@novasamatech/host-papp 0.7.7 → 0.7.8-0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/sso/auth/impl.js +15 -15
- package/dist/sso/auth/scale/handshake.d.ts +5 -1
- package/dist/sso/auth/scale/handshake.js +6 -2
- package/dist/sso/sessionManager/userSession.js +1 -0
- package/dist/sso/userSessionRepository.d.ts +155 -12
- package/dist/sso/userSessionRepository.js +4 -2
- package/package.json +5 -5
package/dist/sso/auth/impl.js
CHANGED
|
@@ -46,7 +46,8 @@ export function createAuth({ metadata, hostMetadata, statementStore, ssoSessionR
|
|
|
46
46
|
}));
|
|
47
47
|
const handshakeTopic = encrKeys.andThen(({ publicKey }) => createHandshakeTopic(localAccount, publicKey));
|
|
48
48
|
const dataPrepared = Result.combine([handshakePayload, handshakeTopic, encrKeys]).andTee(([payload]) => pairingStatus.write({ step: 'pairing', payload: createDeeplink(payload) }));
|
|
49
|
-
return dataPrepared
|
|
49
|
+
return dataPrepared
|
|
50
|
+
.asyncAndThen(([, handshakeTopic, encrKeys]) => {
|
|
50
51
|
const pappResponse = waitForStatements(callback => statementStore.subscribeStatements({ matchAll: [handshakeTopic] }, page => callback(page.statements)), signal, (statements, resolve) => {
|
|
51
52
|
for (const statement of statements) {
|
|
52
53
|
if (!statement.data)
|
|
@@ -62,7 +63,7 @@ export function createAuth({ metadata, hostMetadata, statementStore, ssoSessionR
|
|
|
62
63
|
}
|
|
63
64
|
}
|
|
64
65
|
});
|
|
65
|
-
|
|
66
|
+
return pappResponse.map(session => ({
|
|
66
67
|
session,
|
|
67
68
|
secretsPayload: {
|
|
68
69
|
id: session.id,
|
|
@@ -71,15 +72,14 @@ export function createAuth({ metadata, hostMetadata, statementStore, ssoSessionR
|
|
|
71
72
|
entropy: account.entropy,
|
|
72
73
|
},
|
|
73
74
|
}));
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
});
|
|
75
|
+
})
|
|
76
|
+
.andTee(({ session }) => {
|
|
77
|
+
pairingStatus.write({ step: 'finished', session });
|
|
78
|
+
})
|
|
79
|
+
.orTee(e => {
|
|
80
|
+
if (!(e instanceof AbortError)) {
|
|
81
|
+
pairingStatus.write({ step: 'pairingError', message: e.message });
|
|
82
|
+
}
|
|
83
83
|
});
|
|
84
84
|
}
|
|
85
85
|
const authModule = {
|
|
@@ -162,10 +162,10 @@ function retrieveSession({ payload, encrSecret, localAccount, }) {
|
|
|
162
162
|
return createEncryption(symmetricKey)
|
|
163
163
|
.decrypt(encrypted)
|
|
164
164
|
.map(decrypted => {
|
|
165
|
-
const
|
|
166
|
-
const sharedSecret = createSharedSecret(encrSecret,
|
|
167
|
-
const peerAccount = createRemoteSessionAccount(createAccountId(
|
|
168
|
-
return createStoredUserSession(localAccount, peerAccount);
|
|
165
|
+
const { sharedSecretDerivationKey, rootUserAccountId, identityAccountId } = HandshakeResponseSensitiveData.dec(decrypted);
|
|
166
|
+
const sharedSecret = createSharedSecret(encrSecret, sharedSecretDerivationKey);
|
|
167
|
+
const peerAccount = createRemoteSessionAccount(createAccountId(rootUserAccountId), sharedSecret);
|
|
168
|
+
return createStoredUserSession(localAccount, peerAccount, createAccountId(identityAccountId));
|
|
169
169
|
});
|
|
170
170
|
}
|
|
171
171
|
function createDeeplink(payload) {
|
|
@@ -16,4 +16,8 @@ export declare const HandshakeResponsePayload: import("scale-ts").Codec<{
|
|
|
16
16
|
tmpKey: Uint8Array<ArrayBufferLike>;
|
|
17
17
|
};
|
|
18
18
|
}>;
|
|
19
|
-
export declare const HandshakeResponseSensitiveData: import("scale-ts").Codec<
|
|
19
|
+
export declare const HandshakeResponseSensitiveData: import("scale-ts").Codec<{
|
|
20
|
+
sharedSecretDerivationKey: Uint8Array<ArrayBufferLike>;
|
|
21
|
+
rootUserAccountId: Uint8Array<ArrayBufferLike>;
|
|
22
|
+
identityAccountId: Uint8Array<ArrayBufferLike>;
|
|
23
|
+
}>;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Enum } from '@novasamatech/scale';
|
|
2
|
-
import { Bytes, Option, Struct,
|
|
2
|
+
import { Bytes, Option, Struct, str } from 'scale-ts';
|
|
3
3
|
import { EncrPubKey, SsPubKey } from '../../../crypto.js';
|
|
4
4
|
const optStr = Option(str);
|
|
5
5
|
export const HandshakeData = Enum({
|
|
@@ -15,4 +15,8 @@ export const HandshakeData = Enum({
|
|
|
15
15
|
export const HandshakeResponsePayload = Enum({
|
|
16
16
|
v1: Struct({ encrypted: Bytes(), tmpKey: Bytes(65) }),
|
|
17
17
|
});
|
|
18
|
-
export const HandshakeResponseSensitiveData =
|
|
18
|
+
export const HandshakeResponseSensitiveData = Struct({
|
|
19
|
+
sharedSecretDerivationKey: Bytes(65),
|
|
20
|
+
rootUserAccountId: Bytes(32),
|
|
21
|
+
identityAccountId: Bytes(32),
|
|
22
|
+
});
|
|
@@ -35,6 +35,7 @@ export function createUserSession({ userSession, statementStore, encryption, sto
|
|
|
35
35
|
id: userSession.id,
|
|
36
36
|
localAccount: userSession.localAccount,
|
|
37
37
|
remoteAccount: userSession.remoteAccount,
|
|
38
|
+
identityAccountId: userSession.identityAccountId,
|
|
38
39
|
signPayload(payload) {
|
|
39
40
|
return requestQueue.call(() => {
|
|
40
41
|
const messageId = nanoid();
|
|
@@ -1,18 +1,161 @@
|
|
|
1
|
-
import type { LocalSessionAccount, RemoteSessionAccount } from '@novasamatech/statement-store';
|
|
1
|
+
import type { AccountId, LocalSessionAccount, RemoteSessionAccount } from '@novasamatech/statement-store';
|
|
2
2
|
import type { StorageAdapter } from '@novasamatech/storage-adapter';
|
|
3
|
+
import type { CodecType } from 'scale-ts';
|
|
3
4
|
export type UserSessionRepository = ReturnType<typeof createUserSessionRepository>;
|
|
4
|
-
export type StoredUserSession =
|
|
5
|
+
export type StoredUserSession = CodecType<typeof storedUserSessionCodec>;
|
|
6
|
+
declare const storedUserSessionCodec: import("scale-ts").Codec<{
|
|
5
7
|
id: string;
|
|
6
|
-
localAccount:
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
localAccount: {
|
|
9
|
+
accountId: AccountId;
|
|
10
|
+
pin: string | undefined;
|
|
11
|
+
};
|
|
12
|
+
remoteAccount: {
|
|
13
|
+
accountId: AccountId;
|
|
14
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
15
|
+
pin: string | undefined;
|
|
16
|
+
};
|
|
17
|
+
identityAccountId: AccountId;
|
|
18
|
+
}>;
|
|
19
|
+
export declare function createStoredUserSession(localAccount: LocalSessionAccount, remoteAccount: RemoteSessionAccount, identityAccountId: AccountId): StoredUserSession;
|
|
10
20
|
export declare const createUserSessionRepository: (storage: StorageAdapter) => {
|
|
11
|
-
add(value:
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
21
|
+
add(value: {
|
|
22
|
+
id: string;
|
|
23
|
+
localAccount: {
|
|
24
|
+
accountId: AccountId;
|
|
25
|
+
pin: string | undefined;
|
|
26
|
+
};
|
|
27
|
+
remoteAccount: {
|
|
28
|
+
accountId: AccountId;
|
|
29
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
30
|
+
pin: string | undefined;
|
|
31
|
+
};
|
|
32
|
+
identityAccountId: AccountId;
|
|
33
|
+
}): import("neverthrow").ResultAsync<{
|
|
34
|
+
id: string;
|
|
35
|
+
localAccount: {
|
|
36
|
+
accountId: AccountId;
|
|
37
|
+
pin: string | undefined;
|
|
38
|
+
};
|
|
39
|
+
remoteAccount: {
|
|
40
|
+
accountId: AccountId;
|
|
41
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
42
|
+
pin: string | undefined;
|
|
43
|
+
};
|
|
44
|
+
identityAccountId: AccountId;
|
|
45
|
+
}, Error>;
|
|
46
|
+
filter(fn: (value: {
|
|
47
|
+
id: string;
|
|
48
|
+
localAccount: {
|
|
49
|
+
accountId: AccountId;
|
|
50
|
+
pin: string | undefined;
|
|
51
|
+
};
|
|
52
|
+
remoteAccount: {
|
|
53
|
+
accountId: AccountId;
|
|
54
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
55
|
+
pin: string | undefined;
|
|
56
|
+
};
|
|
57
|
+
identityAccountId: AccountId;
|
|
58
|
+
}) => boolean): import("neverthrow").ResultAsync<{
|
|
59
|
+
id: string;
|
|
60
|
+
localAccount: {
|
|
61
|
+
accountId: AccountId;
|
|
62
|
+
pin: string | undefined;
|
|
63
|
+
};
|
|
64
|
+
remoteAccount: {
|
|
65
|
+
accountId: AccountId;
|
|
66
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
67
|
+
pin: string | undefined;
|
|
68
|
+
};
|
|
69
|
+
identityAccountId: AccountId;
|
|
70
|
+
}[], Error>;
|
|
71
|
+
mutate(fn: (value: {
|
|
72
|
+
id: string;
|
|
73
|
+
localAccount: {
|
|
74
|
+
accountId: AccountId;
|
|
75
|
+
pin: string | undefined;
|
|
76
|
+
};
|
|
77
|
+
remoteAccount: {
|
|
78
|
+
accountId: AccountId;
|
|
79
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
80
|
+
pin: string | undefined;
|
|
81
|
+
};
|
|
82
|
+
identityAccountId: AccountId;
|
|
83
|
+
}[]) => {
|
|
84
|
+
id: string;
|
|
85
|
+
localAccount: {
|
|
86
|
+
accountId: AccountId;
|
|
87
|
+
pin: string | undefined;
|
|
88
|
+
};
|
|
89
|
+
remoteAccount: {
|
|
90
|
+
accountId: AccountId;
|
|
91
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
92
|
+
pin: string | undefined;
|
|
93
|
+
};
|
|
94
|
+
identityAccountId: AccountId;
|
|
95
|
+
}[]): import("neverthrow").ResultAsync<{
|
|
96
|
+
id: string;
|
|
97
|
+
localAccount: {
|
|
98
|
+
accountId: AccountId;
|
|
99
|
+
pin: string | undefined;
|
|
100
|
+
};
|
|
101
|
+
remoteAccount: {
|
|
102
|
+
accountId: AccountId;
|
|
103
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
104
|
+
pin: string | undefined;
|
|
105
|
+
};
|
|
106
|
+
identityAccountId: AccountId;
|
|
107
|
+
}[], Error>;
|
|
108
|
+
read(): import("neverthrow").ResultAsync<{
|
|
109
|
+
id: string;
|
|
110
|
+
localAccount: {
|
|
111
|
+
accountId: AccountId;
|
|
112
|
+
pin: string | undefined;
|
|
113
|
+
};
|
|
114
|
+
remoteAccount: {
|
|
115
|
+
accountId: AccountId;
|
|
116
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
117
|
+
pin: string | undefined;
|
|
118
|
+
};
|
|
119
|
+
identityAccountId: AccountId;
|
|
120
|
+
}[], Error>;
|
|
121
|
+
write(value: {
|
|
122
|
+
id: string;
|
|
123
|
+
localAccount: {
|
|
124
|
+
accountId: AccountId;
|
|
125
|
+
pin: string | undefined;
|
|
126
|
+
};
|
|
127
|
+
remoteAccount: {
|
|
128
|
+
accountId: AccountId;
|
|
129
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
130
|
+
pin: string | undefined;
|
|
131
|
+
};
|
|
132
|
+
identityAccountId: AccountId;
|
|
133
|
+
}[]): import("neverthrow").ResultAsync<null, Error> | import("neverthrow").ResultAsync<{
|
|
134
|
+
id: string;
|
|
135
|
+
localAccount: {
|
|
136
|
+
accountId: AccountId;
|
|
137
|
+
pin: string | undefined;
|
|
138
|
+
};
|
|
139
|
+
remoteAccount: {
|
|
140
|
+
accountId: AccountId;
|
|
141
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
142
|
+
pin: string | undefined;
|
|
143
|
+
};
|
|
144
|
+
identityAccountId: AccountId;
|
|
145
|
+
}[], Error>;
|
|
16
146
|
clear(): import("neverthrow").ResultAsync<void, Error>;
|
|
17
|
-
subscribe(fn: (value:
|
|
147
|
+
subscribe(fn: (value: {
|
|
148
|
+
id: string;
|
|
149
|
+
localAccount: {
|
|
150
|
+
accountId: AccountId;
|
|
151
|
+
pin: string | undefined;
|
|
152
|
+
};
|
|
153
|
+
remoteAccount: {
|
|
154
|
+
accountId: AccountId;
|
|
155
|
+
publicKey: Uint8Array<ArrayBufferLike>;
|
|
156
|
+
pin: string | undefined;
|
|
157
|
+
};
|
|
158
|
+
identityAccountId: AccountId;
|
|
159
|
+
}[]) => void): VoidFunction;
|
|
18
160
|
};
|
|
161
|
+
export {};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { LocalSessionAccountCodec, RemoteSessionAccountCodec } from '@novasamatech/statement-store';
|
|
1
|
+
import { AccountIdCodec, LocalSessionAccountCodec, RemoteSessionAccountCodec } from '@novasamatech/statement-store';
|
|
2
2
|
import { fieldListView } from '@novasamatech/storage-adapter';
|
|
3
3
|
import { nanoid } from 'nanoid';
|
|
4
4
|
import { fromHex, toHex } from 'polkadot-api/utils';
|
|
@@ -7,12 +7,14 @@ const storedUserSessionCodec = Struct({
|
|
|
7
7
|
id: str,
|
|
8
8
|
localAccount: LocalSessionAccountCodec,
|
|
9
9
|
remoteAccount: RemoteSessionAccountCodec,
|
|
10
|
+
identityAccountId: AccountIdCodec,
|
|
10
11
|
});
|
|
11
|
-
export function createStoredUserSession(localAccount, remoteAccount) {
|
|
12
|
+
export function createStoredUserSession(localAccount, remoteAccount, identityAccountId) {
|
|
12
13
|
return {
|
|
13
14
|
id: nanoid(12),
|
|
14
15
|
localAccount: localAccount,
|
|
15
16
|
remoteAccount: remoteAccount,
|
|
17
|
+
identityAccountId,
|
|
16
18
|
};
|
|
17
19
|
}
|
|
18
20
|
export const createUserSessionRepository = (storage) => {
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@novasamatech/host-papp",
|
|
3
3
|
"type": "module",
|
|
4
|
-
"version": "0.7.
|
|
4
|
+
"version": "0.7.8-0",
|
|
5
5
|
"description": "Polkadot app integration",
|
|
6
6
|
"license": "Apache-2.0",
|
|
7
7
|
"repository": {
|
|
@@ -29,10 +29,10 @@
|
|
|
29
29
|
"@noble/ciphers": "2.2.0",
|
|
30
30
|
"@noble/curves": "2.2.0",
|
|
31
31
|
"@noble/hashes": "2.2.0",
|
|
32
|
-
"@novasamatech/host-api": "0.7.
|
|
33
|
-
"@novasamatech/scale": "0.7.
|
|
34
|
-
"@novasamatech/statement-store": "0.7.
|
|
35
|
-
"@novasamatech/storage-adapter": "0.7.
|
|
32
|
+
"@novasamatech/host-api": "0.7.8-0",
|
|
33
|
+
"@novasamatech/scale": "0.7.8-0",
|
|
34
|
+
"@novasamatech/statement-store": "0.7.8-0",
|
|
35
|
+
"@novasamatech/storage-adapter": "0.7.8-0",
|
|
36
36
|
"@polkadot-labs/hdkd-helpers": "^0.0.30",
|
|
37
37
|
"nanoevents": "9.1.0",
|
|
38
38
|
"nanoid": "5.1.9",
|