mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 13:07:09 +00:00
Prad Nukala
bd51342fdf
- **deps: remove tigerbeetle-go dependency** - **refactor: remove unused landing page components and models** - **feat: add pin and publish vault handlers** - **refactor: move payment and credential services to webui browser package** - **refactor: remove unused credentials management components** - **feat: add landing page components and middleware for credentials and payments** - **refactor: remove unused imports in vault config** - **refactor: remove unused bank, DID, and DWN gRPC clients** - **refactor: rename client files and improve code structure** - **feat: add session middleware helpers and landing page components** - **feat: add user profile registration flow** - **feat: Implement WebAuthn registration flow** - **feat: add error view for users without WebAuthn devices** - **chore: update htmx to include extensions** - **refactor: rename pin handler to claim handler and update routes** - **chore: update import paths after moving UI components and styles** - **fix: address potential server errors by handling and logging them properly** - **refactor: move vault config to gateway package and update related dependencies** - **style: simplify form styling and remove unnecessary components** - **feat: improve UI design for registration flow** - **feat: implement passkey-based authentication** - **refactor: migrate registration forms to use reusable form components** - **refactor: remove tailwindcss setup and use CDN instead** - **style: update submit button style to use outline variant** - **refactor: refactor server and IPFS client, remove MPC encryption** - **refactor: Abstract keyshare functionality and improve message encoding** - **refactor: improve keyset JSON marshaling and error handling** - **feat: add support for digital signatures using MPC keys** - **fix: Refactor MarshalJSON to use standard json.Marshal for Message serialization** - **fix: Encode messages before storing in keyshare structs** - **style: update form input styles for improved user experience** - **refactor: improve code structure in registration handlers** - **refactor: consolidate signer middleware and IPFS interaction** - **refactor: rename MPC signing and refresh protocol functions** - **refactor: update hway configuration loading mechanism** - **feat: integrate database support for sessions and users** - **refactor: remove devnet infrastructure and simplify build process** - **docs(guides): add Sonr DID module guide** - **feat: integrate progress bar into registration form** - **refactor: migrate WebAuthn dependencies to protocol package** - **feat: enhance user registration with passkey integration and improved form styling** - **refactor: move gateway view handlers to internal pages package** - **refactor: Move address package to MPC module** - **feat: integrate turnstile for registration** - **style: remove unnecessary size attribute from buttons** - **refactor: rename cookie package to session/cookie** - **refactor: remove unnecessary types.Session dependency** - **refactor: rename pkg/core to pkg/chain** - **refactor: simplify deployment process by removing testnet-specific Taskfile and devbox configuration** - **feat: add error redirect functionality and improve routes** - **feat: implement custom error handling for gateway** - **chore: update version number to 0.0.7 in template** - **feat: add IPFS client implementation** - **feat: Implement full IPFS client interface with comprehensive methods** - **refactor: improve IPFS client path handling** - **refactor: Move UCAN middleware to controller package** - **feat: add UCAN middleware to motr** - **refactor: update libp2p dependency** - **docs: add UCAN specification document** - **refactor: move UCAN controller logic to common package** - **refactor: rename exports.go to common.go** - **feat: add UCAN token support** - **refactor: migrate UCAN token parsing to dedicated package** - **refactor: improve CometBFT and app config initialization** - **refactor: improve deployment scripts and documentation** - **feat: integrate IPFS and producer middleware** - **refactor: rename agent directory to aider** - **fix: correct libp2p import path** - **refactor: remove redundant dependency** - **cleanup: remove unnecessary test files** - **refactor: move attention types to crypto/ucan package** - **feat: expand capabilities and resource types for UCANs** - **refactor: rename sonr.go to codec.go and update related imports** - **feat: add IPFS-based token store** - **feat: Implement IPFS-based token store with caching and UCAN integration** - **feat: Add dynamic attenuation constructor for UCAN presets** - **fix: Handle missing or invalid attenuation data with EmptyAttenuation** - **fix: Update UCAN attenuation tests with correct capability types** - **feat: integrate UCAN-based authorization into the producer middleware** - **refactor: remove unused dependency on go-ucan** - **refactor: Move address handling logic to DID module** - **feat: Add support for compressed and uncompressed Secp256k1 public keys in didkey** - **test: Add test for generating DID key from MPC keyshares** - **feat: Add methods for extracting compressed and uncompressed public keys in share types** - **feat: Add BaseKeyshare struct with public key conversion methods** - **refactor: Use compressed and uncompressed public keys in keyshare, fix public key usage in tests and verification** - **feat: add support for key generation policy type** - **fix: correct typo in VaultPermissions constant** - **refactor: move JWT related code to ucan package** - **refactor: move UCAN JWT and source code to spec package**
165 lines
4.8 KiB
Go
165 lines
4.8 KiB
Go
package ucan
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/onsonr/sonr/crypto/ucan/attns/capability"
|
|
"github.com/onsonr/sonr/crypto/ucan/attns/policytype"
|
|
"github.com/onsonr/sonr/crypto/ucan/attns/resourcetype"
|
|
)
|
|
|
|
var EmptyAttenuation = Attenuation{
|
|
Cap: Capability(nil),
|
|
Rsc: Resource(nil),
|
|
}
|
|
|
|
const (
|
|
// Owner
|
|
CapOwner = capability.CAPOWNER
|
|
CapOperator = capability.CAPOPERATOR
|
|
CapObserver = capability.CAPOBSERVER
|
|
|
|
// Auth
|
|
CapAuthenticate = capability.CAPAUTHENTICATE
|
|
CapAuthorize = capability.CAPAUTHORIZE
|
|
CapDelegate = capability.CAPDELEGATE
|
|
CapInvoke = capability.CAPINVOKE
|
|
CapExecute = capability.CAPEXECUTE
|
|
CapPropose = capability.CAPPROPOSE
|
|
CapSign = capability.CAPSIGN
|
|
CapSetPolicy = capability.CAPSETPOLICY
|
|
CapSetThreshold = capability.CAPSETTHRESHOLD
|
|
CapRecover = capability.CAPRECOVER
|
|
CapSocial = capability.CAPSOCIAL
|
|
CapResolver = capability.CAPRESOLVER
|
|
CapProducer = capability.CAPPRODUCER
|
|
|
|
// Resources
|
|
ResAccount = resourcetype.RESACCOUNT
|
|
ResTransaction = resourcetype.RESTRANSACTION
|
|
ResPolicy = resourcetype.RESPOLICY
|
|
ResRecovery = resourcetype.RESRECOVERY
|
|
ResVault = resourcetype.RESVAULT
|
|
ResIPFS = resourcetype.RESIPFS
|
|
ResIPNS = resourcetype.RESIPNS
|
|
ResKeyShare = resourcetype.RESKEYSHARE
|
|
|
|
// PolicyTypes
|
|
PolicyThreshold = policytype.POLICYTHRESHOLD
|
|
PolicyTimelock = policytype.POLICYTIMELOCK
|
|
PolicyWhitelist = policytype.POLICYWHITELIST
|
|
PolicyKeyShare = policytype.POLICYKEYGEN
|
|
)
|
|
|
|
// NewVaultResource creates a new resource identifier
|
|
func NewResource(resType resourcetype.ResourceType, path string) Resource {
|
|
return NewStringLengthResource(string(resType), path)
|
|
}
|
|
|
|
// Permissions represents the type of attenuation
|
|
type Permissions string
|
|
|
|
const (
|
|
// AccountPermissions represents the smart account attenuation
|
|
AccountPermissions = Permissions("account")
|
|
|
|
// ServicePermissions represents the service attenuation
|
|
ServicePermissions = Permissions("service")
|
|
|
|
// VaultPermissions represents the vault attenuation
|
|
VaultPermissions = Permissions("vault")
|
|
)
|
|
|
|
// Cap returns the capability for the given AttenuationPreset
|
|
func (a Permissions) NewCap(c capability.Capability) Capability {
|
|
return a.GetCapabilities().Cap(c.String())
|
|
}
|
|
|
|
// NestedCapabilities returns the nested capabilities for the given AttenuationPreset
|
|
func (a Permissions) GetCapabilities() NestedCapabilities {
|
|
var caps []string
|
|
switch a {
|
|
case AccountPermissions:
|
|
caps = SmartAccountCapabilities()
|
|
case VaultPermissions:
|
|
caps = VaultCapabilities()
|
|
}
|
|
return NewNestedCapabilities(caps...)
|
|
}
|
|
|
|
// Equals returns true if the given AttenuationPreset is equal to the receiver
|
|
func (a Permissions) Equals(b Permissions) bool {
|
|
return a == b
|
|
}
|
|
|
|
// String returns the string representation of the AttenuationPreset
|
|
func (a Permissions) String() string {
|
|
return string(a)
|
|
}
|
|
|
|
// GetConstructor returns the AttenuationConstructorFunc for a Permission
|
|
func (a Permissions) GetConstructor() AttenuationConstructorFunc {
|
|
return NewAttenuationFromPreset(a)
|
|
}
|
|
|
|
// NewAttenuationFromPreset creates an AttenuationConstructorFunc for the given preset
|
|
func NewAttenuationFromPreset(preset Permissions) AttenuationConstructorFunc {
|
|
return func(v map[string]interface{}) (Attenuation, error) {
|
|
// Extract capability and resource from map
|
|
capStr, ok := v["cap"].(string)
|
|
if !ok {
|
|
return EmptyAttenuation, fmt.Errorf("missing or invalid capability in attenuation data")
|
|
}
|
|
|
|
resType, ok := v["type"].(string)
|
|
if !ok {
|
|
return EmptyAttenuation, fmt.Errorf("missing or invalid resource type in attenuation data")
|
|
}
|
|
|
|
path, ok := v["path"].(string)
|
|
if !ok {
|
|
path = "/" // Default path if not specified
|
|
}
|
|
|
|
// Create capability from preset
|
|
cap := preset.NewCap(capability.Capability(capStr))
|
|
if cap == nil {
|
|
return EmptyAttenuation, fmt.Errorf("invalid capability %s for preset %s", capStr, preset)
|
|
}
|
|
|
|
// Create resource
|
|
resource := NewResource(resourcetype.ResourceType(resType), path)
|
|
|
|
return Attenuation{
|
|
Cap: cap,
|
|
Rsc: resource,
|
|
}, nil
|
|
}
|
|
}
|
|
|
|
// GetPresetConstructor returns the appropriate AttenuationConstructorFunc for a given type
|
|
func GetPresetConstructor(attType string) (AttenuationConstructorFunc, error) {
|
|
preset := Permissions(attType)
|
|
switch preset {
|
|
case AccountPermissions, ServicePermissions, VaultPermissions:
|
|
return NewAttenuationFromPreset(preset), nil
|
|
default:
|
|
return nil, fmt.Errorf("unknown attenuation preset: %s", attType)
|
|
}
|
|
}
|
|
|
|
// ParseAttenuationData parses raw attenuation data into a structured format
|
|
func ParseAttenuationData(data map[string]interface{}) (Permissions, map[string]interface{}, error) {
|
|
typeRaw, ok := data["preset"]
|
|
if !ok {
|
|
return "", nil, fmt.Errorf("missing preset type in attenuation data")
|
|
}
|
|
|
|
presetType, ok := typeRaw.(string)
|
|
if !ok {
|
|
return "", nil, fmt.Errorf("invalid preset type format")
|
|
}
|
|
|
|
return Permissions(presetType), data, nil
|
|
}
|