Skip to content

Commit

Permalink
Update SEP-10 Utils (#568)
Browse files Browse the repository at this point in the history
  • Loading branch information
JakeUrban authored Aug 28, 2020
1 parent 9235964 commit 91140df
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 6 deletions.
17 changes: 13 additions & 4 deletions src/utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ export namespace Utils {
* @memberof Utils
* @param {Keypair} serverKeypair Keypair for server's signing account.
* @param {string} clientAccountID The stellar account that the wallet wishes to authenticate with the server.
* @param {string} anchorName Anchor's name to be used in the manage_data key.
* @param {string} homeDomain The fully qualified domain name of the service requiring authentication
* @param {number} [timeout=300] Challenge duration (default to 5 minutes).
* @param {string} networkPassphrase The network passphrase. If you pass this argument then timeout is required.
* @example
Expand All @@ -39,7 +39,7 @@ export namespace Utils {
export function buildChallengeTx(
serverKeypair: Keypair,
clientAccountID: string,
anchorName: string,
homeDomain: string,
timeout: number = 300,
networkPassphrase: string,
): string {
Expand Down Expand Up @@ -69,7 +69,7 @@ export namespace Utils {
})
.addOperation(
Operation.manageData({
name: `${anchorName} auth`,
name: `${homeDomain} auth`,
value,
source: clientAccountID,
}),
Expand Down Expand Up @@ -102,12 +102,14 @@ export namespace Utils {
* @param {string} challengeTx SEP0010 challenge transaction in base64.
* @param {string} serverAccountID The server's stellar account (public key).
* @param {string} networkPassphrase The network passphrase, e.g.: 'Test SDF Network ; September 2015'.
* @returns {Transaction|string} the actual submited transaction and the stellar public key (master key) used to sign the Manage Data operation.
* @param {string} [homeDomain=undefined] The home domain that should be included in the Manage Data operation's string key.
* @returns {Transaction|string} The actual submited transaction and the stellar public key (master key) used to sign the Manage Data operation.
*/
export function readChallengeTx(
challengeTx: string,
serverAccountID: string,
networkPassphrase: string,
homeDomain?: string,
): { tx: Transaction; clientAccountID: string } {
if (serverAccountID.startsWith("M")) {
throw Error(
Expand Down Expand Up @@ -185,6 +187,13 @@ export namespace Utils {
);
}

// verify homeDomain
if (homeDomain && `${homeDomain} auth` !== operation.name) {
throw new InvalidSep10ChallengeError(
"The transaction's operation key name does not match the expected home domain",
);
}

return { tx: transaction, clientAccountID };
}

Expand Down
5 changes: 3 additions & 2 deletions test/unit/utils_test.js
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,14 @@ describe('Utils', function() {
/Invalid clientAccountID: multiplexed accounts are not supported./
);
});

it('returns challenge which follows SEP0010 spec', function() {
let keypair = StellarSdk.Keypair.random();

const challenge = StellarSdk.Utils.buildChallengeTx(
keypair,
"GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF",
"SDF",
"testanchor.stellar.org",
300,
StellarSdk.Networks.TESTNET
);
Expand All @@ -58,7 +59,7 @@ describe('Utils', function() {

const [ operation ] = transaction.operations;

expect(operation.name).to.eql("SDF auth");
expect(operation.name).to.eql("testanchor.stellar.org auth");
expect(operation.source).to.eql("GBDIT5GUJ7R5BXO3GJHFXJ6AZ5UQK6MNOIDMPQUSMXLIHTUNR2Q5CFNF");
expect(operation.type).to.eql("manageData");
expect(operation.value.length).to.eql(64);
Expand Down

0 comments on commit 91140df

Please sign in to comment.