@yeying-community/web3-bs 1.0.4 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -1,13 +1,15 @@
1
- # YeYing Inject Wallet SDK
1
+ # YeYing Browser DApp Access SDK
2
2
 
3
- 轻量级注入钱包 SDK,专注浏览器端 EIP-1193 Provider。默认优先选择 YeYing Wallet(支持 EIP-6963 多钱包发现)。
4
- 仅支持浏览器环境(依赖 `window` / `localStorage` / `fetch`)。
3
+ 浏览器端 DApp 接入 SDK,用于统一封装钱包连接、会话维护、SIWE 登录、UCAN 多后端授权、中心化服务接入和 WebDAV 存储访问。
4
+ 它优先面向 EIP-1193 / EIP-6963 钱包生态,可对接 YeYing、MetaMask 等浏览器钱包;也可对接能暴露 EIP-1193 能力的 App 钱包或中心化认证服务。仅支持浏览器环境(依赖 `window` / `localStorage` / `fetch`)。
5
5
 
6
6
  功能要点:
7
7
  - 浏览器端 EIP-1193 Provider 辅助库
8
- - 默认优先 YeYing Wallet
8
+ - 默认优先 YeYing Wallet,也兼容其他 EIP-1193 钱包
9
9
  - 内置 `signMessage` / `loginWithChallenge` / `refresh` / `logout` 等方法
10
10
  - 支持 UCAN Session + SIWE Bridge,用于多后端授权
11
+ - 支持中心化 UCAN Demo API:`createCentralSession` / `issueCentralUcan` / `authCentralUcanFetch`
12
+ - 统一封装前端连接会话、token 会话与 WebDAV 访问会话,降低 DApp 集成成本
11
13
 
12
14
  ## 安装
13
15
 
@@ -16,10 +18,24 @@ npm install @yeying-community/web3-bs
16
18
  ```
17
19
 
18
20
  更多集成与流程说明见 `docs/sdk-design.md`。
21
+ 推荐先读:
22
+ - `docs/README.md`
23
+ - `docs/positioning.md`
24
+ - `docs/quickstart.md`
25
+ - `docs/capability-matrix.md`
26
+
27
+ ## 接入路线
28
+
29
+ - 钱包插件路线:适合浏览器内已有 YeYing、MetaMask 等插件钱包的 DApp;优先使用 `getProvider`、`loginWithChallenge`,并可扩展到 UCAN 多后端授权(钱包 UCAN RPC 优先,不支持时 SDK 自动回退本地 Ed25519 session)
30
+ - App 钱包路线:适合移动端 Web;前提是钱包 App 或桥接层能暴露 EIP-1193 provider,通常使用 `requestAccounts`、`signMessage`、`loginWithChallenge`
31
+ - 中心化服务路线:适合无钱包、无插件或更关注接入成本的场景;使用 JWT 或中心化 UCAN,通常组合 `setAccessToken`、`authFetch`、`createCentralSession`、`issueCentralUcan`
32
+
33
+ 能力对比见 `docs/capability-matrix.md`,详细接入步骤见 `docs/quickstart.md`。
19
34
 
20
35
  ## 示例
21
36
 
22
37
  - Frontend Dapp (HTML): `examples/frontend/dapp.html`
38
+ - Frontend Mobile Central UCAN Demo: `examples/frontend/mobile-central-ucan.html`
23
39
  - Frontend Dapp (TS module): `examples/frontend/main.ts`
24
40
  - Backend server (Node): `examples/backend/node/server.js`
25
41
  - Backend server (Go): `examples/backend/go/main.go`
@@ -90,9 +106,25 @@ npm install @yeying-community/web3-bs
90
106
  - UCAN 调用的 `audience` 与后端 `UCAN_AUD` 一致(如 `did:web:127.0.0.1:3202`)
91
107
 
92
108
  提示:`examples/frontend/dapp.html` 已内置多后端列表,可在一次 UCAN 授权后依次调用多个服务。
109
+ 提示:Demo 的 UCAN 流程按协议链路实现为 `Root(SIWE) -> Delegation -> Invocation`,便于按步骤理解多后端授权。
93
110
 
94
111
  ## 常见问题
95
112
 
113
+ ### 如何快速验证能力矩阵(钱包 UCAN + 本地回退)
114
+
115
+ 执行:
116
+
117
+ ```bash
118
+ npm run check:capabilities
119
+ ```
120
+
121
+ 该脚本会自动验证:
122
+ - 钱包 UCAN RPC 路径(`createUcanSession` 返回 `source=wallet`)
123
+ - UCAN 本地回退路径(钱包不支持 `yeying_ucan_*` 时 `source=local`)
124
+ - `createRootUcan` + `createInvocationUcan` 两条链路
125
+ - `initWebDavStorage` 的 UCAN 自动初始化
126
+ - 中心化 UCAN API 是否已导出(`createCentralSession` / `issueCentralUcan` / `authCentralUcanFetch`)
127
+
96
128
  ### 刷新token失败
97
129
 
98
130
  清理旧 Cookie 后重新登录:在浏览器 DevTools → Application → Cookies → http://127.0.0.1:8001 删除 refresh_token,再点 Login 后再点 Refresh Token。
@@ -103,8 +135,11 @@ npm install @yeying-community/web3-bs
103
135
 
104
136
  排查与解决:
105
137
  - 确认 `baseUrl` 指向 WebDAV 服务(默认 `http://127.0.0.1:6065`),不要误用 320x 认证后端。
106
- - `audience` 必须与 WebDAV 服务端 `UCAN_AUD` 一致(例如 `did:web:127.0.0.1:6065`)。
107
- - `capabilities` 与服务端要求一致(`UCAN_RESOURCE` / `UCAN_ACTION`)。
138
+ - `baseUrl` 不应包含任何路径;若服务挂载在子路径,请用 `prefix` 指定(例如 `/dav`)。
139
+ - `audience` 必须与 WebDAV 服务端 `web3.ucan.audience` 一致(例如 `did:web:127.0.0.1:6065`)。
140
+ - `capabilities` 与服务端要求一致(优先 `web3.ucan.required_capabilities`,兼容 `required_resource/required_action`)。
141
+ - SDK 推荐使用 `with/can`(兼容 `resource/action`),例如:`{ with: "app:all:<appId>", can: "read,write" }`。
142
+ - 推荐资源统一使用 `app:<scope>:<appId>`,常用为 `with=app:all:<appId>`;请确保路径在 `/apps/<appId>/`(或 `app_scope.path_prefix`)下。
108
143
  - Token 过期或缓存异常时,清理 UCAN 会话并重新登录/生成 Root + Invocation。
109
144
 
110
145
  ### UCAN audience mismatch
@@ -0,0 +1,76 @@
1
+ import type { AuthBaseOptions } from './types';
2
+ import { type UcanCapability } from './ucan';
3
+ export type CentralAuthBaseOptions = AuthBaseOptions & {
4
+ baseUrl?: string;
5
+ issuerPath?: string;
6
+ sessionPath?: string;
7
+ issuePath?: string;
8
+ storeSessionToken?: boolean;
9
+ sessionTokenStorageKey?: string;
10
+ };
11
+ export type CentralIssuerInfo = {
12
+ enabled?: boolean;
13
+ issuerDid?: string;
14
+ defaultAudience?: string;
15
+ defaultCapabilities?: UcanCapability[];
16
+ response: unknown;
17
+ };
18
+ export type CreateCentralSessionOptions = CentralAuthBaseOptions & {
19
+ subject: string;
20
+ sessionTtlMs?: number;
21
+ };
22
+ export type CentralSessionResult = {
23
+ subject: string;
24
+ sessionToken: string;
25
+ expiresAt?: number;
26
+ issuerDid?: string;
27
+ response: unknown;
28
+ };
29
+ export type IssueCentralUcanOptions = CentralAuthBaseOptions & {
30
+ sessionToken?: string | null;
31
+ audience?: string;
32
+ capabilities?: UcanCapability[];
33
+ expiresInMs?: number;
34
+ ttlMs?: number;
35
+ };
36
+ export type CentralUcanIssueResult = {
37
+ ucan: string;
38
+ issuerDid?: string;
39
+ subject?: string;
40
+ audience?: string;
41
+ capabilities?: UcanCapability[];
42
+ exp?: number;
43
+ nbf?: number;
44
+ iat?: number;
45
+ response: unknown;
46
+ };
47
+ export type CreateAndIssueCentralUcanOptions = CentralAuthBaseOptions & {
48
+ subject: string;
49
+ sessionTtlMs?: number;
50
+ audience?: string;
51
+ capabilities?: UcanCapability[];
52
+ expiresInMs?: number;
53
+ ttlMs?: number;
54
+ };
55
+ export type CreateAndIssueCentralUcanResult = {
56
+ session: CentralSessionResult;
57
+ issue: CentralUcanIssueResult;
58
+ };
59
+ export type AuthCentralUcanFetchOptions = CentralAuthBaseOptions & {
60
+ ucan?: string | null;
61
+ sessionToken?: string | null;
62
+ subject?: string;
63
+ sessionTtlMs?: number;
64
+ audience?: string;
65
+ capabilities?: UcanCapability[];
66
+ expiresInMs?: number;
67
+ ttlMs?: number;
68
+ };
69
+ export declare function getCentralSessionToken(options?: CentralAuthBaseOptions): string | null;
70
+ export declare function setCentralSessionToken(token: string | null, options?: CentralAuthBaseOptions): void;
71
+ export declare function clearCentralSessionToken(options?: CentralAuthBaseOptions): void;
72
+ export declare function getCentralIssuerInfo(options?: CentralAuthBaseOptions): Promise<CentralIssuerInfo>;
73
+ export declare function createCentralSession(options: CreateCentralSessionOptions): Promise<CentralSessionResult>;
74
+ export declare function issueCentralUcan(options?: IssueCentralUcanOptions): Promise<CentralUcanIssueResult>;
75
+ export declare function createAndIssueCentralUcan(options: CreateAndIssueCentralUcanOptions): Promise<CreateAndIssueCentralUcanResult>;
76
+ export declare function authCentralUcanFetch(input: RequestInfo | URL, init?: RequestInit, options?: AuthCentralUcanFetchOptions): Promise<Response>;
@@ -2,3 +2,4 @@ export * from './types';
2
2
  export * from './provider';
3
3
  export * from './siwe';
4
4
  export * from './ucan';
5
+ export * from './central';
@@ -1,7 +1,10 @@
1
1
  import { Eip1193Provider } from './types';
2
2
  export type UcanCapability = {
3
- resource: string;
4
- action: string;
3
+ with?: string;
4
+ can?: string;
5
+ resource?: string;
6
+ action?: string;
7
+ nb?: unknown;
5
8
  };
6
9
  export type UcanRootProof = {
7
10
  type: 'siwe';
@@ -24,11 +27,15 @@ export type UcanTokenPayload = {
24
27
  nbf?: number;
25
28
  prf: UcanProof[];
26
29
  };
30
+ export type UcanSessionSource = 'wallet' | 'local';
27
31
  export type UcanSessionRecord = {
28
32
  id: string;
29
33
  did: string;
30
34
  createdAt: number;
31
35
  expiresAt: number | null;
36
+ source?: UcanSessionSource;
37
+ privateKeyJwk?: JsonWebKey;
38
+ publicKeyJwk?: JsonWebKey;
32
39
  root?: UcanRootProof;
33
40
  };
34
41
  export type UcanSessionKey = {
@@ -36,6 +43,7 @@ export type UcanSessionKey = {
36
43
  did: string;
37
44
  createdAt: number;
38
45
  expiresAt: number | null;
46
+ source?: UcanSessionSource;
39
47
  signer?: (signingInput: string, payload: UcanTokenPayload) => Promise<string>;
40
48
  privateKey?: CryptoKey;
41
49
  };
@@ -81,6 +89,14 @@ export type UcanFetchOptions = {
81
89
  notBeforeMs?: number;
82
90
  fetcher?: typeof fetch;
83
91
  };
92
+ export declare function getCapabilityResource(cap: UcanCapability | null | undefined): string;
93
+ export declare function getCapabilityAction(cap: UcanCapability | null | undefined): string;
94
+ export declare function normalizeUcanCapability(cap: UcanCapability | null | undefined, options?: {
95
+ includeLegacyAliases?: boolean;
96
+ }): UcanCapability | null;
97
+ export declare function normalizeUcanCapabilities(caps: UcanCapability[] | undefined, options?: {
98
+ includeLegacyAliases?: boolean;
99
+ }): UcanCapability[];
84
100
  export declare function getUcanSession(id?: string, provider?: Eip1193Provider): Promise<UcanSessionKey | null>;
85
101
  export declare function createUcanSession(options?: CreateUcanSessionOptions): Promise<UcanSessionKey>;
86
102
  export declare function clearUcanSession(id?: string): Promise<void>;
package/dist/dapp.d.ts CHANGED
@@ -8,6 +8,7 @@ export type InitWebDavStorageOptions = {
8
8
  prefix?: string;
9
9
  appDir?: string;
10
10
  appId?: string;
11
+ appAction?: string;
11
12
  ensureAppDir?: boolean;
12
13
  capabilities?: UcanCapability[];
13
14
  invocationCapabilities?: UcanCapability[];