Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@arianee/arianee-access-token
Advanced tools
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
You need to instantiate the class with a Core instance
const core = core.fromPrivateKey('0x...');
const arianeeAccessToken = new ArianeeAccessToken(core);
You can pass initial values by setting the initialValues
property in the constructor params. Possible initial values are:
walletAccessToken
: the wallet scoped AAT to use at initialization (if invalid or expired, a new one will be generated when needed). Note that under the hood it calls the setItem
method of the storage object optionally passed in the constructor, if you are using a custom storage, this would override the previously stored value.const instance = new ArianeeAccessToken(core, {
initialValues: {
walletAccessToken: 'eyJ0eXAiO...',
},
});
You can use the following methods:
getValidWalletAccessToken(payloadOverride: PayloadOverride = {}, params?: { timeBeforeExp?: number; prefix?: string; }): Promise<string>
This method generates a wallet scoped Arianee Access Token (AAT) and stores it in memory. On subsequent calls, if the stored AAT is still valid, it will return it. Otherwise if it has expired or the expiration is in less than timeBeforeExp
seconds, it will regenerate a new one and return it.
You can use the prefix
parameter to add a string before the arianee access token payload in the message to be signed.
createWalletAccessToken(payloadOverride: PayloadOverride = {}, prefix?: string): Promise<string>
This method generates an Arianee Access Token (AAT) for the wallet scope. It returns a Promise
that resolves to the AAT as a string
.
It takes two optional parameters, a payloadOverride
parameter to override the default payload and a prefix
parameter to add a string before the arianee access token payload in the message to be signed.
createCertificateArianeeAccessToken(certificateId: number, network: string): Promise<string>
This method generates an Arianee Access Token (AAT) for the certificate scope. It takes two parameters: certificateId
, which is the ID of the certificate, and network
, which is the name of the Arianee network. It returns a Promise
that resolves to the AAT as a string
.
createActionArianeeAccessTokenLink(url: string, certificateId: number, network: string): Promise<string>
This method creates a link with an Arianee Access Token (AAT) attached to it. It takes three parameters: url
, which is the URL to attach the AAT to, certificateId
, which is the ID of the certificate, and network
, which is the name of the Arianee network. It returns a Promise
that resolves to the link with the AAT as a string
.
If you only need to decode existing arianee access token, you don't need to instanciate the class.
You can use the following static methods. These methods will automatically detect if the arianee access token is prefixed and handle it. In order for this to work seamlessly, the arianee access tokens must be signed with one of these two signature algorithms (alg prop in header): secp256k1
or ETH
.
static isArianeeAccessTokenValid(arianeeAccessToken: string): boolean
This static method checks if an Arianee Access Token (AAT) is valid. It takes an arianeeAccessToken
parameter as a string
and returns a boolean
indicating whether the AAT is valid or not.
static decodeJwt(arianeeAccessToken: string): {header: JwtHeaderInterface, payload: ArianeeAccessTokenPayload, signature: string}
This static method decodes an Arianee Access Token (AAT). It takes an arianeeAccessToken
parameter as a string
and returns an object with the decoded AAT, containing the header, payload, and signature.
You can pass a storage
object (that implements the Web Storage API
) to the constructor under the params.storage
key.
This storage will be used for caching the generated arianee access token. Make sure that you do not pass an unsafe / public storage as it may expose the generated arianee access token.
FAQs
The ArianeeAccessToken class is a module that allows you to create and manage Arianee Access Tokens (AAT). This class requires the Core class from the @arianee/core module
The npm package @arianee/arianee-access-token receives a total of 74 weekly downloads. As such, @arianee/arianee-access-token popularity was classified as not popular.
We found that @arianee/arianee-access-token demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.