@steemit/koa-jsonrpc
Advanced tools
@steemit/koa-jsonrpc - npm Package Compare versions
Comparing version 1.0.0 to 1.1.0
@@ -0,1 +1,2 @@ | ||
| import { ClientOptions } from 'dsteem'; | ||
| import { JsonRpc, JsonRpcMethodContext } from './jsonrpc'; | ||
@@ -11,4 +12,3 @@ export interface JsonRpcAuthMethodContext extends JsonRpcMethodContext { | ||
| rpcNode: string; | ||
| private requestOptions; | ||
| private seqNo; | ||
| private client; | ||
| /** | ||
@@ -18,3 +18,3 @@ * @param rpcNode Address to steemd node used for signature verification. | ||
| */ | ||
| constructor(rpcNode: string, namespace?: string); | ||
| constructor(rpcNode: string, namespace?: string, options?: ClientOptions); | ||
| /** | ||
@@ -21,0 +21,0 @@ * Register a rpc method that requires request signing. |
@@ -10,3 +10,3 @@ "use strict"; | ||
| const assert = require("assert"); | ||
| const url_1 = require("url"); | ||
| const dsteem_1 = require("dsteem"); | ||
| const jsonrpc_1 = require("./jsonrpc"); | ||
@@ -22,25 +22,31 @@ const utils_1 = require("./utils"); | ||
| */ | ||
| constructor(rpcNode, namespace) { | ||
| constructor(rpcNode, namespace, options) { | ||
| super(namespace); | ||
| this.rpcNode = rpcNode; | ||
| this.seqNo = 0; | ||
| this.verifier = async (message, signatures, account) => { | ||
| const payload = { | ||
| jsonrpc: '2.0', | ||
| method: 'call', | ||
| id: ++this.seqNo, | ||
| params: ['database_api', 'verify_signatures', [{ | ||
| hash: message.toString('hex'), | ||
| signatures, | ||
| required_posting: [account], | ||
| }]] | ||
| }; | ||
| const response = await utils_1.jsonRequest(this.requestOptions, payload); | ||
| assert(response.id === payload.id, 'rpc node response id mismatch'); | ||
| if (response.result.valid !== true) { | ||
| this.verifier = async (message, signatures, accountName) => { | ||
| assert.equal(message.byteLength, 32, 'Invalid message'); | ||
| assert(accountName.length >= 3 && accountName.length <= 16, 'Invalid account name'); | ||
| const [account] = await this.client.database.getAccounts([accountName]); | ||
| if (!account) { | ||
| throw new Error('No such account'); | ||
| } | ||
| if (account.posting.key_auths.length !== 1) { | ||
| throw new Error('Unsupported posting key configuration for account'); | ||
| } | ||
| const [keyWif, keyWeight] = account.posting.key_auths[0]; | ||
| if (account.posting.weight_threshold > keyWeight) { | ||
| throw new Error('Signing key not above weight threshold'); | ||
| } | ||
| if (signatures.length !== 1) { | ||
| throw new Error('Multisig not supported'); | ||
| } | ||
| const prefix = this.client.addressPrefix; | ||
| const key = dsteem_1.PublicKey.from(keyWif, prefix); | ||
| const signature = dsteem_1.Signature.fromString(signatures[0]); | ||
| const signKey = signature.recover(message, prefix); | ||
| if (key.toString() !== signKey.toString()) { | ||
| throw new Error('Invalid signature'); | ||
| } | ||
| }; | ||
| this.requestOptions = url_1.parse(rpcNode); | ||
| this.requestOptions.method = 'post'; | ||
| this.client = new dsteem_1.Client(rpcNode, options); | ||
| } | ||
@@ -56,3 +62,3 @@ /** | ||
| makeHandler(method) { | ||
| const verifier = this.verifier; | ||
| const self = this; | ||
| const paramNames = utils_1.getParamNames(method); | ||
@@ -63,3 +69,3 @@ return async function (__signed) { | ||
| try { | ||
| params = await rpc_auth_1.validate(req, verifier); | ||
| params = await rpc_auth_1.validate(req, self.verifier); | ||
| } | ||
@@ -66,0 +72,0 @@ catch (cause) { |
| { | ||
| "name": "@steemit/koa-jsonrpc", | ||
| "version": "1.0.0", | ||
| "version": "1.1.0", | ||
| "description": "Spec compliant JSON-RPC 2.0 server middleware for Koa", | ||
| "license": "MIT", | ||
@@ -18,3 +19,4 @@ "main": "./lib/index", | ||
| "dependencies": { | ||
| "@steemit/rpc-auth": "^1.0.2", | ||
| "@steemit/rpc-auth": "^1.1.0", | ||
| "dsteem": "^0.8.6", | ||
| "uuid": "^3.1.0", | ||
@@ -31,3 +33,2 @@ "verror": "^1.10.0" | ||
| "bunyan": "^1.8.12", | ||
| "dsteem": "^0.8.5", | ||
| "koa": "^2.4.1", | ||
@@ -34,0 +35,0 @@ "mocha": "^4.0.1", |
Improved metrics
- Total package byte prevSize
- increased by2.62%
23952
- Dev dependency count
- decreased by-6.67%
14
- Lines of code
- increased by0.94%
645
Worsened metrics
- Dependency count
- increased by33.33%
4
Dependency changes
+ Addeddsteem@^0.8.6
+ Addedbase-x@3.0.10(transitive)
+ Addedbindings@1.5.0(transitive)
+ Addedbip66@1.1.5(transitive)
+ Addedbn.js@4.12.1(transitive)
+ Addedbrorand@1.1.0(transitive)
+ Addedbrowserify-aes@1.2.0(transitive)
+ Addedbs58@4.0.1(transitive)
+ Addedbuffer-xor@1.0.3(transitive)
+ Addedbytebuffer@5.0.1(transitive)
+ Addedcipher-base@1.0.6(transitive)
+ Addedcore-js@2.6.12(transitive)
+ Addedcreate-hash@1.2.0(transitive)
+ Addedcreate-hmac@1.1.7(transitive)
+ Addeddrbg.js@1.0.1(transitive)
+ Addeddsteem@0.8.7(transitive)
+ Addedelliptic@6.6.1(transitive)
+ Addedevp_bytestokey@1.0.3(transitive)
+ Addedfile-uri-to-path@1.0.0(transitive)
+ Addedhash-base@3.1.0(transitive)
+ Addedhash.js@1.1.7(transitive)
+ Addedhmac-drbg@1.0.1(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedlong@3.2.0(transitive)
+ Addedmd5.js@1.3.5(transitive)
+ Addedminimalistic-assert@1.0.1(transitive)
+ Addedminimalistic-crypto-utils@1.0.1(transitive)
+ Addednan@2.22.0(transitive)
+ Addednode-fetch@2.7.0(transitive)
+ Addedreadable-stream@3.6.2(transitive)
+ Addedripemd160@2.0.2(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedsecp256k1@3.8.1(transitive)
+ Addedsha.js@2.4.11(transitive)
+ Addedstring_decoder@1.3.0(transitive)
+ Addedtr46@0.0.3(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
+ Addedwebidl-conversions@3.0.1(transitive)
+ Addedwhatwg-fetch@2.0.4(transitive)
+ Addedwhatwg-url@5.0.0(transitive)
Updated@steemit/rpc-auth@^1.1.0