mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
38447af730
- **feat: add documentation and GitHub Actions workflow for publishing documentation** - **docs(concepts): add documentation for chain modules** - **refactor: Simplify session management with SQLite storage and remove deprecated code** - **refactor: Simplify database initialization and remove DatabaseContext** - **refactor: move connection handling logic to resolver package** - **feat: implement session management with database persistence** - **feat: Ensure config directory exists when creating database path** - **feat: Add SetUserHandle function to set user handle in session** - **feat: Add public methods to set session fields with database save** - **refactor: Remove unused session setter functions** - **feat: Add getter methods for all Session Model properties** - **feat: enhance Session model with user name details** - **feat: add Motr support and update UI elements** - **<no value>** - **feat: Add unique handle constraint and method to check handle existence** - **docs: update site URL to onsonr.dev** - **fix: correct import statement for database package** - **test: updated CI to run tests on pull requests and merge groups** - **docs: remove reference to develop branch in workflow** - **feat: add WebAuthn support for user registration** - **fix: correct smart account attenuation preset name** - **feat: add ComputeIssuerDID and ComputeSonrAddr functions to ucan package** - **test: add unit tests for MPC keyset and keyshare** - **feat: introduce new script to streamline GitHub issue creation**
117 lines
2.7 KiB
Go
117 lines
2.7 KiB
Go
// go:build jwx_es256k
|
|
package spec
|
|
|
|
import (
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/cosmos/cosmos-sdk/types/bech32"
|
|
"github.com/golang-jwt/jwt"
|
|
"github.com/onsonr/sonr/crypto/mpc"
|
|
"github.com/onsonr/sonr/crypto/ucan"
|
|
)
|
|
|
|
type (
|
|
Token = ucan.Token
|
|
Claims = ucan.Claims
|
|
Proof = ucan.Proof
|
|
|
|
Attenuations = ucan.Attenuations
|
|
Fact = ucan.Fact
|
|
)
|
|
|
|
var (
|
|
UCANVersion = ucan.UCANVersion
|
|
UCANVersionKey = ucan.UCANVersionKey
|
|
PrfKey = ucan.PrfKey
|
|
FctKey = ucan.FctKey
|
|
AttKey = ucan.AttKey
|
|
CapKey = ucan.CapKey
|
|
)
|
|
|
|
type ucanKeyshare struct {
|
|
userShare *mpc.UserKeyshare
|
|
valShare *mpc.ValKeyshare
|
|
|
|
addr string
|
|
issuerDID string
|
|
}
|
|
|
|
func (k ucanKeyshare) NewOriginToken(audienceDID string, att Attenuations, fct []Fact, notBefore, expires time.Time) (*ucan.Token, error) {
|
|
return k.newToken(audienceDID, nil, att, fct, notBefore, expires)
|
|
}
|
|
|
|
func (k ucanKeyshare) NewAttenuatedToken(parent *Token, audienceDID string, att ucan.Attenuations, fct []ucan.Fact, nbf, exp time.Time) (*Token, error) {
|
|
if !parent.Attenuations.Contains(att) {
|
|
return nil, fmt.Errorf("scope of ucan attenuations must be less than it's parent")
|
|
}
|
|
return k.newToken(audienceDID, append(parent.Proofs, Proof(parent.Raw)), att, fct, nbf, exp)
|
|
}
|
|
|
|
func (k ucanKeyshare) newToken(audienceDID string, prf []Proof, att Attenuations, fct []Fact, nbf, exp time.Time) (*ucan.Token, error) {
|
|
t := jwt.New(NewJWTSigningMethod("MPC256", k))
|
|
|
|
// if _, err := did.Parse(audienceDID); err != nil {
|
|
// return nil, fmt.Errorf("invalid audience DID: %w", err)
|
|
// }
|
|
|
|
t.Header[UCANVersionKey] = UCANVersion
|
|
|
|
var (
|
|
nbfUnix int64
|
|
expUnix int64
|
|
)
|
|
|
|
if !nbf.IsZero() {
|
|
nbfUnix = nbf.Unix()
|
|
}
|
|
if !exp.IsZero() {
|
|
expUnix = exp.Unix()
|
|
}
|
|
|
|
// set our claims
|
|
t.Claims = &Claims{
|
|
StandardClaims: &jwt.StandardClaims{
|
|
Issuer: k.issuerDID,
|
|
Audience: audienceDID,
|
|
NotBefore: nbfUnix,
|
|
// set the expire time
|
|
// see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-20#section-4.1.4
|
|
ExpiresAt: expUnix,
|
|
},
|
|
Attenuations: att,
|
|
Facts: fct,
|
|
Proofs: prf,
|
|
}
|
|
|
|
raw, err := t.SignedString(nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &Token{
|
|
Raw: raw,
|
|
Attenuations: att,
|
|
Facts: fct,
|
|
Proofs: prf,
|
|
}, nil
|
|
}
|
|
|
|
// ComputeIssuerDID computes the issuer DID from a public key
|
|
func ComputeIssuerDID(pk []byte) (string, string, error) {
|
|
addr, err := ComputeSonrAddr(pk)
|
|
if err != nil {
|
|
return "", "", err
|
|
}
|
|
return fmt.Sprintf("did:sonr:%s", addr), addr, nil
|
|
}
|
|
|
|
// ComputeSonrAddr computes the Sonr address from a public key
|
|
func ComputeSonrAddr(pk []byte) (string, error) {
|
|
sonrAddr, err := bech32.ConvertAndEncode("idx", pk)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
return sonrAddr, nil
|
|
}
|