@canvas-js/chain-atp - npm Package Compare versions

Comparing version 0.8.26 to 0.9.0-next.1

lib/ATPSigner.d.ts

		@@ -1,2 +0,3 @@
		import type { Action, Message, Session, SessionSigner, Signature } from "@canvas-js/interfaces";
		import type { Session } from "@canvas-js/interfaces";
		import { AbstractSessionData, AbstractSessionSigner, Ed25519DelegateSigner } from "@canvas-js/signatures";
		import { Operation } from "./operation.js";
		@@ -15,19 +16,15 @@ export type ATPSessionData = {
		}
		export declare class ATPSigner implements SessionSigner<ATPSessionData> {
		export declare class ATPSigner extends AbstractSessionSigner<ATPSessionData> {
		#private;
		private readonly options;
		readonly key: string;
		static createAuthenticationMessage(topic: string, publicKey: string, address: string): string;
		private readonly log;
		readonly codecs: ("dag-cbor" \| "dag-json")[];
		constructor(options?: ATPSignerOptions);
		match: (address: string) => boolean;
		readonly match: (address: string) => boolean;
		readonly verify: typeof Ed25519DelegateSigner.verify;
		verifySession(topic: string, session: Session<ATPSessionData>): Promise<void>;
		private getAddress;
		getSession(topic: string, options?: {
		chain?: string;
		timestamp?: number;
		fromCache?: boolean;
		}): Promise<Session<ATPSessionData>>;
		sign(message: Message<Action \| Session>): Signature;
		clear(topic: string): void;
		protected getAddress(): Promise<string>;
		private loadJWTSession;
		private saveJWTSession;
		protected newSession(data: AbstractSessionData): Promise<Session<ATPSessionData>>;
		}

lib/ATPSigner.js

		@@ -12,15 +12,14 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) \|\| function (receiver, state, kind, f) {
		};
		var _ATPSigner_store, _ATPSigner_agent, _ATPSigner_session;
		import { logger } from "@libp2p/logger";
		var _ATPSigner_agent, _ATPSigner_session;
		import * as ATP from "@atproto/api";
		// Unfortunately this is necessary until the BlueSky team
		// decides to publish ESM modules (please, it's not 2010)
		// Unfortunately this is necessary until the BlueSky team decides
		// to publish ESM modules (please, it's been ten years since ES6)
		const BskyAgent = ATP.BskyAgent ?? ATP["default"].BskyAgent;
		import { Secp256k1Signer } from "@canvas-js/signed-cid";
		import target from "#target";
		import { AbstractSessionSigner, Ed25519DelegateSigner } from "@canvas-js/signatures";
		import { assert } from "@canvas-js/utils";
		import { unpackArchive } from "./mst.js";
		import { verifyCommit } from "./commit.js";
		import { verifyLog } from "./operation.js";
		import { assert, service, signalInvalidType } from "./utils.js";
		export class ATPSigner {
		const service = "bsky.social";
		export class ATPSigner extends AbstractSessionSigner {
		static createAuthenticationMessage(topic, publicKey, address) {
		@@ -30,9 +29,9 @@ return `Authorizing ${publicKey} to sign actions for ${topic} on behalf of ${address}`;
		constructor(options = {}) {
		super("chain-atp", { createSigner: (init) => new Ed25519DelegateSigner(init) });
		this.options = options;
		this.key = "ATPSigner";
		this.log = logger("canvas:chain-atp");
		_ATPSigner_store.set(this, target.getSessionStore());
		this.codecs = [Ed25519DelegateSigner.cborCodec, Ed25519DelegateSigner.jsonCodec];
		_ATPSigner_agent.set(this, new BskyAgent({ service: `https://${service}` }));
		_ATPSigner_session.set(this, null);
		this.match = (address) => address.startsWith("did:plc:");
		this.match = (address) => address.startsWith("did:plc:") \|\| address.startsWith("did:web:");
		this.verify = Ed25519DelegateSigner.verify;
		}
		@@ -54,3 +53,3 @@ async verifySession(topic, session) {
		}
		const sessionData = target.loadJWTSession();
		const sessionData = this.loadJWTSession();
		if (sessionData !== null) {
		@@ -67,26 +66,19 @@ __classPrivateFieldSet(this, _ATPSigner_session, sessionData, "f");
		__classPrivateFieldSet(this, _ATPSigner_session, __classPrivateFieldGet(this, _ATPSigner_agent, "f").session, "f");
		target.saveJWTSession(__classPrivateFieldGet(this, _ATPSigner_session, "f"));
		this.saveJWTSession(__classPrivateFieldGet(this, _ATPSigner_session, "f"));
		return __classPrivateFieldGet(this, _ATPSigner_session, "f").did;
		}
		async getSession(topic, options = {}) {
		this.log("getting session %s");
		const address = await this.getAddress();
		assert(address.startsWith("did:plc:"), "only plc DIDs are supported");
		{
		const { signer, session } = __classPrivateFieldGet(this, _ATPSigner_store, "f").get(topic, address) ?? {};
		if (signer !== undefined && session !== undefined) {
		const { timestamp, duration } = session;
		const t = options.timestamp ?? timestamp;
		if (timestamp <= t && t <= timestamp + (duration ?? Infinity)) {
		this.log("found session for %s in cache: %o", address, session);
		return session;
		}
		else {
		this.log("cached session for %s has expired", address);
		}
		}
		loadJWTSession() {
		const value = this.target.get("canvas-chain-atp/jwt");
		if (value === null) {
		return null;
		}
		if (options.fromCache)
		return Promise.reject();
		this.log("creating new session for %s", address);
		else {
		return JSON.parse(value);
		}
		}
		saveJWTSession(data) {
		this.target.set("canvas-chain-atp/jwt", JSON.stringify(data));
		}
		async newSession(data) {
		const { topic, address, publicKey, timestamp, duration } = data;
		this.log("fetching plc operation log for %s", address);
		@@ -96,4 +88,3 @@ const plcOperationLog = await fetch(`https://plc.directory/${address}/log`).then((res) => res.json());
		this.log("got plc operation log with verification method %s", verificationMethod);
		const signer = new Secp256k1Signer();
		const message = ATPSigner.createAuthenticationMessage(topic, signer.uri, address);
		const message = ATPSigner.createAuthenticationMessage(topic, publicKey, address);
		this.log("posting authentication record for %s", address);
		@@ -115,6 +106,6 @@ const { uri, cid } = await __classPrivateFieldGet(this, _ATPSigner_agent, "f").post({ text: message });
		this.log("deleted authenticion record");
		const session = {
		return {
		type: "session",
		address: address,
		publicKey: signer.uri,
		publicKey: publicKey,
		authorizationData: {
		@@ -127,33 +118,7 @@ verificationMethod,
		blockhash: null,
		duration: null,
		timestamp: options.timestamp ?? Date.now(),
		duration: duration,
		timestamp: timestamp,
		};
		__classPrivateFieldGet(this, _ATPSigner_store, "f").set(topic, address, session, signer);
		return session;
		}
		sign(message) {
		if (message.payload.type === "action") {
		const { address, timestamp } = message.payload;
		const { signer, session } = __classPrivateFieldGet(this, _ATPSigner_store, "f").get(message.topic, address) ?? {};
		assert(signer !== undefined && session !== undefined);
		assert(address === session.address);
		assert(timestamp >= session.timestamp);
		assert(timestamp <= session.timestamp + (session.duration ?? Infinity));
		return signer.sign(message);
		}
		else if (message.payload.type === "session") {
		const { signer, session } = __classPrivateFieldGet(this, _ATPSigner_store, "f").get(message.topic, message.payload.address) ?? {};
		assert(signer !== undefined && session !== undefined);
		// only sign our own current sessions
		assert(message.payload === session);
		return signer.sign(message);
		}
		else {
		signalInvalidType(message.payload);
		}
		}
		clear(topic) {
		__classPrivateFieldGet(this, _ATPSigner_store, "f").clear(topic);
		}
		}
		_ATPSigner_store = new WeakMap(), _ATPSigner_agent = new WeakMap(), _ATPSigner_session = new WeakMap();
		_ATPSigner_agent = new WeakMap(), _ATPSigner_session = new WeakMap();

lib/commit.js

		import * as cbor from "@ipld/dag-cbor";
		import { verifySignature } from "@atproto/crypto";
		import { assert } from "./utils.js";
		import { assert } from "@canvas-js/utils";
		export async function verifyCommit(verificationMethod, commit) {
		@@ -5,0 +5,0 @@ const { sig, ...unsignedCommit } = commit;

lib/mst.js

		import { CarReader } from "@ipld/car";
		import * as cbor from "@ipld/dag-cbor";
		import { assert } from "./utils.js";
		import { assert } from "@canvas-js/utils";
		async function unpackNode(car, path, cid, decoder = new TextDecoder()) {
		@@ -5,0 +5,0 @@ const block = await car.get(cid);

lib/operation.js

		@@ -6,3 +6,3 @@ import { sha256 } from "@noble/hashes/sha256";
		import { verifySignature } from "@atproto/crypto";
		import { assert } from "./utils.js";
		import { assert } from "@canvas-js/utils";
		export async function verifyLog(did, plcOperationLog) {
		@@ -9,0 +9,0 @@ let verificationMethod = null;

package.json

		{
		"name": "@canvas-js/chain-atp",
		"version": "0.8.26",
		"version": "0.9.0-next.1",
		"type": "module",
		@@ -15,14 +15,8 @@ "author": "Canvas Technologies, Inc. (https://canvas.xyz)",
		},
		"imports": {
		"#target": {
		"node": "./lib/targets/node/index.js",
		"browser": "./lib/targets/browser/index.js",
		"default": "./lib/targets/default/index.js"
		}
		},
		"dependencies": {
		"@atproto/api": "^0.6.24",
		"@atproto/crypto": "^0.2.3",
		"@canvas-js/interfaces": "0.8.26",
		"@canvas-js/signed-cid": "0.8.26",
		"@canvas-js/interfaces": "0.9.0-next.1",
		"@canvas-js/signatures": "0.9.0-next.1",
		"@canvas-js/utils": "0.9.0-next.1",
		"@ipld/car": "5.2.6",
		@@ -36,4 +30,4 @@ "@ipld/dag-cbor": "^9.0.6",
		"devDependencies": {
		"@canvas-js/chain-atp": "0.8.26"
		"@canvas-js/chain-atp": "0.9.0-next.1"
		}
		}

lib/targets/browser/index.d.ts

lib/targets/browser/index.js

lib/targets/default/index.d.ts

lib/targets/default/index.js

lib/targets/index.d.ts

lib/targets/index.js

lib/targets/node/index.d.ts

lib/targets/node/index.js

lib/utils.d.ts

lib/utils.js

@canvas-js/chain-atp - npm Package Compare versions

New alerts

Fixed alerts

Worsened metrics

Dependency changes