Skip to content

Commit

Permalink
Add scheme to verification parameters and tests
Browse files Browse the repository at this point in the history
  • Loading branch information
sbihel committed Apr 10, 2024
1 parent 94bd610 commit 1ae0753
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 5 deletions.
3 changes: 3 additions & 0 deletions packages/siwe/lib/client.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ describe(`Message verification without suppressExceptions`, () => {
.verify({
signature: test_fields.signature,
time: (test_fields as any).time || test_fields.issuedAt,
scheme: (test_fields as any).scheme,
domain: (test_fields as any).domainBinding,
nonce: (test_fields as any).matchNonce,
})
Expand Down Expand Up @@ -85,6 +86,7 @@ describe(`Message verification without suppressExceptions`, () => {
.verify({
signature: test_fields.signature,
time: (test_fields as any).time || test_fields.issuedAt,
scheme: (test_fields as any).scheme,
domain: (test_fields as any).domainBinding,
nonce: (test_fields as any).matchNonce,
})
Expand All @@ -109,6 +111,7 @@ describe(`Message verification with suppressExceptions`, () => {
{
signature: test_fields.signature,
time: (test_fields as any).time || test_fields.issuedAt,
scheme: (test_fields as any).scheme,
domain: (test_fields as any).domainBinding,
nonce: (test_fields as any).matchNonce,
},
Expand Down
19 changes: 16 additions & 3 deletions packages/siwe/lib/client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ import {
} from './utils';

export class SiweMessage {
/**RFC 3986 URI scheme */
/**RFC 3986 URI scheme for the authority that is requesting the signing. */
scheme?: string;
/**RFC 4501 dns authority that is requesting the signing. */
domain: string;
Expand Down Expand Up @@ -118,7 +118,7 @@ export class SiweMessage {
/** Validates all fields of the object */
this.validateMessage();
const headerPrefx = this.scheme ? `${this.scheme}://${this.domain}` : this.domain;
const header = `${headerPrefx} wants you to sign in with your Ethereum account:`;
const header = `${headerPrefx} wants you to sign in with your Ethereum account:`;
const uriField = `URI: ${this.uri}`;
let prefix = [header, this.address].join('\n');
const versionField = `Version: ${this.version}`;
Expand Down Expand Up @@ -250,7 +250,20 @@ export class SiweMessage {
});
}

const { signature, domain, nonce, time } = params;
const { signature, scheme, domain, nonce, time } = params;

/** Scheme for domain binding */
if (scheme && scheme !== this.scheme) {
fail({
success: false,
data: this,
error: new SiweError(
SiweErrorType.SCHEME_MISMATCH,
scheme,
this.scheme
),
});
}

/** Domain binding */
if (domain && domain !== this.domain) {
Expand Down
11 changes: 9 additions & 2 deletions packages/siwe/lib/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ export interface VerifyParams {
/** Signature of the message signed by the wallet */
signature: string;

/** RFC 3986 URI scheme for the authority that is requesting the signing. */
scheme?: string;

/** RFC 4501 dns authority that is requesting the signing. */
domain?: string;

Expand All @@ -17,6 +20,7 @@ export interface VerifyParams {

export const VerifyParamsKeys: Array<keyof VerifyParams> = [
'signature',
'scheme',
'domain',
'nonce',
'time',
Expand Down Expand Up @@ -63,8 +67,8 @@ export class SiweError {
this.received = received;
}

/** Type of the error. */
type: SiweErrorType | string;
/** Type of the error. */
type: SiweErrorType | string;

/** Expected value or condition to pass. */
expected?: string;
Expand All @@ -83,6 +87,9 @@ export enum SiweErrorType {
/** `domain` is not a valid authority or is empty. */
INVALID_DOMAIN = 'Invalid domain.',

/** `scheme` don't match the scheme provided for verification. */
SCHEME_MISMATCH = 'Scheme does not match provided scheme for verification.',

/** `domain` don't match the domain provided for verification. */
DOMAIN_MISMATCH = 'Domain does not match provided domain for verification.',

Expand Down

0 comments on commit 1ae0753

Please sign in to comment.