@metamask/permission-controller 1.0.0

package/dist/index.js

@@ -0,0 +1,36 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.permissionRpcMethods = void 0;
+__exportStar(require("./Caveat"), exports);
+__exportStar(require("./errors"), exports);
+__exportStar(require("./Permission"), exports);
+__exportStar(require("./PermissionController"), exports);
+__exportStar(require("./utils"), exports);
+exports.permissionRpcMethods = __importStar(require("./rpc-methods"));
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,2CAAyB;AACzB,+CAA6B;AAC7B,yDAAuC;AACvC,0CAAwB;AACxB,sEAAsD","sourcesContent":["export * from './Caveat';\nexport * from './errors';\nexport * from './Permission';\nexport * from './PermissionController';\nexport * from './utils';\nexport * as permissionRpcMethods from './rpc-methods';\n"]}

package/dist/permission-middleware.d.ts

@@ -0,0 +1,32 @@
+import type { Json } from '@metamask/types';
+import { JsonRpcMiddleware } from 'json-rpc-engine';
+import { GenericPermissionController, PermissionSubjectMetadata, RestrictedMethodParameters } from '.';
+declare type PermissionMiddlewareFactoryOptions = {
+    executeRestrictedMethod: GenericPermissionController['_executeRestrictedMethod'];
+    getRestrictedMethod: GenericPermissionController['getRestrictedMethod'];
+    isUnrestrictedMethod: (method: string) => boolean;
+};
+/**
+ * Creates a permission middleware function factory. Intended for internal use
+ * in the {@link PermissionController}. Like any {@link JsonRpcEngine}
+ * middleware, each middleware will only receive requests from a particular
+ * subject / origin. However, each middleware also requires access to some
+ * `PermissionController` internals, which is why this "factory factory" exists.
+ *
+ * The middlewares returned by the factory will pass through requests for
+ * unrestricted methods, and attempt to execute restricted methods. If a method
+ * is neither restricted nor unrestricted, a "method not found" error will be
+ * returned.
+ * If a method is restricted, the middleware will first attempt to retrieve the
+ * subject's permission for that method. If the permission is found, the method
+ * will be executed. Otherwise, an "unauthorized" error will be returned.
+ *
+ * @param options - Options bag.
+ * @param options.executeRestrictedMethod - {@link PermissionController._executeRestrictedMethod}.
+ * @param options.getRestrictedMethod - {@link PermissionController.getRestrictedMethod}.
+ * @param options.isUnrestrictedMethod - A function that checks whether a
+ * particular method is unrestricted.
+ * @returns A permission middleware factory function.
+ */
+export declare function getPermissionMiddlewareFactory({ executeRestrictedMethod, getRestrictedMethod, isUnrestrictedMethod, }: PermissionMiddlewareFactoryOptions): (subject: PermissionSubjectMetadata) => JsonRpcMiddleware<RestrictedMethodParameters, Json>;
+export {};

package/dist/permission-middleware.js

@@ -0,0 +1,64 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getPermissionMiddlewareFactory = void 0;
+const json_rpc_engine_1 = require("json-rpc-engine");
+const errors_1 = require("./errors");
+/**
+ * Creates a permission middleware function factory. Intended for internal use
+ * in the {@link PermissionController}. Like any {@link JsonRpcEngine}
+ * middleware, each middleware will only receive requests from a particular
+ * subject / origin. However, each middleware also requires access to some
+ * `PermissionController` internals, which is why this "factory factory" exists.
+ *
+ * The middlewares returned by the factory will pass through requests for
+ * unrestricted methods, and attempt to execute restricted methods. If a method
+ * is neither restricted nor unrestricted, a "method not found" error will be
+ * returned.
+ * If a method is restricted, the middleware will first attempt to retrieve the
+ * subject's permission for that method. If the permission is found, the method
+ * will be executed. Otherwise, an "unauthorized" error will be returned.
+ *
+ * @param options - Options bag.
+ * @param options.executeRestrictedMethod - {@link PermissionController._executeRestrictedMethod}.
+ * @param options.getRestrictedMethod - {@link PermissionController.getRestrictedMethod}.
+ * @param options.isUnrestrictedMethod - A function that checks whether a
+ * particular method is unrestricted.
+ * @returns A permission middleware factory function.
+ */
+function getPermissionMiddlewareFactory({ executeRestrictedMethod, getRestrictedMethod, isUnrestrictedMethod, }) {
+    return function createPermissionMiddleware(subject) {
+        const { origin } = subject;
+        if (typeof origin !== 'string' || !origin) {
+            throw new Error('The subject "origin" must be a non-empty string.');
+        }
+        const permissionsMiddleware = (req, res, next) => __awaiter(this, void 0, void 0, function* () {
+            const { method, params } = req;
+            // Skip registered unrestricted methods.
+            if (isUnrestrictedMethod(method)) {
+                return next();
+            }
+            // This will throw if no restricted method implementation is found.
+            const methodImplementation = getRestrictedMethod(method, origin);
+            // This will throw if the permission does not exist.
+            const result = yield executeRestrictedMethod(methodImplementation, subject, method, params);
+            if (result === undefined) {
+                res.error = (0, errors_1.internalError)(`Request for method "${req.method}" returned undefined result.`, { request: req });
+                return undefined;
+            }
+            res.result = result;
+            return undefined;
+        });
+        return (0, json_rpc_engine_1.createAsyncMiddleware)(permissionsMiddleware);
+    };
+}
+exports.getPermissionMiddlewareFactory = getPermissionMiddlewareFactory;
+//# sourceMappingURL=permission-middleware.js.map

package/dist/permission-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission-middleware.js","sourceRoot":"","sources":["../src/permission-middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,qDAMyB;AAGzB,qCAAyC;AAezC;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,SAAgB,8BAA8B,CAAC,EAC7C,uBAAuB,EACvB,mBAAmB,EACnB,oBAAoB,GACe;IACnC,OAAO,SAAS,0BAA0B,CACxC,OAAkC;QAElC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAC3B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,MAAM,EAAE;YACzC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;SACrE;QAED,MAAM,qBAAqB,GAAG,CAC5B,GAA+C,EAC/C,GAAiC,EACjC,IAAoC,EACrB,EAAE;YACjB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;YAE/B,wCAAwC;YACxC,IAAI,oBAAoB,CAAC,MAAM,CAAC,EAAE;gBAChC,OAAO,IAAI,EAAE,CAAC;aACf;YAED,mEAAmE;YACnE,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAEjE,oDAAoD;YACpD,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAC1C,oBAAoB,EACpB,OAAO,EACP,MAAM,EACN,MAAM,CACP,CAAC;YAEF,IAAI,MAAM,KAAK,SAAS,EAAE;gBACxB,GAAG,CAAC,KAAK,GAAG,IAAA,sBAAa,EACvB,uBAAuB,GAAG,CAAC,MAAM,8BAA8B,EAC/D,EAAE,OAAO,EAAE,GAAG,EAAE,CACjB,CAAC;gBACF,OAAO,SAAS,CAAC;aAClB;YAED,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;YACpB,OAAO,SAAS,CAAC;QACnB,CAAC,CAAA,CAAC;QAEF,OAAO,IAAA,uCAAqB,EAAC,qBAAqB,CAAC,CAAC;IACtD,CAAC,CAAC;AACJ,CAAC;AAlDD,wEAkDC","sourcesContent":["import type { Json } from '@metamask/types';\nimport {\n  JsonRpcMiddleware,\n  AsyncJsonRpcEngineNextCallback,\n  createAsyncMiddleware,\n  PendingJsonRpcResponse,\n  JsonRpcRequest,\n} from 'json-rpc-engine';\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { JsonRpcEngine } from 'json-rpc-engine';\nimport { internalError } from './errors';\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { PermissionController } from './PermissionController';\nimport {\n  GenericPermissionController,\n  PermissionSubjectMetadata,\n  RestrictedMethodParameters,\n} from '.';\n\ntype PermissionMiddlewareFactoryOptions = {\n  executeRestrictedMethod: GenericPermissionController['_executeRestrictedMethod'];\n  getRestrictedMethod: GenericPermissionController['getRestrictedMethod'];\n  isUnrestrictedMethod: (method: string) => boolean;\n};\n\n/**\n * Creates a permission middleware function factory. Intended for internal use\n * in the {@link PermissionController}. Like any {@link JsonRpcEngine}\n * middleware, each middleware will only receive requests from a particular\n * subject / origin. However, each middleware also requires access to some\n * `PermissionController` internals, which is why this \"factory factory\" exists.\n *\n * The middlewares returned by the factory will pass through requests for\n * unrestricted methods, and attempt to execute restricted methods. If a method\n * is neither restricted nor unrestricted, a \"method not found\" error will be\n * returned.\n * If a method is restricted, the middleware will first attempt to retrieve the\n * subject's permission for that method. If the permission is found, the method\n * will be executed. Otherwise, an \"unauthorized\" error will be returned.\n *\n * @param options - Options bag.\n * @param options.executeRestrictedMethod - {@link PermissionController._executeRestrictedMethod}.\n * @param options.getRestrictedMethod - {@link PermissionController.getRestrictedMethod}.\n * @param options.isUnrestrictedMethod - A function that checks whether a\n * particular method is unrestricted.\n * @returns A permission middleware factory function.\n */\nexport function getPermissionMiddlewareFactory({\n  executeRestrictedMethod,\n  getRestrictedMethod,\n  isUnrestrictedMethod,\n}: PermissionMiddlewareFactoryOptions) {\n  return function createPermissionMiddleware(\n    subject: PermissionSubjectMetadata,\n  ): JsonRpcMiddleware<RestrictedMethodParameters, Json> {\n    const { origin } = subject;\n    if (typeof origin !== 'string' || !origin) {\n      throw new Error('The subject \"origin\" must be a non-empty string.');\n    }\n\n    const permissionsMiddleware = async (\n      req: JsonRpcRequest<RestrictedMethodParameters>,\n      res: PendingJsonRpcResponse<Json>,\n      next: AsyncJsonRpcEngineNextCallback,\n    ): Promise<void> => {\n      const { method, params } = req;\n\n      // Skip registered unrestricted methods.\n      if (isUnrestrictedMethod(method)) {\n        return next();\n      }\n\n      // This will throw if no restricted method implementation is found.\n      const methodImplementation = getRestrictedMethod(method, origin);\n\n      // This will throw if the permission does not exist.\n      const result = await executeRestrictedMethod(\n        methodImplementation,\n        subject,\n        method,\n        params,\n      );\n\n      if (result === undefined) {\n        res.error = internalError(\n          `Request for method \"${req.method}\" returned undefined result.`,\n          { request: req },\n        );\n        return undefined;\n      }\n\n      res.result = result;\n      return undefined;\n    };\n\n    return createAsyncMiddleware(permissionsMiddleware);\n  };\n}\n"]}

package/dist/rpc-methods/getPermissions.d.ts

@@ -0,0 +1,7 @@
+import type { PermittedHandlerExport } from '@metamask/types';
+import type { PermissionConstraint } from '../Permission';
+import type { SubjectPermissions } from '../PermissionController';
+export declare const getPermissionsHandler: PermittedHandlerExport<GetPermissionsHooks, void, PermissionConstraint[]>;
+export declare type GetPermissionsHooks = {
+    getPermissionsForOrigin: () => SubjectPermissions<PermissionConstraint>;
+};

package/dist/rpc-methods/getPermissions.js

@@ -0,0 +1,38 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getPermissionsHandler = void 0;
+const utils_1 = require("../utils");
+exports.getPermissionsHandler = {
+    methodNames: [utils_1.MethodNames.getPermissions],
+    implementation: getPermissionsImplementation,
+    hookNames: {
+        getPermissionsForOrigin: true,
+    },
+};
+/**
+ * Get Permissions implementation to be used in JsonRpcEngine middleware.
+ *
+ * @param _req - The JsonRpcEngine request - unused
+ * @param res - The JsonRpcEngine result object
+ * @param _next - JsonRpcEngine next() callback - unused
+ * @param end - JsonRpcEngine end() callback
+ * @param options - Method hooks passed to the method implementation
+ * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation
+ * @returns A promise that resolves to nothing
+ */
+function getPermissionsImplementation(_req, res, _next, end, { getPermissionsForOrigin }) {
+    return __awaiter(this, void 0, void 0, function* () {
+        res.result = Object.values(getPermissionsForOrigin() || {});
+        return end();
+    });
+}
+//# sourceMappingURL=getPermissions.js.map

package/dist/rpc-methods/getPermissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getPermissions.js","sourceRoot":"","sources":["../../src/rpc-methods/getPermissions.ts"],"names":[],"mappings":";;;;;;;;;;;;AAKA,oCAAuC;AAK1B,QAAA,qBAAqB,GAI9B;IACF,WAAW,EAAE,CAAC,mBAAW,CAAC,cAAc,CAAC;IACzC,cAAc,EAAE,4BAA4B;IAC5C,SAAS,EAAE;QACT,uBAAuB,EAAE,IAAI;KAC9B;CACF,CAAC;AAOF;;;;;;;;;;GAUG;AACH,SAAe,4BAA4B,CACzC,IAAa,EACb,GAAmD,EACnD,KAAc,EACd,GAA6B,EAC7B,EAAE,uBAAuB,EAAuB;;QAEhD,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,uBAAuB,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5D,OAAO,GAAG,EAAE,CAAC;IACf,CAAC;CAAA","sourcesContent":["import type {\n  JsonRpcEngineEndCallback,\n  PendingJsonRpcResponse,\n  PermittedHandlerExport,\n} from '@metamask/types';\nimport { MethodNames } from '../utils';\n\nimport type { PermissionConstraint } from '../Permission';\nimport type { SubjectPermissions } from '../PermissionController';\n\nexport const getPermissionsHandler: PermittedHandlerExport<\n  GetPermissionsHooks,\n  void,\n  PermissionConstraint[]\n> = {\n  methodNames: [MethodNames.getPermissions],\n  implementation: getPermissionsImplementation,\n  hookNames: {\n    getPermissionsForOrigin: true,\n  },\n};\n\nexport type GetPermissionsHooks = {\n  // This must be bound to the requesting origin.\n  getPermissionsForOrigin: () => SubjectPermissions<PermissionConstraint>;\n};\n\n/**\n * Get Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param _req - The JsonRpcEngine request - unused\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.getPermissionsForOrigin - The specific method hook needed for this method implementation\n * @returns A promise that resolves to nothing\n */\nasync function getPermissionsImplementation(\n  _req: unknown,\n  res: PendingJsonRpcResponse<PermissionConstraint[]>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { getPermissionsForOrigin }: GetPermissionsHooks,\n): Promise<void> {\n  res.result = Object.values(getPermissionsForOrigin() || {});\n  return end();\n}\n"]}

package/dist/rpc-methods/index.d.ts

@@ -0,0 +1,4 @@
+import { RequestPermissionsHooks } from './requestPermissions';
+import { GetPermissionsHooks } from './getPermissions';
+export declare type PermittedRpcMethodHooks = RequestPermissionsHooks & GetPermissionsHooks;
+export declare const handlers: (import("@metamask/types").PermittedHandlerExport<RequestPermissionsHooks, [import("..").RequestedPermissions], import("..").PermissionConstraint[]> | import("@metamask/types").PermittedHandlerExport<GetPermissionsHooks, void, import("..").PermissionConstraint[]>)[];

package/dist/rpc-methods/index.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handlers = void 0;
+const requestPermissions_1 = require("./requestPermissions");
+const getPermissions_1 = require("./getPermissions");
+exports.handlers = [requestPermissions_1.requestPermissionsHandler, getPermissions_1.getPermissionsHandler];
+//# sourceMappingURL=index.js.map

package/dist/rpc-methods/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rpc-methods/index.ts"],"names":[],"mappings":";;;AAAA,6DAG8B;AAC9B,qDAA8E;AAKjE,QAAA,QAAQ,GAAG,CAAC,8CAAyB,EAAE,sCAAqB,CAAC,CAAC","sourcesContent":["import {\n  requestPermissionsHandler,\n  RequestPermissionsHooks,\n} from './requestPermissions';\nimport { getPermissionsHandler, GetPermissionsHooks } from './getPermissions';\n\nexport type PermittedRpcMethodHooks = RequestPermissionsHooks &\n  GetPermissionsHooks;\n\nexport const handlers = [requestPermissionsHandler, getPermissionsHandler];\n"]}

package/dist/rpc-methods/requestPermissions.d.ts

@@ -0,0 +1,16 @@
+import type { PermittedHandlerExport } from '@metamask/types';
+import type { PermissionConstraint, RequestedPermissions } from '../Permission';
+export declare const requestPermissionsHandler: PermittedHandlerExport<RequestPermissionsHooks, [
+    RequestedPermissions
+], PermissionConstraint[]>;
+declare type RequestPermissions = (requestedPermissions: RequestedPermissions, id: string) => Promise<[
+    Record<string, PermissionConstraint>,
+    {
+        id: string;
+        origin: string;
+    }
+]>;
+export declare type RequestPermissionsHooks = {
+    requestPermissionsForOrigin: RequestPermissions;
+};
+export {};

package/dist/rpc-methods/requestPermissions.js

@@ -0,0 +1,55 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requestPermissionsHandler = void 0;
+const eth_rpc_errors_1 = require("eth-rpc-errors");
+const controller_utils_1 = require("@metamask/controller-utils");
+const utils_1 = require("../utils");
+const errors_1 = require("../errors");
+exports.requestPermissionsHandler = {
+    methodNames: [utils_1.MethodNames.requestPermissions],
+    implementation: requestPermissionsImplementation,
+    hookNames: {
+        requestPermissionsForOrigin: true,
+    },
+};
+/**
+ * Request Permissions implementation to be used in JsonRpcEngine middleware.
+ *
+ * @param req - The JsonRpcEngine request
+ * @param res - The JsonRpcEngine result object
+ * @param _next - JsonRpcEngine next() callback - unused
+ * @param end - JsonRpcEngine end() callback
+ * @param options - Method hooks passed to the method implementation
+ * @param options.requestPermissionsForOrigin - The specific method hook needed for this method implementation
+ * @returns A promise that resolves to nothing
+ */
+function requestPermissionsImplementation(req, res, _next, end, { requestPermissionsForOrigin }) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const { id, params } = req;
+        if ((typeof id !== 'number' && typeof id !== 'string') ||
+            (typeof id === 'string' && !id)) {
+            return end(eth_rpc_errors_1.ethErrors.rpc.invalidRequest({
+                message: 'Invalid request: Must specify a valid id.',
+                data: { request: req },
+            }));
+        }
+        if (!Array.isArray(params) || !(0, controller_utils_1.isPlainObject)(params[0])) {
+            return end((0, errors_1.invalidParams)({ data: { request: req } }));
+        }
+        const [requestedPermissions] = params;
+        const [grantedPermissions] = yield requestPermissionsForOrigin(requestedPermissions, String(id));
+        // `wallet_requestPermission` is specified to return an array.
+        res.result = Object.values(grantedPermissions);
+        return end();
+    });
+}
+//# sourceMappingURL=requestPermissions.js.map

package/dist/rpc-methods/requestPermissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestPermissions.js","sourceRoot":"","sources":["../../src/rpc-methods/requestPermissions.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,mDAA2C;AAO3C,iEAA2D;AAC3D,oCAAuC;AACvC,sCAA0C;AAG7B,QAAA,yBAAyB,GAIlC;IACF,WAAW,EAAE,CAAC,mBAAW,CAAC,kBAAkB,CAAC;IAC7C,cAAc,EAAE,gCAAgC;IAChD,SAAS,EAAE;QACT,2BAA2B,EAAE,IAAI;KAClC;CACF,CAAC;AAaF;;;;;;;;;;GAUG;AACH,SAAe,gCAAgC,CAC7C,GAA2C,EAC3C,GAAmD,EACnD,KAAc,EACd,GAA6B,EAC7B,EAAE,2BAA2B,EAA2B;;QAExD,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;QAE3B,IACE,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,CAAC;YAClD,CAAC,OAAO,EAAE,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,EAC/B;YACA,OAAO,GAAG,CACR,0BAAS,CAAC,GAAG,CAAC,cAAc,CAAC;gBAC3B,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE;aACvB,CAAC,CACH,CAAC;SACH;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAA,gCAAa,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;YACvD,OAAO,GAAG,CAAC,IAAA,sBAAa,EAAC,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;SACvD;QAED,MAAM,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;QACtC,MAAM,CAAC,kBAAkB,CAAC,GAAG,MAAM,2BAA2B,CAC5D,oBAAoB,EACpB,MAAM,CAAC,EAAE,CAAC,CACX,CAAC;QAEF,8DAA8D;QAC9D,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC/C,OAAO,GAAG,EAAE,CAAC;IACf,CAAC;CAAA","sourcesContent":["import { ethErrors } from 'eth-rpc-errors';\nimport type {\n  JsonRpcEngineEndCallback,\n  JsonRpcRequest,\n  PendingJsonRpcResponse,\n  PermittedHandlerExport,\n} from '@metamask/types';\nimport { isPlainObject } from '@metamask/controller-utils';\nimport { MethodNames } from '../utils';\nimport { invalidParams } from '../errors';\nimport type { PermissionConstraint, RequestedPermissions } from '../Permission';\n\nexport const requestPermissionsHandler: PermittedHandlerExport<\n  RequestPermissionsHooks,\n  [RequestedPermissions],\n  PermissionConstraint[]\n> = {\n  methodNames: [MethodNames.requestPermissions],\n  implementation: requestPermissionsImplementation,\n  hookNames: {\n    requestPermissionsForOrigin: true,\n  },\n};\n\ntype RequestPermissions = (\n  requestedPermissions: RequestedPermissions,\n  id: string,\n) => Promise<\n  [Record<string, PermissionConstraint>, { id: string; origin: string }]\n>;\n\nexport type RequestPermissionsHooks = {\n  requestPermissionsForOrigin: RequestPermissions;\n};\n\n/**\n * Request Permissions implementation to be used in JsonRpcEngine middleware.\n *\n * @param req - The JsonRpcEngine request\n * @param res - The JsonRpcEngine result object\n * @param _next - JsonRpcEngine next() callback - unused\n * @param end - JsonRpcEngine end() callback\n * @param options - Method hooks passed to the method implementation\n * @param options.requestPermissionsForOrigin - The specific method hook needed for this method implementation\n * @returns A promise that resolves to nothing\n */\nasync function requestPermissionsImplementation(\n  req: JsonRpcRequest<[RequestedPermissions]>,\n  res: PendingJsonRpcResponse<PermissionConstraint[]>,\n  _next: unknown,\n  end: JsonRpcEngineEndCallback,\n  { requestPermissionsForOrigin }: RequestPermissionsHooks,\n): Promise<void> {\n  const { id, params } = req;\n\n  if (\n    (typeof id !== 'number' && typeof id !== 'string') ||\n    (typeof id === 'string' && !id)\n  ) {\n    return end(\n      ethErrors.rpc.invalidRequest({\n        message: 'Invalid request: Must specify a valid id.',\n        data: { request: req },\n      }),\n    );\n  }\n\n  if (!Array.isArray(params) || !isPlainObject(params[0])) {\n    return end(invalidParams({ data: { request: req } }));\n  }\n\n  const [requestedPermissions] = params;\n  const [grantedPermissions] = await requestPermissionsForOrigin(\n    requestedPermissions,\n    String(id),\n  );\n\n  // `wallet_requestPermission` is specified to return an array.\n  res.result = Object.values(grantedPermissions);\n  return end();\n}\n"]}

package/dist/utils.d.ts

@@ -0,0 +1,15 @@
+import { CaveatSpecificationConstraint, CaveatSpecificationMap } from './Caveat';
+import { PermissionSpecificationConstraint, PermissionSpecificationMap } from './Permission';
+export declare enum MethodNames {
+    requestPermissions = "wallet_requestPermissions",
+    getPermissions = "wallet_getPermissions"
+}
+/**
+ * Utility type for extracting a union of all individual caveat or permission
+ * specification types from a {@link CaveatSpecificationMap} or
+ * {@link PermissionSpecificationMap}.
+ *
+ * @template SpecificationsMap - The caveat or permission specifications map
+ * whose specification type union to extract.
+ */
+export declare type ExtractSpecifications<SpecificationsMap extends CaveatSpecificationMap<CaveatSpecificationConstraint> | PermissionSpecificationMap<PermissionSpecificationConstraint>> = SpecificationsMap[keyof SpecificationsMap];

package/dist/utils.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MethodNames = void 0;
+var MethodNames;
+(function (MethodNames) {
+    MethodNames["requestPermissions"] = "wallet_requestPermissions";
+    MethodNames["getPermissions"] = "wallet_getPermissions";
+})(MethodNames = exports.MethodNames || (exports.MethodNames = {}));
+//# sourceMappingURL=utils.js.map

package/dist/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AASA,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,+DAAgD,CAAA;IAChD,uDAAwC,CAAA;AAC1C,CAAC,EAHW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAGtB","sourcesContent":["import {\n  CaveatSpecificationConstraint,\n  CaveatSpecificationMap,\n} from './Caveat';\nimport {\n  PermissionSpecificationConstraint,\n  PermissionSpecificationMap,\n} from './Permission';\n\nexport enum MethodNames {\n  requestPermissions = 'wallet_requestPermissions',\n  getPermissions = 'wallet_getPermissions',\n}\n\n/**\n * Utility type for extracting a union of all individual caveat or permission\n * specification types from a {@link CaveatSpecificationMap} or\n * {@link PermissionSpecificationMap}.\n *\n * @template SpecificationsMap - The caveat or permission specifications map\n * whose specification type union to extract.\n */\nexport type ExtractSpecifications<\n  SpecificationsMap extends\n    | CaveatSpecificationMap<CaveatSpecificationConstraint>\n    | PermissionSpecificationMap<PermissionSpecificationConstraint>,\n> = SpecificationsMap[keyof SpecificationsMap];\n"]}

package/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "@metamask/permission-controller",
+  "version": "1.0.0",
+  "description": "Mediates access to JSON-RPC methods, used to interact with pieces of the MetaMask stack, via middleware for json-rpc-engine",
+  "keywords": [
+    "MetaMask",
+    "Ethereum"
+  ],
+  "homepage": "https://github.com/MetaMask/controllers/tree/main/packages/permission-controller#readme",
+  "bugs": {
+    "url": "https://github.com/MetaMask/controllers/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/MetaMask/controllers.git"
+  },
+  "license": "MIT",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist/"
+  ],
+  "scripts": {
+    "build:docs": "typedoc",
+    "changelog:validate": "../../scripts/validate-changelog.sh @metamask/permission-controller",
+    "prepare-manifest:preview": "../../scripts/prepare-preview-manifest.sh",
+    "publish:preview": "yarn npm publish --tag preview",
+    "test": "jest",
+    "test:watch": "jest --watch"
+  },
+  "dependencies": {
+    "@metamask/approval-controller": "~1.0.0",
+    "@metamask/base-controller": "~1.0.0",
+    "@metamask/controller-utils": "~1.0.0",
+    "@metamask/types": "^1.1.0",
+    "@types/deep-freeze-strict": "^1.1.0",
+    "deep-freeze-strict": "^1.1.1",
+    "eth-rpc-errors": "^4.0.0",
+    "immer": "^9.0.6",
+    "json-rpc-engine": "^6.1.0",
+    "nanoid": "^3.1.31"
+  },
+  "devDependencies": {
+    "@metamask/auto-changelog": "^3.1.0",
+    "@types/jest": "^26.0.22",
+    "deepmerge": "^4.2.2",
+    "jest": "^26.4.2",
+    "ts-jest": "^26.5.2",
+    "typedoc": "^0.22.15",
+    "typedoc-plugin-missing-exports": "^0.22.6",
+    "typescript": "~4.6.3"
+  },
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  }
+}