From 91140df00367b854bf7b248b54b82d70b64decc9 Mon Sep 17 00:00:00 2001 From: Jake Urban <10968980+JakeUrban@users.noreply.github.com> Date: Fri, 28 Aug 2020 10:17:47 -0700 Subject: [PATCH] Update SEP-10 Utils (#568) --- src/utils.ts | 17 +++++++++++++---- test/unit/utils_test.js | 5 +++-- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/src/utils.ts b/src/utils.ts index 110bec225..193e9e580 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -26,7 +26,7 @@ export namespace Utils { * @memberof Utils * @param {Keypair} serverKeypair Keypair for server's signing account. * @param {string} clientAccountID The stellar account that the wallet wishes to authenticate with the server. - * @param {string} anchorName Anchor's name to be used in the manage_data key. + * @param {string} homeDomain The fully qualified domain name of the service requiring authentication * @param {number} [timeout=300] Challenge duration (default to 5 minutes). * @param {string} networkPassphrase The network passphrase. If you pass this argument then timeout is required. * @example @@ -39,7 +39,7 @@ export namespace Utils { export function buildChallengeTx( serverKeypair: Keypair, clientAccountID: string, - anchorName: string, + homeDomain: string, timeout: number = 300, networkPassphrase: string, ): string { @@ -69,7 +69,7 @@ export namespace Utils { }) .addOperation( Operation.manageData({ - name: `${anchorName} auth`, + name: `${homeDomain} auth`, value, source: clientAccountID, }), @@ -102,12 +102,14 @@ export namespace Utils { * @param {string} challengeTx SEP0010 challenge transaction in base64. * @param {string} serverAccountID The server's stellar account (public key). * @param {string} networkPassphrase The network passphrase, e.g.: 'Test SDF Network ; September 2015'. - * @returns {Transaction|string} the actual submited transaction and the stellar public key (master key) used to sign the Manage Data operation. + * @param {string} [homeDomain=undefined] The home domain that should be included in the Manage Data operation's string key. + * @returns {Transaction|string} The actual submited transaction and the stellar public key (master key) used to sign the Manage Data operation. */ export function readChallengeTx( challengeTx: string, serverAccountID: string, networkPassphrase: string, + homeDomain?: string, ): { tx: Transaction; clientAccountID: string } { if (serverAccountID.startsWith("M")) { throw Error( @@ -185,6 +187,13 @@ export namespace Utils { ); } + // verify homeDomain + if (homeDomain && `${homeDomain} auth` !== operation.name) { + throw new InvalidSep10ChallengeError( + "The transaction's operation key name does not match the expected home domain", + ); + } + return { tx: transaction, clientAccountID }; } diff --git a/test/unit/utils_test.js b/test/unit/utils_test.js index 32e08b63e..123f0fb02 100644 --- a/test/unit/utils_test.js +++ b/test/unit/utils_test.js @@ -35,13 +35,14 @@ describe('Utils', function() { /Invalid clientAccountID: multiplexed accounts are not supported./ ); }); + it('returns challenge which follows SEP0010 spec', function() { let keypair = StellarSdk.Keypair.random(); const challenge = StellarSdk.Utils.buildChallengeTx( keypair, "GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF", - "SDF", + "testanchor.stellar.org", 300, StellarSdk.Networks.TESTNET ); @@ -58,7 +59,7 @@ describe('Utils', function() { const [ operation ] = transaction.operations; - expect(operation.name).to.eql("SDF auth"); + expect(operation.name).to.eql("testanchor.stellar.org auth"); expect(operation.source).to.eql("GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF"); expect(operation.type).to.eql("manageData"); expect(operation.value.length).to.eql(64);