vestauth 0.1.32 → 0.1.36

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/package.json +3 -2
  2. package/src/cli/actions/verifyAgent.js +23 -0
  3. package/src/cli/vestauth.js +10 -0
  4. package/src/lib/api/postVerify.js +42 -0
  5. package/src/lib/helpers/buildApiError.js +16 -0
  6. package/src/lib/helpers/errors.js +11 -0
  7. package/src/lib/helpers/http.js +17 -0
  8. package/src/lib/helpers/keypair.js +4 -1
  9. package/src/lib/helpers/verifyAgent.js +19 -0
  10. package/src/lib/main.js +3 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "vestauth",
3
- "version": "0.1.32",
3
+ "version": "0.1.36",
4
4
  "description": "auth for agents",
5
5
  "keywords": [
6
6
  "vestauth"
@@ -40,7 +40,8 @@
40
40
  "@noble/hashes": "^1.8.0",
41
41
  "@noble/secp256k1": "^1.7.2",
42
42
  "commander": "^11.1.0",
43
- "eciesjs": "^0.4.16"
43
+ "eciesjs": "^0.4.16",
44
+ "undici": "7.11.0"
44
45
  },
45
46
  "devDependencies": {
46
47
  "@yao-pkg/pkg": "^5.14.2",
package/src/cli/actions/verifyAgent.js ADDED
@@ -0,0 +1,23 @@
1
+ const { logger } = require('./../../shared/logger')
2
+
3
+ const main = require('./../../lib/main')
4
+
5
+ async function verifyAgent (providerPrivateKey, providerChallenge, authorizationHeader) {
6
+ logger.debug(`providerPrivateKey: ${providerPrivateKey}`)
7
+ logger.debug(`providerChallenge: ${providerChallenge}`)
8
+ logger.debug(`authorizationHeader: ${authorizationHeader}`)
9
+
10
+ const options = this.opts()
11
+ logger.debug(`options: ${JSON.stringify(options)}`)
12
+
13
+ const json = await main.verifyAgent(providerPrivateKey, providerChallenge, authorizationHeader)
14
+
15
+ let space = 0
16
+ if (options.prettyPrint) {
17
+ space = 2
18
+ }
19
+
20
+ console.log(JSON.stringify(json, null, space))
21
+ }
22
+
23
+ module.exports = verifyAgent
package/src/cli/vestauth.js CHANGED
@@ -81,6 +81,16 @@ program.command('verify')
81
81
  .option('-pp, --pretty-print', 'pretty print output')
82
82
  .action(verifyAction)
83
83
 
84
+ // vestauth verifyAgent
85
+ const verifyAgentAction = require('./actions/verifyAgent')
86
+ program.command('verifyagent')
87
+ .description('verify agent')
88
+ .argument('<providerPrivateKey>', '')
89
+ .argument('<providerChallenge>', '')
90
+ .argument('<authorizationHeader>', '')
91
+ .option('-pp, --pretty-print', 'pretty print output')
92
+ .action(verifyAgentAction)
93
+
84
94
  // vestauth help
85
95
  program.command('help [command]')
86
96
  .description('display help for command')
package/src/lib/api/postVerify.js ADDED
@@ -0,0 +1,42 @@
1
+ const { http } = require('../helpers/http')
2
+ const buildApiError = require('../helpers/buildApiError')
3
+
4
+ class PostVerify {
5
+ constructor (hostname, providerPublicKey, providerSignature, agentPublicKey, agentSignature) {
6
+ this.hostname = hostname || 'https://api.vestauth.com'
7
+ this.providerPublicKey = providerPublicKey
8
+ this.providerSignature = providerSignature
9
+ this.agentPublicKey = agentPublicKey
10
+ this.agentSignature = agentSignature
11
+ }
12
+
13
+ async run () {
14
+ const url = `${this.hostname}/api/agent/verify`
15
+ const providerPublicKey = this.providerPublicKey
16
+ const providerSignature = this.providerSignature
17
+ const agentPublicKey = this.agentPublicKey
18
+ const agentSignature = this.agentSignature
19
+
20
+ const resp = await http(url, {
21
+ method: 'POST',
22
+ headers: {
23
+ Authorization: `Agent ${providerPublicKey}:${providerSignature}`,
24
+ 'Content-Type': 'application/json'
25
+ },
26
+ body: JSON.stringify({
27
+ public_key: agentPublicKey,
28
+ signature: agentSignature
29
+ })
30
+ })
31
+
32
+ if (resp.statusCode >= 400) {
33
+ const json = await resp.body.json()
34
+ throw buildApiError(resp.statusCode, json)
35
+ }
36
+
37
+ const json = await resp.body.json()
38
+ return json
39
+ }
40
+ }
41
+
42
+ module.exports = PostVerify
package/src/lib/helpers/buildApiError.js ADDED
@@ -0,0 +1,16 @@
1
+ function buildApiError (statusCode, json) {
2
+ const code = json.error.code || statusCode.toString()
3
+ const message = `[${code}] ${json.error.message}`
4
+ const help = `[${code}] ${json.error.help || JSON.stringify(json)}`
5
+ const meta = json.error.meta
6
+
7
+ const error = new Error(message)
8
+ error.code = code
9
+ error.help = help
10
+ error.meta = meta
11
+ error.json = json
12
+
13
+ return error
14
+ }
15
+
16
+ module.exports = buildApiError
package/src/lib/helpers/errors.js CHANGED
@@ -3,6 +3,17 @@ class Errors {
3
3
  this.message = options.message
4
4
  }
5
5
 
6
+ econnrefused () {
7
+ const code = 'ECONNREFUSED'
8
+ const message = `[${code}] connection refused`
9
+ const help = `[${code}] check your internet connection`
10
+
11
+ const e = new Error(message)
12
+ e.code = code
13
+ e.help = help
14
+ return e
15
+ }
16
+
6
17
  dangerousDependencyHoist () {
7
18
  const code = 'DANGEROUS_DEPENDENCY_HOIST'
8
19
  const message = `[${code}] your environment has hoisted an incompatible version of a vestauth dependency: ${this.message}`
package/src/lib/helpers/http.js ADDED
@@ -0,0 +1,17 @@
1
+ const { request } = require('undici')
2
+
3
+ const Errors = require('./errors')
4
+
5
+ async function http (url, opts = {}) {
6
+ try {
7
+ return await request(url, opts)
8
+ } catch (err) {
9
+ if (err.code === 'econnrefused') {
10
+ throw new Errors().econnrefused()
11
+ }
12
+
13
+ throw err
14
+ }
15
+ }
16
+
17
+ module.exports = { http }
package/src/lib/helpers/keypair.js CHANGED
@@ -1,10 +1,13 @@
1
1
  const { PrivateKey } = require('eciesjs')
2
2
 
3
+ const stripFormatting = require('./stripFormatting')
4
+
3
5
  function keypair (existingPrivateKey, prefix = 'agent') {
4
6
  let kp
5
7
 
6
8
  if (existingPrivateKey) {
7
- kp = new PrivateKey(Buffer.from(existingPrivateKey, 'hex'))
9
+ const existingPrivateKeyStripped = stripFormatting(existingPrivateKey)
10
+ kp = new PrivateKey(Buffer.from(existingPrivateKeyStripped, 'hex'))
8
11
  } else {
9
12
  kp = new PrivateKey()
10
13
  }
package/src/lib/helpers/verifyAgent.js ADDED
@@ -0,0 +1,19 @@
1
+ const PostVerify = require('../api/postVerify')
2
+ const keypair = require('./keypair')
3
+ const sign = require('./sign')
4
+
5
+ async function verifyAgent (providerPrivateKey, providerChallenge, authorizationHeader) {
6
+ const kp = keypair(providerPrivateKey, 'provider')
7
+ const providerSignature = await sign(providerChallenge, kp.privateKey)
8
+
9
+ const raw = authorizationHeader.replace(/^Agent\s+/i, '').trim() // remove 'Agent ' prefix
10
+ const split = String(raw).split(':')
11
+ const agentPublicKey = split[0]
12
+ const agentSignature = split[1]
13
+
14
+ const json = await new PostVerify('https://api.vestauth.com', kp.publicKey, providerSignature, agentPublicKey, agentSignature).run()
15
+
16
+ return json
17
+ }
18
+
19
+ module.exports = verifyAgent
package/src/lib/main.js CHANGED
@@ -4,6 +4,7 @@ const keypair = require('./helpers/keypair')
4
4
  const sign = require('./helpers/sign')
5
5
  const verify = require('./helpers/verify')
6
6
  const verifyAuthorizationHeader = require('./helpers/verifyAuthorizationHeader')
7
+ const verifyAgent = require('./helpers/verifyAgent')
7
8
 
8
9
  module.exports = {
9
10
  challenge,
@@ -11,5 +12,6 @@ module.exports = {
11
12
  keypair,
12
13
  sign,
13
14
  verify,
14
- verifyAuthorizationHeader
15
+ verifyAuthorizationHeader,
16
+ verifyAgent
15
17
  }