@pooflabs/server 0.0.3 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.js +252 -136
  2. package/dist/index.js.map +1 -1
  3. package/dist/index.mjs +252 -137
  4. package/dist/index.mjs.map +1 -1
  5. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -2,7 +2,8 @@
2
2
 
3
3
  var axios = require('axios');
4
4
  var web3_js = require('@solana/web3.js');
5
- var require$$0 = require('crypto');
5
+ var require$$0 = require('buffer');
6
+ var require$$0$1 = require('crypto');
6
7
  var anchor = require('@coral-xyz/anchor');
7
8
 
8
9
  function _interopNamespaceDefault(e) {
@@ -37,6 +38,15 @@ async function getAxiosAuthClient() {
37
38
  }
38
39
  return axiosClient;
39
40
  }
41
+ async function genAuthNonce() {
42
+ const client = await getAxiosAuthClient();
43
+ const config = await getConfig();
44
+ const appId = config.appId;
45
+ const response = await client.post('/auth/nonce', {
46
+ appId
47
+ });
48
+ return response.data.nonce;
49
+ }
40
50
  async function createSessionWithSignature(address, message, signature) {
41
51
  const client = await getAxiosAuthClient();
42
52
  const config = await getConfig();
@@ -193,137 +203,235 @@ class WebSessionManager {
193
203
  }
194
204
  WebSessionManager.TAROBASE_SESSION_STORAGE_KEY = "tarobase_session_storage";
195
205
 
196
- // base-x encoding / decoding
197
- // Copyright (c) 2018 base-x contributors
198
- // Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
199
- // Distributed under the MIT software license, see the accompanying
200
- // file LICENSE or http://www.opensource.org/licenses/mit-license.php.
201
- function base (ALPHABET) {
202
- if (ALPHABET.length >= 255) { throw new TypeError('Alphabet too long') }
203
- const BASE_MAP = new Uint8Array(256);
204
- for (let j = 0; j < BASE_MAP.length; j++) {
205
- BASE_MAP[j] = 255;
206
- }
207
- for (let i = 0; i < ALPHABET.length; i++) {
208
- const x = ALPHABET.charAt(i);
209
- const xc = x.charCodeAt(0);
210
- if (BASE_MAP[xc] !== 255) { throw new TypeError(x + ' is ambiguous') }
211
- BASE_MAP[xc] = i;
212
- }
213
- const BASE = ALPHABET.length;
214
- const LEADER = ALPHABET.charAt(0);
215
- const FACTOR = Math.log(BASE) / Math.log(256); // log(BASE) / log(256), rounded up
216
- const iFACTOR = Math.log(256) / Math.log(BASE); // log(256) / log(BASE), rounded up
217
- function encode (source) {
218
- // eslint-disable-next-line no-empty
219
- if (source instanceof Uint8Array) ; else if (ArrayBuffer.isView(source)) {
220
- source = new Uint8Array(source.buffer, source.byteOffset, source.byteLength);
221
- } else if (Array.isArray(source)) {
222
- source = Uint8Array.from(source);
223
- }
224
- if (!(source instanceof Uint8Array)) { throw new TypeError('Expected Uint8Array') }
225
- if (source.length === 0) { return '' }
226
- // Skip & count leading zeroes.
227
- let zeroes = 0;
228
- let length = 0;
229
- let pbegin = 0;
230
- const pend = source.length;
231
- while (pbegin !== pend && source[pbegin] === 0) {
232
- pbegin++;
233
- zeroes++;
234
- }
235
- // Allocate enough space in big-endian base58 representation.
236
- const size = ((pend - pbegin) * iFACTOR + 1) >>> 0;
237
- const b58 = new Uint8Array(size);
238
- // Process the bytes.
239
- while (pbegin !== pend) {
240
- let carry = source[pbegin];
241
- // Apply "b58 = b58 * 256 + ch".
242
- let i = 0;
243
- for (let it1 = size - 1; (carry !== 0 || i < length) && (it1 !== -1); it1--, i++) {
244
- carry += (256 * b58[it1]) >>> 0;
245
- b58[it1] = (carry % BASE) >>> 0;
246
- carry = (carry / BASE) >>> 0;
247
- }
248
- if (carry !== 0) { throw new Error('Non-zero carry') }
249
- length = i;
250
- pbegin++;
251
- }
252
- // Skip leading zeroes in base58 result.
253
- let it2 = size - length;
254
- while (it2 !== size && b58[it2] === 0) {
255
- it2++;
256
- }
257
- // Translate the result into a string.
258
- let str = LEADER.repeat(zeroes);
259
- for (; it2 < size; ++it2) { str += ALPHABET.charAt(b58[it2]); }
260
- return str
261
- }
262
- function decodeUnsafe (source) {
263
- if (typeof source !== 'string') { throw new TypeError('Expected String') }
264
- if (source.length === 0) { return new Uint8Array() }
265
- let psz = 0;
266
- // Skip and count leading '1's.
267
- let zeroes = 0;
268
- let length = 0;
269
- while (source[psz] === LEADER) {
270
- zeroes++;
271
- psz++;
272
- }
273
- // Allocate enough space in big-endian base256 representation.
274
- const size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
275
- const b256 = new Uint8Array(size);
276
- // Process the characters.
277
- while (psz < source.length) {
278
- // Find code of next character
279
- const charCode = source.charCodeAt(psz);
280
- // Base map can not be indexed using char code
281
- if (charCode > 255) { return }
282
- // Decode character
283
- let carry = BASE_MAP[charCode];
284
- // Invalid character
285
- if (carry === 255) { return }
286
- let i = 0;
287
- for (let it3 = size - 1; (carry !== 0 || i < length) && (it3 !== -1); it3--, i++) {
288
- carry += (BASE * b256[it3]) >>> 0;
289
- b256[it3] = (carry % 256) >>> 0;
290
- carry = (carry / 256) >>> 0;
291
- }
292
- if (carry !== 0) { throw new Error('Non-zero carry') }
293
- length = i;
294
- psz++;
295
- }
296
- // Skip leading zeroes in b256.
297
- let it4 = size - length;
298
- while (it4 !== size && b256[it4] === 0) {
299
- it4++;
300
- }
301
- const vch = new Uint8Array(zeroes + (size - it4));
302
- let j = zeroes;
303
- while (it4 !== size) {
304
- vch[j++] = b256[it4++];
305
- }
306
- return vch
307
- }
308
- function decode (string) {
309
- const buffer = decodeUnsafe(string);
310
- if (buffer) { return buffer }
311
- throw new Error('Non-base' + BASE + ' character')
312
- }
313
- return {
314
- encode,
315
- decodeUnsafe,
316
- decode
317
- }
206
+ function getDefaultExportFromCjs$1 (x) {
207
+ return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
318
208
  }
319
209
 
320
- var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
321
- var bs58$2 = base(ALPHABET);
210
+ var safeBuffer = {exports: {}};
322
211
 
323
- function getDefaultExportFromCjs$1 (x) {
324
- return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
212
+ /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
213
+
214
+ var hasRequiredSafeBuffer;
215
+
216
+ function requireSafeBuffer () {
217
+ if (hasRequiredSafeBuffer) return safeBuffer.exports;
218
+ hasRequiredSafeBuffer = 1;
219
+ (function (module, exports$1) {
220
+ /* eslint-disable node/no-deprecated-api */
221
+ var buffer = require$$0;
222
+ var Buffer = buffer.Buffer;
223
+
224
+ // alternative to using Object.keys for old browsers
225
+ function copyProps (src, dst) {
226
+ for (var key in src) {
227
+ dst[key] = src[key];
228
+ }
229
+ }
230
+ if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) {
231
+ module.exports = buffer;
232
+ } else {
233
+ // Copy properties from require('buffer')
234
+ copyProps(buffer, exports$1);
235
+ exports$1.Buffer = SafeBuffer;
236
+ }
237
+
238
+ function SafeBuffer (arg, encodingOrOffset, length) {
239
+ return Buffer(arg, encodingOrOffset, length)
240
+ }
241
+
242
+ SafeBuffer.prototype = Object.create(Buffer.prototype);
243
+
244
+ // Copy static methods from Buffer
245
+ copyProps(Buffer, SafeBuffer);
246
+
247
+ SafeBuffer.from = function (arg, encodingOrOffset, length) {
248
+ if (typeof arg === 'number') {
249
+ throw new TypeError('Argument must not be a number')
250
+ }
251
+ return Buffer(arg, encodingOrOffset, length)
252
+ };
253
+
254
+ SafeBuffer.alloc = function (size, fill, encoding) {
255
+ if (typeof size !== 'number') {
256
+ throw new TypeError('Argument must be a number')
257
+ }
258
+ var buf = Buffer(size);
259
+ if (fill !== undefined) {
260
+ if (typeof encoding === 'string') {
261
+ buf.fill(fill, encoding);
262
+ } else {
263
+ buf.fill(fill);
264
+ }
265
+ } else {
266
+ buf.fill(0);
267
+ }
268
+ return buf
269
+ };
270
+
271
+ SafeBuffer.allocUnsafe = function (size) {
272
+ if (typeof size !== 'number') {
273
+ throw new TypeError('Argument must be a number')
274
+ }
275
+ return Buffer(size)
276
+ };
277
+
278
+ SafeBuffer.allocUnsafeSlow = function (size) {
279
+ if (typeof size !== 'number') {
280
+ throw new TypeError('Argument must be a number')
281
+ }
282
+ return buffer.SlowBuffer(size)
283
+ };
284
+ } (safeBuffer, safeBuffer.exports));
285
+ return safeBuffer.exports;
286
+ }
287
+
288
+ var src$1;
289
+ var hasRequiredSrc$1;
290
+
291
+ function requireSrc$1 () {
292
+ if (hasRequiredSrc$1) return src$1;
293
+ hasRequiredSrc$1 = 1;
294
+ // base-x encoding / decoding
295
+ // Copyright (c) 2018 base-x contributors
296
+ // Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
297
+ // Distributed under the MIT software license, see the accompanying
298
+ // file LICENSE or http://www.opensource.org/licenses/mit-license.php.
299
+ // @ts-ignore
300
+ var _Buffer = requireSafeBuffer().Buffer;
301
+ function base (ALPHABET) {
302
+ if (ALPHABET.length >= 255) { throw new TypeError('Alphabet too long') }
303
+ var BASE_MAP = new Uint8Array(256);
304
+ for (var j = 0; j < BASE_MAP.length; j++) {
305
+ BASE_MAP[j] = 255;
306
+ }
307
+ for (var i = 0; i < ALPHABET.length; i++) {
308
+ var x = ALPHABET.charAt(i);
309
+ var xc = x.charCodeAt(0);
310
+ if (BASE_MAP[xc] !== 255) { throw new TypeError(x + ' is ambiguous') }
311
+ BASE_MAP[xc] = i;
312
+ }
313
+ var BASE = ALPHABET.length;
314
+ var LEADER = ALPHABET.charAt(0);
315
+ var FACTOR = Math.log(BASE) / Math.log(256); // log(BASE) / log(256), rounded up
316
+ var iFACTOR = Math.log(256) / Math.log(BASE); // log(256) / log(BASE), rounded up
317
+ function encode (source) {
318
+ if (Array.isArray(source) || source instanceof Uint8Array) { source = _Buffer.from(source); }
319
+ if (!_Buffer.isBuffer(source)) { throw new TypeError('Expected Buffer') }
320
+ if (source.length === 0) { return '' }
321
+ // Skip & count leading zeroes.
322
+ var zeroes = 0;
323
+ var length = 0;
324
+ var pbegin = 0;
325
+ var pend = source.length;
326
+ while (pbegin !== pend && source[pbegin] === 0) {
327
+ pbegin++;
328
+ zeroes++;
329
+ }
330
+ // Allocate enough space in big-endian base58 representation.
331
+ var size = ((pend - pbegin) * iFACTOR + 1) >>> 0;
332
+ var b58 = new Uint8Array(size);
333
+ // Process the bytes.
334
+ while (pbegin !== pend) {
335
+ var carry = source[pbegin];
336
+ // Apply "b58 = b58 * 256 + ch".
337
+ var i = 0;
338
+ for (var it1 = size - 1; (carry !== 0 || i < length) && (it1 !== -1); it1--, i++) {
339
+ carry += (256 * b58[it1]) >>> 0;
340
+ b58[it1] = (carry % BASE) >>> 0;
341
+ carry = (carry / BASE) >>> 0;
342
+ }
343
+ if (carry !== 0) { throw new Error('Non-zero carry') }
344
+ length = i;
345
+ pbegin++;
346
+ }
347
+ // Skip leading zeroes in base58 result.
348
+ var it2 = size - length;
349
+ while (it2 !== size && b58[it2] === 0) {
350
+ it2++;
351
+ }
352
+ // Translate the result into a string.
353
+ var str = LEADER.repeat(zeroes);
354
+ for (; it2 < size; ++it2) { str += ALPHABET.charAt(b58[it2]); }
355
+ return str
356
+ }
357
+ function decodeUnsafe (source) {
358
+ if (typeof source !== 'string') { throw new TypeError('Expected String') }
359
+ if (source.length === 0) { return _Buffer.alloc(0) }
360
+ var psz = 0;
361
+ // Skip and count leading '1's.
362
+ var zeroes = 0;
363
+ var length = 0;
364
+ while (source[psz] === LEADER) {
365
+ zeroes++;
366
+ psz++;
367
+ }
368
+ // Allocate enough space in big-endian base256 representation.
369
+ var size = (((source.length - psz) * FACTOR) + 1) >>> 0; // log(58) / log(256), rounded up.
370
+ var b256 = new Uint8Array(size);
371
+ // Process the characters.
372
+ while (psz < source.length) {
373
+ // Find code of next character
374
+ var charCode = source.charCodeAt(psz);
375
+ // Base map can not be indexed using char code
376
+ if (charCode > 255) { return }
377
+ // Decode character
378
+ var carry = BASE_MAP[charCode];
379
+ // Invalid character
380
+ if (carry === 255) { return }
381
+ var i = 0;
382
+ for (var it3 = size - 1; (carry !== 0 || i < length) && (it3 !== -1); it3--, i++) {
383
+ carry += (BASE * b256[it3]) >>> 0;
384
+ b256[it3] = (carry % 256) >>> 0;
385
+ carry = (carry / 256) >>> 0;
386
+ }
387
+ if (carry !== 0) { throw new Error('Non-zero carry') }
388
+ length = i;
389
+ psz++;
390
+ }
391
+ // Skip leading zeroes in b256.
392
+ var it4 = size - length;
393
+ while (it4 !== size && b256[it4] === 0) {
394
+ it4++;
395
+ }
396
+ var vch = _Buffer.allocUnsafe(zeroes + (size - it4));
397
+ vch.fill(0x00, 0, zeroes);
398
+ var j = zeroes;
399
+ while (it4 !== size) {
400
+ vch[j++] = b256[it4++];
401
+ }
402
+ return vch
403
+ }
404
+ function decode (string) {
405
+ var buffer = decodeUnsafe(string);
406
+ if (buffer) { return buffer }
407
+ throw new Error('Non-base' + BASE + ' character')
408
+ }
409
+ return {
410
+ encode: encode,
411
+ decodeUnsafe: decodeUnsafe,
412
+ decode: decode
413
+ }
414
+ }
415
+ src$1 = base;
416
+ return src$1;
325
417
  }
326
418
 
419
+ var bs58$1$1;
420
+ var hasRequiredBs58$1;
421
+
422
+ function requireBs58$1 () {
423
+ if (hasRequiredBs58$1) return bs58$1$1;
424
+ hasRequiredBs58$1 = 1;
425
+ var basex = requireSrc$1();
426
+ var ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
427
+
428
+ bs58$1$1 = basex(ALPHABET);
429
+ return bs58$1$1;
430
+ }
431
+
432
+ var bs58Exports$1 = requireBs58$1();
433
+ var bs58$2 = /*@__PURE__*/getDefaultExportFromCjs$1(bs58Exports$1);
434
+
327
435
  function commonjsRequire$1(path) {
328
436
  throw new Error('Could not dynamically require "' + path + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
329
437
  }
@@ -2714,7 +2822,7 @@ function requireNaclFast$1 () {
2714
2822
  });
2715
2823
  } else if (typeof commonjsRequire$1 !== 'undefined') {
2716
2824
  // Node.js.
2717
- crypto = require$$0;
2825
+ crypto = require$$0$1;
2718
2826
  if (crypto && crypto.randomBytes) {
2719
2827
  nacl.setPRNG(function(x, n) {
2720
2828
  var i, v = crypto.randomBytes(n);
@@ -2786,7 +2894,7 @@ function requireBn () {
2786
2894
  if (hasRequiredBn) return bn$1.exports;
2787
2895
  hasRequiredBn = 1;
2788
2896
  (function (module) {
2789
- (function (module, exports) {
2897
+ (function (module, exports$1) {
2790
2898
 
2791
2899
  // Utils
2792
2900
  function assert (val, msg) {
@@ -2829,7 +2937,7 @@ function requireBn () {
2829
2937
  if (typeof module === 'object') {
2830
2938
  module.exports = BN;
2831
2939
  } else {
2832
- exports.BN = BN;
2940
+ exports$1.BN = BN;
2833
2941
  }
2834
2942
 
2835
2943
  BN.BN = BN;
@@ -6145,19 +6253,24 @@ var BN = /*@__PURE__*/getDefaultExportFromCjs$1(bnExports);
6145
6253
  /* ------------------------------------------------------------------ */
6146
6254
  /* RFC-4501 message */
6147
6255
  /* ------------------------------------------------------------------ */
6148
- async function genSolanaMessage(address) {
6256
+ async function genSolanaMessage(address, nonce) {
6149
6257
  var _a, _b;
6150
- /* Domain / origin arent available server-side – fall back to envs
6258
+ /* Domain / origin aren't available server-side – fall back to envs
6151
6259
  or simple placeholders. */
6152
6260
  const domain = (_a = process.env.SESSION_DOMAIN) !== null && _a !== void 0 ? _a : "server";
6153
6261
  const origin = (_b = process.env.SESSION_ORIGIN) !== null && _b !== void 0 ? _b : "server";
6154
6262
  const statement = "Sign this message to authenticate with our application.";
6155
- const ISO8601 = new Date().toISOString();
6263
+ const currentDate = new Date();
6264
+ const issuedAt = currentDate.toISOString();
6265
+ const expirationDate = new Date(currentDate.getTime() + 5 * 60 * 1000);
6266
+ const expirationTime = expirationDate.toISOString();
6156
6267
  return `${statement}\n\n` +
6157
6268
  `Wallet address:\n${address}\n\n` +
6158
6269
  `Domain: ${domain}\n` +
6159
6270
  `Origin: ${origin}\n` +
6160
- `Issued At: ${ISO8601}`;
6271
+ `Nonce: ${nonce}\n` +
6272
+ `Issued At: ${issuedAt}\n` +
6273
+ `Expiration Time: ${expirationTime}`;
6161
6274
  }
6162
6275
  // ─────────────────────────────────────────────────────────────
6163
6276
  // Serialization Helpers
@@ -6325,7 +6438,9 @@ function loadKeypairFromEnv$1() {
6325
6438
  async function createSession() {
6326
6439
  const kp = loadKeypairFromEnv$1();
6327
6440
  const address = kp.publicKey.toBase58();
6328
- const message = await genSolanaMessage(address);
6441
+ /* fetch nonce from auth API */
6442
+ const nonce = await genAuthNonce();
6443
+ const message = await genSolanaMessage(address, nonce);
6329
6444
  /* sign the message */
6330
6445
  const sigBytes = nacl$1.sign.detached(new TextEncoder().encode(message), kp.secretKey);
6331
6446
  const signature = Buffer.from(sigBytes).toString("base64");
@@ -10005,7 +10120,7 @@ function requireNaclFast () {
10005
10120
  });
10006
10121
  } else if (typeof commonjsRequire !== 'undefined') {
10007
10122
  // Node.js.
10008
- crypto = require$$0;
10123
+ crypto = require$$0$1;
10009
10124
  if (crypto && crypto.randomBytes) {
10010
10125
  nacl.setPRNG(function(x, n) {
10011
10126
  var i, v = crypto.randomBytes(n);
@@ -10469,6 +10584,7 @@ exports.buildSetDocumentsTransaction = buildSetDocumentsTransaction;
10469
10584
  exports.convertRemainingAccounts = convertRemainingAccounts;
10470
10585
  exports.createSessionWithPrivy = createSessionWithPrivy;
10471
10586
  exports.createSessionWithSignature = createSessionWithSignature;
10587
+ exports.genAuthNonce = genAuthNonce;
10472
10588
  exports.genSolanaMessage = genSolanaMessage;
10473
10589
  exports.get = get;
10474
10590
  exports.getAuthProvider = getAuthProvider;