zano_web3 7.2.0 → 7.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -2
- package/server/src/server.ts +66 -2
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "zano_web3",
|
|
3
|
-
"version": "7.
|
|
3
|
+
"version": "7.3.0",
|
|
4
4
|
"description": "",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"scripts": {
|
|
@@ -31,6 +31,7 @@
|
|
|
31
31
|
"axios": "^1.7.2",
|
|
32
32
|
"big.js": "^6.2.1",
|
|
33
33
|
"decimal.js": "^10.4.3",
|
|
34
|
+
"node-forge": "^1.3.1",
|
|
34
35
|
"react": "^18.3.1",
|
|
35
36
|
"typescript": "^5.5.4",
|
|
36
37
|
"uuid": "^10.0.0"
|
|
@@ -55,5 +56,8 @@
|
|
|
55
56
|
"types": "./shared/dist/index.d.ts"
|
|
56
57
|
}
|
|
57
58
|
},
|
|
58
|
-
"homepage": "https://github.com/hyle-team/zano_web3#readme"
|
|
59
|
+
"homepage": "https://github.com/hyle-team/zano_web3#readme",
|
|
60
|
+
"devDependencies": {
|
|
61
|
+
"@types/node-forge": "^1.3.11"
|
|
62
|
+
}
|
|
59
63
|
}
|
package/server/src/server.ts
CHANGED
|
@@ -12,10 +12,12 @@ import {
|
|
|
12
12
|
|
|
13
13
|
import { ZANO_ASSET_ID, ZanoError } from "./utils";
|
|
14
14
|
import { APIAsset, APIBalance } from "./types";
|
|
15
|
+
import forge from "node-forge";
|
|
15
16
|
|
|
16
17
|
interface ConstructorParams {
|
|
17
18
|
walletUrl: string;
|
|
18
19
|
daemonUrl: string;
|
|
20
|
+
walletAuthToken?: string;
|
|
19
21
|
}
|
|
20
22
|
|
|
21
23
|
interface GetTxsParams {
|
|
@@ -27,18 +29,71 @@ interface GetTxsParams {
|
|
|
27
29
|
update_provision_info?: boolean;
|
|
28
30
|
}
|
|
29
31
|
|
|
32
|
+
interface JWTPayload {
|
|
33
|
+
body_hash: string,
|
|
34
|
+
user: string,
|
|
35
|
+
salt: string,
|
|
36
|
+
exp: number
|
|
37
|
+
}
|
|
38
|
+
|
|
30
39
|
class ServerWallet {
|
|
31
40
|
private walletUrl: string;
|
|
32
41
|
private daemonUrl: string;
|
|
42
|
+
private walletAuthToken: string;
|
|
33
43
|
|
|
34
44
|
constructor(params: ConstructorParams) {
|
|
35
45
|
this.walletUrl = params.walletUrl;
|
|
36
46
|
this.daemonUrl = params.daemonUrl;
|
|
47
|
+
this.walletAuthToken = params.walletAuthToken || "";
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
private generateRandomString(length: number) {
|
|
51
|
+
const bytes = forge.random.getBytesSync(Math.ceil(length / 2));
|
|
52
|
+
const hexString = forge.util.bytesToHex(bytes);
|
|
53
|
+
return hexString.substring(0, length);
|
|
37
54
|
}
|
|
38
55
|
|
|
56
|
+
private createJWSToken(payload: JWTPayload, secretStr: string): string {
|
|
57
|
+
const header = { alg: "HS256", typ: "JWT" };
|
|
58
|
+
const encodedHeader = Buffer.from(JSON.stringify(header))
|
|
59
|
+
.toString("base64")
|
|
60
|
+
.replace(/=/g, "");
|
|
61
|
+
const encodedPayload = Buffer.from(JSON.stringify(payload))
|
|
62
|
+
.toString("base64")
|
|
63
|
+
.replace(/=/g, "");
|
|
64
|
+
|
|
65
|
+
const signature = forge.hmac.create();
|
|
66
|
+
signature.start("sha256", secretStr);
|
|
67
|
+
signature.update(`${encodedHeader}.${encodedPayload}`);
|
|
68
|
+
const encodedSignature = forge.util
|
|
69
|
+
.encode64(signature.digest().getBytes())
|
|
70
|
+
.replace(/=/g, "");
|
|
71
|
+
|
|
72
|
+
return `${encodedHeader}.${encodedPayload}.${encodedSignature}`;
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
|
|
76
|
+
private generateAccessToken(httpBody: string) {
|
|
77
|
+
// Calculate the SHA-256 hash of the HTTP body
|
|
78
|
+
const md = forge.md.sha256.create();
|
|
79
|
+
md.update(httpBody);
|
|
80
|
+
const bodyHash = md.digest().toHex();
|
|
81
|
+
|
|
82
|
+
// Example payload
|
|
83
|
+
const payload = {
|
|
84
|
+
body_hash: bodyHash,
|
|
85
|
+
user: "zano_extension",
|
|
86
|
+
salt: this.generateRandomString(64),
|
|
87
|
+
exp: Math.floor(Date.now() / 1000) + 60, // Expires in 1 minute
|
|
88
|
+
};
|
|
89
|
+
|
|
90
|
+
return this.createJWSToken(payload, this.walletAuthToken);
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
|
|
39
94
|
private async fetchDaemon(method: string, params: any) {
|
|
40
|
-
const headers = { "Content-Type": "application/json" };
|
|
41
95
|
|
|
96
|
+
|
|
42
97
|
const data = {
|
|
43
98
|
jsonrpc: "2.0",
|
|
44
99
|
id: 0,
|
|
@@ -46,11 +101,15 @@ class ServerWallet {
|
|
|
46
101
|
params: params,
|
|
47
102
|
};
|
|
48
103
|
|
|
104
|
+
const headers = {
|
|
105
|
+
"Content-Type": "application/json",
|
|
106
|
+
"Zano-Access-Token": this.generateAccessToken(JSON.stringify(data)),
|
|
107
|
+
};
|
|
108
|
+
|
|
49
109
|
return axios.post(this.daemonUrl, data, { headers });
|
|
50
110
|
}
|
|
51
111
|
|
|
52
112
|
private async fetchWallet(method: string, params: any) {
|
|
53
|
-
const headers = { "Content-Type": "application/json" };
|
|
54
113
|
|
|
55
114
|
const data = {
|
|
56
115
|
jsonrpc: "2.0",
|
|
@@ -59,6 +118,11 @@ class ServerWallet {
|
|
|
59
118
|
params: params,
|
|
60
119
|
};
|
|
61
120
|
|
|
121
|
+
const headers = {
|
|
122
|
+
"Content-Type": "application/json",
|
|
123
|
+
"Zano-Access-Token": this.generateAccessToken(JSON.stringify(data)),
|
|
124
|
+
};
|
|
125
|
+
|
|
62
126
|
return axios.post(this.walletUrl, data, { headers });
|
|
63
127
|
}
|
|
64
128
|
|