mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
7c4586ce90
* feat: enable DID auth middleware * feat: implement passkey creation flow * feat: persist user address in cookie and retrieve user profile using address cookie * feat: implement human verification challenge during session initialization * refactor: remove unnecessary random number generation in profile creation * refactor: rename credential validation handler and update related routes * feat: improve profile validation and user experience * feat: add page rendering for profile and passkey creation * refactor: remove unused register handler and update routes * refactor: remove unused imports and simplify credential validation * fix: Correct insecure gRPC client connection * refactor: rename models files for better organization * refactor: refactor grpc client creation and management * refactor: refactor common clients package * <no value> * feat: add CapAccount, CapInterchain, CapVault enums * feat: add ChainId to ResAccount and ResInterchain * feat: add asset code to resource account enumeration * refactor: rename services package to providers * feat: implement gateway database interactions * refactor: move gateway repository to internal/gateway * refactor: Migrate database provider to use sqlx * refactor: Rename Vaults to VaultProvider in HTTPContext struct * refactor: Migrate from GORM to sqlc Queries in database context methods * refactor: Replace GORM with standard SQL and simplify database initialization * refactor: Migrate session management from GORM to sqlc with type conversion * refactor: Update import paths and model references in context package * fix: Resolve session type conversion and middleware issues * refactor: Migrate database from GORM to sqlx * refactor: Move models to pkg/common, improve code structure * refactor: move repository package to internal directory * refactor: move gateway internal packages to context directory * refactor: migrate database provider to use sqlx queries * feat: add session ID to HTTP context and use it to load session data * feat: implement vault creation API endpoint * feat: add DIDKey generation from PubKey * refactor: remove unused DIDAuth components * refactor: move DID auth controller to vault context * chore: remove unused DIDAuth package * refactor: improve clarity of enclave refresh function * feat: implement nonce-based key encryption for improved security * feat: Add Export and Import methods with comprehensive tests for Enclave * fix: Validate AES key length in keyshare encryption and decryption * fix: Resolve key length validation by hashing input keys * refactor: Update keyshare import to use protocol decoding * feat: Refactor enclave encryption to support full enclave export/import * refactor: Simplify Enclave interface methods by removing role parameter * refactor: remove unnecessary serialization from enclave interface * refactor: rename models package in gateway context * refactor: rename keystore vault constants * refactor: remove context parameter from Resolver methods * feat: add CurrentBlock context function and update related components * refactor: rename resolver.go to resolvers.go * feat: Add SQLite random() generation for session and profile initialization * refactor: Update SQL queries to use SQLite-style parameter placeholders * refactor: Replace '?' placeholders with '$n' PostgreSQL parameter syntax * <no value> * refactor: refactor gateway to use middleware for database interactions and improve modularity * feat: implement gateway for Sonr highway * refactor: Remove unused gateway context and refactor cookie/header handling * refactor: improve server initialization and middleware handling * feat: implement human verification for profile creation * feat: implement session management middleware * refactor: refactor common models and config to internal package * refactor: move env config to internal/config * refactor: move database-related code to directory * refactor: move IPFS client to common package and improve code structure * refactor: move querier to common package and rename to chain_query * refactor: move webworker model to internal/models * feat: add initial view template for Sonr.ID * docs(concepts): Add documentation for cosmos-proto * docs: move IBC transfer documentation to tools section * refactor: rename initpkl.go to pkl_init.go for better naming consistency * docs(theme): update dark mode toggle icons * refactor: update sqlite3 driver to ncruces/go-sqlite3 * feat: add Vault model and database interactions * refactor: Improve SQLite schema with better constraints and indexes * chore: update project dependencies * fix: use grpc.WithInsecure() for gRPC connection * config: set localhost as default Sonr gRPC URL * refactor: improve gateway middleware and refactor server initialization * refactor: Remove foreign key pragma from schema SQL * refactor: Remove foreign key constraints from database schema * refactor: Convert primary key columns from INTEGER to TEXT * refactor: Remove unnecessary redirect in error handling
127 lines
3.2 KiB
Go
127 lines
3.2 KiB
Go
package spec
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/onsonr/sonr/crypto/keys"
|
|
"github.com/onsonr/sonr/crypto/ucan"
|
|
"lukechampine.com/blake3"
|
|
)
|
|
|
|
type KeyshareSource interface {
|
|
ucan.Source
|
|
|
|
Address() string
|
|
Issuer() string
|
|
ChainCode() ([]byte, error)
|
|
OriginToken() (*Token, error)
|
|
SignData(data []byte) ([]byte, error)
|
|
VerifyData(data []byte, sig []byte) (bool, error)
|
|
UCANParser() *ucan.TokenParser
|
|
}
|
|
|
|
// func NewSource(ks mpc.KeyEnclave) (KeyshareSource, error) {
|
|
// iss, addr, err := getIssuerDID(val.PublicKey())
|
|
// if err != nil {
|
|
// return nil, err
|
|
// }
|
|
//
|
|
// return ucanKeyshare{
|
|
// issuerDID: iss,
|
|
// addr: addr,
|
|
// }, nil
|
|
// }
|
|
//
|
|
// Address returns the address of the keyshare
|
|
func (k ucanKeyshare) Address() string {
|
|
return k.addr
|
|
}
|
|
|
|
// Issuer returns the DID of the issuer of the keyshare
|
|
func (k ucanKeyshare) Issuer() string {
|
|
return k.issuerDID
|
|
}
|
|
|
|
// ChainCode returns the chain code of the keyshare
|
|
func (k ucanKeyshare) ChainCode() ([]byte, error) {
|
|
sig, err := k.SignData([]byte(k.addr))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
hash := blake3.Sum256(sig)
|
|
// Return the first 32 bytes of the hash
|
|
return hash[:32], nil
|
|
}
|
|
|
|
// DefaultOriginToken returns a default token with the keyshare's issuer as the audience
|
|
func (k ucanKeyshare) OriginToken() (*Token, error) {
|
|
// att := ucan.NewSmartAccount(k.addr)
|
|
zero := time.Time{}
|
|
// return k.NewOriginToken(k.issuerDID, att, nil, zero, zero)
|
|
return k.newToken(k.issuerDID, nil, nil, nil, zero, zero)
|
|
}
|
|
|
|
func (k ucanKeyshare) SignData(data []byte) ([]byte, error) {
|
|
// // Create signing functions
|
|
// signFunc, err := k.userShare.SignFunc(data)
|
|
// if err != nil {
|
|
// return nil, fmt.Errorf("failed to create sign function: %w", err)
|
|
// }
|
|
//
|
|
// valSignFunc, err := k.valShare.SignFunc(data)
|
|
// if err != nil {
|
|
// return nil, fmt.Errorf("failed to create validator sign function: %w", err)
|
|
// }
|
|
|
|
// Run the signing protocol
|
|
// return mpc.ExecuteSigning(valSignFunc, signFunc)
|
|
return nil, nil
|
|
}
|
|
|
|
func (k ucanKeyshare) VerifyData(data []byte, sig []byte) (bool, error) {
|
|
return false, nil
|
|
// return k.valShare.PublicKey().Verify(data, sig)
|
|
}
|
|
|
|
// TokenParser returns a token parser that can be used to parse tokens
|
|
func (k ucanKeyshare) UCANParser() *ucan.TokenParser {
|
|
caps := ucan.AccountPermissions.GetCapabilities()
|
|
ac := func(m map[string]interface{}) (ucan.Attenuation, error) {
|
|
var (
|
|
cap string
|
|
rsc ucan.Resource
|
|
)
|
|
for key, vali := range m {
|
|
val, ok := vali.(string)
|
|
if !ok {
|
|
return ucan.Attenuation{}, fmt.Errorf(`expected attenuation value to be a string`)
|
|
}
|
|
|
|
if key == ucan.CapKey {
|
|
cap = val
|
|
} else {
|
|
}
|
|
}
|
|
|
|
return ucan.Attenuation{
|
|
Rsc: rsc,
|
|
Cap: caps.Cap(cap),
|
|
}, nil
|
|
}
|
|
|
|
store := ucan.NewMemTokenStore()
|
|
return ucan.NewTokenParser(ac, customDIDPubKeyResolver{}, store.(ucan.CIDBytesResolver))
|
|
}
|
|
|
|
// customDIDPubKeyResolver implements the DIDPubKeyResolver interface without
|
|
// any network backing. Works if the key string given contains the public key
|
|
// itself
|
|
type customDIDPubKeyResolver struct{}
|
|
|
|
// ResolveDIDKey extracts a public key from a did:key string
|
|
func (customDIDPubKeyResolver) ResolveDIDKey(ctx context.Context, didStr string) (keys.DID, error) {
|
|
return keys.Parse(didStr)
|
|
}
|