@0xpass/passport - npm Package Compare versions

11

CHANGELOG.md

		# @0xpass/passport

		## 2.0.0

		### Major Changes

		- c8ce2f1: DOA support and api upgrade to accept multiple credentials

		### Patch Changes

		- Updated dependencies [c8ce2f1]
		- @0xpass/models@2.0.0

		## 1.0.1
		@@ -4,0 +15,0 @@

12

dist/index.d.ts

		@@ -10,2 +10,3 @@ import { AuthenticationParams, AuthenticationResponse, DelegatedRegisterAccountParams, DelegatedRegisterAccountResponse, LambaCallParams, LambdaNewParams, Method, NewScopeParams, NewScopeResponse, RegistrationParams, RegistrationResponse, RpcHeaders, RpcMethodParams, SignMessageParams, SignMessageResponse, SignTransactionParams, SignTransactionResponse, UpdateScopeParams, UpdateScopeResponse } from "./types";
		enclave_public_key?: string;
		allow_sessions?: boolean;
		};
		@@ -21,2 +22,3 @@ /**
		private scopeId;
		private userData;
		private signer;
		@@ -28,7 +30,15 @@ private enclavePublicKey;
		private authenticatedHeaders;
		private allowSession;
		/**
		* Sets the user data for the current session.
		* @param userData The user data to set.
		*/
		setUserData(userData: {
		username: string;
		}): void;
		/**
		* Creates a new Passport instance.
		* @param endpoint The RPC endpoint to connect to a Passport node.
		*/
		constructor({ scope_id, signer, endpoint, enclave_public_key, }: PassportConstructorParams);
		constructor({ scope_id, signer, endpoint, enclave_public_key, allow_sessions, }: PassportConstructorParams);
		setupEncryption(): Promise<void>;
		@@ -35,0 +45,0 @@ private isCredentialCreator;

72

dist/index.js

		@@ -5,2 +5,10 @@ import axios from 'axios';

		const AuthenticatedMethod = [
		"personal_sign",
		"eth_signTransaction",
		"eth_signTypedData_v4",
		"createLambda",
		"listLambda",
		];

		const cryptoObj = typeof window !== "undefined" ? window.crypto : crypto;
		@@ -150,9 +158,18 @@ const LOCAL_RSA_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl8sLC46QMKa400EnVfz+bEU2JJHXsXcwIGMItRJ3ZM3XZSzAmELJPh3lAlXyhktq2Cl0w0PuaH//fCQm5/3Rm48ytcdBmvwh3zpCnUylS3eJKF15L2xMb8eQf6nnNMnucnrhvDfdCL5ZZlkn2FDB4/UJpgPfrHivK69gaeT725g89gWvKmEG7+RGoXLPEXU4UyHxYyMMCDwxH2fE+jN53FG8JlwuLu1cbTYxgYIxf4Um+CvYp7irlGfvxP+Ws9lkBJ+MtCishod/7ytJD9jpbYf6BUAHSAeWeNBbkgSdmPSia4Mi2wPXeqmzmovjfJfWSiaCW+wFuMyCGVx/g/znQIDAQAB";
		/**
		* Sets the user data for the current session.
		* @param userData The user data to set.
		*/
		setUserData(userData) {
		this.userData = userData;
		}
		/**
		* Creates a new Passport instance.
		* @param endpoint The RPC endpoint to connect to a Passport node.
		*/
		constructor({ scope_id, signer, endpoint = "https://tiramisu.0xpass.io", enclave_public_key = LOCAL_RSA_PUBLIC_KEY, }) {
		constructor({ scope_id, signer, endpoint = "https://tiramisu.0xpass.io", enclave_public_key = LOCAL_RSA_PUBLIC_KEY, allow_sessions = true, }) {
		this.userData = null;
		this.aesKey = null;
		this.encryptedAesKey = null;
		this.parsedJwt = null;
		this.allowSession = true;
		/**
		@@ -164,3 +181,3 @@ * Signs a message.
		this.signMessage = async (params) => {
		return this.call("personal_sign", [params, this.parsedJwt.address], this.authenticatedHeaders);
		return this.call("personal_sign", [params, "0x0000000000000000000000000000000000000000"], this.authenticatedHeaders);
		};
		@@ -193,3 +210,11 @@ /**
		this.delegatedRegisterAccount = async (params) => {
		return await this.call("delegatedRegistration", params);
		const encrypted_user = await aesEncrypt(JSON.stringify(params), this.aesKey);
		const signature = await this.signer.sign(encrypted_user);
		const encrypted_signature = await aesEncrypt(JSON.stringify(signature), this.aesKey);
		return await this.call("delegatedRegistration", {
		encrypted_user: encrypted_user,
		encrypted_credential: {
		KeySignature: encrypted_signature,
		},
		});
		};
		@@ -239,4 +264,6 @@ this.register = async (params) => {
		this.authenticatedHeaders = {
		"x-encrypted-key": this.encryptedAesKey,
		"x-session": authResult.result.encrypted_jwt,
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Scope-Id": this.scopeId,
		"X-Encrypted-User": encrypted_user,
		"X-Encrypted-Session": authResult.result.encrypted_jwt,
		};
		@@ -264,2 +291,3 @@ const jwt = await aesDecrypt(authResult.result.encrypted_jwt, this.aesKey);
		this.enclavePublicKey = pemToBuffer(enclave_public_key);
		this.allowSession = allow_sessions;
		}
		@@ -287,5 +315,28 @@ async setupEncryption() {
		async call(method, params = {}, headers = undefined) {
		if (headers === undefined) {
		headers = { "x-scope-id": this.scopeId, "x-encrypted-key": this.encryptedAesKey };
		const is_method_authenticated = AuthenticatedMethod.includes(method);
		const encrypted_user = await aesEncrypt(JSON.stringify(this.userData), this.aesKey);
		if (is_method_authenticated) {
		if (!headers \|\| this.allowSession === false) {
		if (!this.userData) {
		throw new Error("User data must be set before proceeding.");
		}
		const signature = await this.signer.sign(encrypted_user);
		console.log(signature);
		const encrypted_signature = await aesEncrypt(JSON.stringify(signature), this.aesKey);
		const header = this.signer.getHeaderName();
		headers = {
		"X-Encrypted-User": encrypted_user,
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Scope-Id": this.scopeId,
		[header]: encrypted_signature,
		};
		}
		}
		else {
		headers = {
		"X-Scope-Id": this.scopeId,
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Encrypted-User": encrypted_user,
		};
		}
		const payload = {
		@@ -295,8 +346,7 @@ jsonrpc: "2.0",
		method,
		params: params,
		params,
		};
		try {
		const { data } = await axios.post(this.endpoint, payload, {
		headers,
		});
		const res = await axios.post(this.endpoint, payload, { headers });
		const { data } = res;
		return data;
		@@ -303,0 +353,0 @@ }

25

dist/types/index.d.ts

		import { LambdaExecutable, NewLambda } from "./lambda";
		export type Method = "personal_sign" \| "eth_signTransaction" \| "eth_signTypedData_v4" \| "verify" \| "createScope" \| "updateScope" \| "delegatedRegistration" \| "initiateRegistration" \| "completeRegistration" \| "initiateAuthentication" \| "completeAuthentication" \| "createLambda" \| "executeLambda" \| "listLambda";
		export declare const AuthenticatedMethod: Array<Method>;
		export type SignMessageParams = string;
		@@ -65,4 +66,13 @@ export type SignMessageResponse = {
		};
		export type DelegatedRegisterAccountParams = {};
		export type DelegatedRegisterAccountResponse = {};
		export type DelegatedRegisterAccountParams = {
		username: string;
		};
		export type DelegatedRegisterAccountResponse = {
		id: string;
		result: {
		account_id: string;
		identifier_hash: string;
		};
		error: any;
		};
		export type AuthenticationResponse = [AuthenticatedHeaders, string];
		@@ -72,10 +82,11 @@ export type RpcMethodParams = NewScopeParams \| UpdateScopeParams \| SignMessageParams \| SignTransactionParams \| DelegatedRegisterAccountParams \| RegistrationParams \| AuthenticationParams;
		export type UnAuthenticatedHeaders = {
		"x-encrypted-key": string;
		"x-scope-id": string;
		"X-Encrypted-Key": string;
		"X-Scope-Id": string;
		"X-Encrypted-User": string;
		};
		export type AuthenticatedHeaders = {
		"x-encrypted-key": string;
		"x-session": string;
		export type SignatureHeader = "X-Encrypted-Session" \| "X-Encrypted-Webauthn-Signature" \| "X-Encrypted-Key-Signature";
		export type AuthenticatedHeaders = UnAuthenticatedHeaders & {
		[key in SignatureHeader]: string;
		};
		export type RpcMethodResponse = NewScopeResponse \| UpdateScopeResponse \| SignMessageResponse \| DelegatedRegisterAccountResponse \| SignTransactionResponse \| RegistrationResponse \| AuthenticationResponse;
		//# sourceMappingURL=index.d.ts.map

4

package.json

		{
		"name": "@0xpass/passport",
		"version": "1.0.1",
		"version": "2.0.0",
		"description": "",
		@@ -21,3 +21,3 @@ "main": "dist/index.js",
		"node-forge": "^1.3.1",
		"@0xpass/models": "1.0.0"
		"@0xpass/models": "2.0.0"
		},
		@@ -24,0 +24,0 @@ "devDependencies": {

2

src/crypto.ts

		@@ -0,1 +1,2 @@

		const cryptoObj = typeof window !== "undefined" ? window.crypto : crypto;
		@@ -51,2 +52,3 @@
		return cryptoObj.subtle.importKey(keyFormat, encryptionKey, algo, extractable, keyUsages);
		return cryptoObj.subtle.importKey(keyFormat, encryptionKey, algo, extractable, keyUsages);
		};
		@@ -53,0 +55,0 @@

88

src/index.ts

		import axios from "axios";
		import {
		AuthenticatedHeaders,
		AuthenticatedMethod,
		AuthenticationParams,
		@@ -22,2 +23,3 @@ AuthenticationResponse,
		SignTransactionResponse,
		SignatureHeader,
		UpdateScopeParams,
		@@ -28,3 +30,3 @@ UpdateScopeResponse,
		import { SignerWithOptionalCreator } from "./types/credential";
		import { CredentialCreator } from "@0xpass/models";
		import { CredentialCreator, KeyAssertion } from "@0xpass/models";
		import {
		@@ -46,2 +48,3 @@ aesDecrypt,
		enclave_public_key?: string;
		allow_sessions?: boolean;
		};
		@@ -60,2 +63,4 @@

		private userData: any \| null = null;

		private signer: SignerWithOptionalCreator;
		@@ -73,3 +78,12 @@

		private allowSession: boolean = true;
		/**
		* Sets the user data for the current session.
		* @param userData The user data to set.
		*/
		public setUserData(userData: { username: string }): void {
		this.userData = userData;
		}

		/**
		* Creates a new Passport instance.
		@@ -83,2 +97,3 @@ * @param endpoint The RPC endpoint to connect to a Passport node.
		enclave_public_key = LOCAL_RSA_PUBLIC_KEY,
		allow_sessions = true,
		}: PassportConstructorParams) {
		@@ -89,2 +104,3 @@ this.scopeId = scope_id;
		this.enclavePublicKey = pemToBuffer(enclave_public_key);
		this.allowSession = allow_sessions;
		}
		@@ -119,5 +135,34 @@
		): Promise<any> {
		if (headers === undefined) {
		headers = { "x-scope-id": this.scopeId, "x-encrypted-key": this.encryptedAesKey };
		const is_method_authenticated: boolean = AuthenticatedMethod.includes(method);
		const encrypted_user = await aesEncrypt(JSON.stringify(this.userData), this.aesKey);

		if (is_method_authenticated) {
		if (!headers \|\| this.allowSession === false) {
		if (!this.userData) {
		throw new Error("User data must be set before proceeding.");
		}


		const signature = await this.signer.sign(encrypted_user);
		console.log(signature)
		const encrypted_signature = await aesEncrypt(JSON.stringify(signature), this.aesKey);

		const header: SignatureHeader = this.signer.getHeaderName() as SignatureHeader;


		headers = {
		"X-Encrypted-User": encrypted_user,
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Scope-Id": this.scopeId,
		[header]: encrypted_signature,
		};
		}
		} else {
		headers = {
		"X-Scope-Id": this.scopeId,
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Encrypted-User": encrypted_user,
		};
		}

		const payload = {
		@@ -127,9 +172,8 @@ jsonrpc: "2.0",
		method,
		params: params,
		params,
		};

		try {
		const { data } = await axios.post(this.endpoint, payload, {
		headers,
		});
		const res = await axios.post(this.endpoint, payload, { headers });
		const { data } = res;
		return data;
		@@ -153,3 +197,7 @@ } catch (error) {
		public signMessage = async (params: SignMessageParams): Promise<SignMessageResponse> => {
		return this.call("personal_sign", [params, this.parsedJwt.address], this.authenticatedHeaders);
		return this.call(
		"personal_sign",
		[params, "0x0000000000000000000000000000000000000000"],
		this.authenticatedHeaders
		);
		};
		@@ -196,3 +244,13 @@
		): Promise<DelegatedRegisterAccountResponse> => {
		return await this.call("delegatedRegistration", params);
		const encrypted_user = await aesEncrypt(JSON.stringify(params), this.aesKey);

		const signature = await this.signer.sign(encrypted_user);
		const encrypted_signature = await aesEncrypt(JSON.stringify(signature), this.aesKey);

		return await this.call("delegatedRegistration", {
		encrypted_user: encrypted_user,
		encrypted_credential: {
		KeySignature: encrypted_signature,
		},
		});
		};
		@@ -245,3 +303,2 @@
		const encrypted_user = await aesEncrypt(JSON.stringify(params), this.aesKey);

		const initAuthResponse = await this.call("initiateAuthentication", {
		@@ -268,7 +325,8 @@ encrypted_user,
		});

		this.authenticatedHeaders = {
		"x-encrypted-key": this.encryptedAesKey,
		"x-session": authResult.result.encrypted_jwt,
		};
		"X-Encrypted-Key": this.encryptedAesKey,
		"X-Scope-Id": this.scopeId,
		"X-Encrypted-User": encrypted_user,
		"X-Encrypted-Session": authResult.result.encrypted_jwt,
		} as AuthenticatedHeaders;
		const jwt = await aesDecrypt(authResult.result.encrypted_jwt, this.aesKey);
		@@ -295,3 +353,3 @@ this.parsedJwt = parseJwt(jwt);
		return this.call("listLambda", {}, this.authenticatedHeaders);
		}
		};
		}
		@@ -298,0 +356,0 @@

17

src/test/passport.test.ts

		@@ -37,2 +37,7 @@ import { Passport, PassportConstructorParams} from "../index";


		getHeaderName(): string {
		return "X-Encrypted-Key-Signature"
		}

		async getAllowCredentials(): Promise<{ key: AllowCredential[]; webauthn: AllowCredential[] }> {
		@@ -174,10 +179,4 @@ return {

		const mockResponse = [
		{
		"x-encrypted-key": ENCRYPTED_AES_KEY,
		"x-session": mockFinishAuthResult.data.result.encrypted_jwt,
		},
		"0x77bf2ff2ecb1d5dbae5fce82136b66a76f8122b5",
		];


		const response = await passport.authenticate({
		@@ -188,3 +187,5 @@ username: "test",

		expect(response).toEqual(mockResponse);
		expect(response[0]["X-Encrypted-Key"]).toEqual(ENCRYPTED_AES_KEY);
		expect(response[0]["X-Encrypted-Session"]).toEqual( mockFinishAuthResult.data.result.encrypted_jwt );
		expect(response[1]).toEqual("0x77bf2ff2ecb1d5dbae5fce82136b66a76f8122b5");
		});
		@@ -191,0 +192,0 @@ });

36

src/types/index.ts

		@@ -19,2 +19,10 @@ import { LambdaExecutable, NewLambda } from "./lambda";

		export const AuthenticatedMethod: Array<Method> = [
		"personal_sign",
		"eth_signTransaction",
		"eth_signTypedData_v4",
		"createLambda",
		"listLambda",
		];

		export type SignMessageParams = string;
		@@ -94,4 +102,13 @@

		export type DelegatedRegisterAccountParams = {};
		export type DelegatedRegisterAccountResponse = {};
		export type DelegatedRegisterAccountParams = {
		username: string;
		};
		export type DelegatedRegisterAccountResponse = {
		id: string;
		result: {
		account_id: string;
		identifier_hash: string;
		};
		error: any;
		};

		@@ -112,9 +129,14 @@ export type AuthenticationResponse = [AuthenticatedHeaders, string];
		export type UnAuthenticatedHeaders = {
		"x-encrypted-key": string;
		"x-scope-id": string;
		"X-Encrypted-Key": string;
		"X-Scope-Id": string;
		"X-Encrypted-User": string;
		};

		export type AuthenticatedHeaders = {
		"x-encrypted-key": string;
		"x-session": string;
		export type SignatureHeader =
		\| "X-Encrypted-Session"
		\| "X-Encrypted-Webauthn-Signature"
		\| "X-Encrypted-Key-Signature";

		export type AuthenticatedHeaders = UnAuthenticatedHeaders & {
		[key in SignatureHeader]: string;
		};
		@@ -121,0 +143,0 @@

.turbo/turbo-build.log