55
|
+
async function walletRevokeSessionHandler(request, response, _next, end, hooks) {
|
|
56
|
+
const { params: { scopes }, } = request;
|
|
20
57
|
try {
|
|
21
|
-
|
|
58
|
+
if (scopes?.length) {
|
|
59
|
+
partialRevokePermissions(scopes, hooks);
|
|
60
|
+
}
|
|
61
|
+
else {
|
|
62
|
+
hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);
|
|
63
|
+
}
|
|
22
64
|
}
|
|
23
65
|
catch (err) {
|
|
24
66
|
if (!(err instanceof UnrecognizedSubjectError) &&
|
|
@@ -35,6 +77,8 @@ export const walletRevokeSession = {
|
|
|
35
77
|
implementation: walletRevokeSessionHandler,
|
|
36
78
|
hookNames: {
|
|
37
79
|
revokePermissionForOrigin: true,
|
|
80
|
+
updateCaveat: true,
|
|
81
|
+
getCaveatForOrigin: true,
|
|
38
82
|
},
|
|
39
83
|
};
|
|
40
84
|
//# sourceMappingURL=wallet-revokeSession.mjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-revokeSession.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"wallet-revokeSession.mjs","sourceRoot":"","sources":["../../src/handlers/wallet-revokeSession.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,gBAAgB,EAChB,6BAA6B,EAC7B,sCAAsC,EACvC,4CAA4C;AAK7C,OAAO,EACL,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACzB,wCAAwC;AACzC,OAAO,EAAE,SAAS,EAAE,6BAA6B;AAKjD;;;;;;;;;GASG;AACH,SAAS,wBAAwB,CAC/B,MAAgB,EAChB,KAA+B;IAE/B,IAAI,kBAAkB,GAAG,KAAK,CAAC,kBAAkB,CAC/C,6BAA6B,EAC7B,gBAAgB,CACjB,CAAC,KAAK,CAAC;IAER,KAAK,MAAM,WAAW,IAAI,MAAM,EAAE;QAChC,MAAM,MAAM,GAAG,oBAAoB,CAAC,gBAAgB,CAAC,CAAC,WAAW,CAC/D,kBAAkB,EAClB,WAAW,CACZ,CAAC;QAEF,0HAA0H;QAC1H,IAAI,MAAM,CAAC,SAAS,KAAK,sBAAsB,CAAC,IAAI,EAAE;YACpD,SAAS;SACV;QAED,kBAAkB,GAAG,MAAM,EAAE,KAAK,IAAI;YACpC,cAAc,EAAE,EAAE;YAClB,cAAc,EAAE,EAAE;YAClB,iBAAiB,EAAE,EAAE;YACrB,kBAAkB,EAAE,IAAI;SACzB,CAAC;KACH;IAED,MAAM,cAAc,GAClB,sCAAsC,CAAC,kBAAkB,CAAC,CAAC;IAE7D,+EAA+E;IAC/E,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE;QAC1B,KAAK,CAAC,yBAAyB,CAAC,6BAA6B,CAAC,CAAC;KAChE;SAAM;QACL,KAAK,CAAC,YAAY,CAChB,6BAA6B,EAC7B,gBAAgB,EAChB,kBAAkB,CACnB,CAAC;KACH;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,KAAK,UAAU,0BAA0B,CACvC,OAGC,EACD,QAAwB,EACxB,KAAgC,EAChC,GAA6B,EAC7B,KAA+B;IAE/B,MAAM,EACJ,MAAM,EAAE,EAAE,MAAM,EAAE,GACnB,GAAG,OAAO,CAAC;IAEZ,IAAI;QACF,IAAI,MAAM,EAAE,MAAM,EAAE;YAClB,wBAAwB,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;SACzC;aAAM;YACL,KAAK,CAAC,yBAAyB,CAAC,6BAA6B,CAAC,CAAC;SAChE;KACF;IAAC,OAAO,GAAG,EAAE;QACZ,IACE,CAAC,CAAC,GAAG,YAAY,wBAAwB,CAAC;YAC1C,CAAC,CAAC,GAAG,YAAY,2BAA2B,CAAC,EAC7C;YACA,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnB,OAAO,GAAG,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;SAClC;KACF;IAED,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,GAAG,EAAE,CAAC;AACf,CAAC;AACD,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,WAAW,EAAE,CAAC,sBAAsB,CAAC;IACrC,cAAc,EAAE,0BAA0B;IAC1C,SAAS,EAAE;QACT,yBAAyB,EAAE,IAAI;QAC/B,YAAY,EAAE,IAAI;QAClB,kBAAkB,EAAE,IAAI;KACzB;CACF,CAAC","sourcesContent":["import {\n Caip25CaveatMutators,\n Caip25CaveatType,\n Caip25EndowmentPermissionName,\n getCaipAccountIdsFromCaip25CaveatValue,\n} from '@metamask/chain-agnostic-permission';\nimport type {\n JsonRpcEngineNextCallback,\n JsonRpcEngineEndCallback,\n} from '@metamask/json-rpc-engine';\nimport {\n CaveatMutatorOperation,\n PermissionDoesNotExistError,\n UnrecognizedSubjectError,\n} from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { JsonRpcSuccess, JsonRpcRequest } from '@metamask/utils';\n\nimport type { WalletRevokeSessionHooks } from './types';\n\n/**\n * Revokes specific session scopes from an existing caveat.\n * Fully revokes permission if no accounts remain permitted after iterating through scopes.\n *\n * @param scopes - Array of scope strings to remove from the caveat.\n * @param hooks - The hooks object.\n * @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.\n * @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.\n * @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.\n */\nfunction partialRevokePermissions(\n scopes: string[],\n hooks: WalletRevokeSessionHooks,\n) {\n let updatedCaveatValue = hooks.getCaveatForOrigin(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n ).value;\n\n for (const scopeString of scopes) {\n const result = Caip25CaveatMutators[Caip25CaveatType].removeScope(\n updatedCaveatValue,\n scopeString,\n );\n\n // If operation is a Noop, it means a scope was passed that was not present in the permission, so we proceed with the loop\n if (result.operation === CaveatMutatorOperation.Noop) {\n continue;\n }\n\n updatedCaveatValue = result?.value ?? {\n requiredScopes: {},\n optionalScopes: {},\n sessionProperties: {},\n isMultichainOrigin: true,\n };\n }\n\n const caipAccountIds =\n getCaipAccountIdsFromCaip25CaveatValue(updatedCaveatValue);\n\n // We fully revoke permission if no accounts are left after scope removal loop.\n if (!caipAccountIds.length) {\n hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);\n } else {\n hooks.updateCaveat(\n Caip25EndowmentPermissionName,\n Caip25CaveatType,\n updatedCaveatValue,\n );\n }\n}\n\n/**\n * Handler for the `wallet_revokeSession` RPC method as specified by [CAIP-285](https://chainagnostic.org/CAIPs/caip-285).\n * The implementation below deviates from the linked spec in that it ignores the `sessionId` param\n * and instead revokes the singular session for the origin if available. Additionally,\n * the handler also does not return an error if there is currently no active session and instead\n * returns true which is the same result returned if an active session was actually revoked.\n *\n * @param request - The JSON-RPC request object. Unused.\n * @param response - The JSON-RPC response object.\n * @param _next - The next middleware function. Unused.\n * @param end - The end callback function.\n * @param hooks - The hooks object.\n * @param hooks.revokePermissionForOrigin - The hook for revoking a permission for an origin function.\n * @param hooks.updateCaveat - The hook used to conditionally update the caveat rather than fully revoke the permission.\n * @param hooks.getCaveatForOrigin - The hook to fetch an existing caveat for the origin of the request.\n * @returns Nothing.\n */\nasync function walletRevokeSessionHandler(\n request: JsonRpcRequest & {\n origin: string;\n params: { scopes?: string[] };\n },\n response: JsonRpcSuccess,\n _next: JsonRpcEngineNextCallback,\n end: JsonRpcEngineEndCallback,\n hooks: WalletRevokeSessionHooks,\n) {\n const {\n params: { scopes },\n } = request;\n\n try {\n if (scopes?.length) {\n partialRevokePermissions(scopes, hooks);\n } else {\n hooks.revokePermissionForOrigin(Caip25EndowmentPermissionName);\n }\n } catch (err) {\n if (\n !(err instanceof UnrecognizedSubjectError) &&\n !(err instanceof PermissionDoesNotExistError)\n ) {\n console.error(err);\n return end(rpcErrors.internal());\n }\n }\n\n response.result = true;\n return end();\n}\nexport const walletRevokeSession = {\n methodNames: ['wallet_revokeSession'],\n implementation: walletRevokeSessionHandler,\n hookNames: {\n revokePermissionForOrigin: true,\n updateCaveat: true,\n getCaveatForOrigin: true,\n },\n};\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@metamask-previews/multichain-api-middleware",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.1.0-preview-a5441fae",
|
|
4
4
|
"description": "JSON-RPC methods and middleware to support the MetaMask Multichain API",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"MetaMask",
|
|
@@ -54,7 +54,7 @@
|
|
|
54
54
|
"@metamask/network-controller": "^24.2.0",
|
|
55
55
|
"@metamask/permission-controller": "^11.0.6",
|
|
56
56
|
"@metamask/rpc-errors": "^7.0.2",
|
|
57
|
-
"@metamask/utils": "^11.8.
|
|
57
|
+
"@metamask/utils": "^11.8.1",
|
|
58
58
|
"@open-rpc/meta-schema": "^1.14.6",
|
|
59
59
|
"@open-rpc/schema-utils-js": "^2.0.5",
|
|
60
60
|
"jsonschema": "^1.4.1"
|