This reverts commit 466ece4588, which has
the message:
"Revert "Merge pull request #7599 from MetaMask/Version-v7.7.0" (#7648)"
This effectively re-introduces the changes from the "LoginPerSite" PR.
feature/default_network_editable
Mark Stacey
5 years ago
parent
5e8a80e21d
commit
9a624dd24c
|
After Width: | Height: | Size: 188 B |
|
After Width: | Height: | Size: 1.2 KiB |
|
Before Width: | Height: | Size: 937 B After Width: | Height: | Size: 937 B |
@ -0,0 +1,377 @@ |
|||||||
|
const JsonRpcEngine = require('json-rpc-engine') |
||||||
|
const asMiddleware = require('json-rpc-engine/src/asMiddleware') |
||||||
|
const ObservableStore = require('obs-store') |
||||||
|
const RpcCap = require('rpc-cap').CapabilitiesController |
||||||
|
const { ethErrors } = require('eth-json-rpc-errors') |
||||||
|
|
||||||
|
const getRestrictedMethods = require('./restrictedMethods') |
||||||
|
const createMethodMiddleware = require('./methodMiddleware') |
||||||
|
const createLoggerMiddleware = require('./loggerMiddleware') |
||||||
|
|
||||||
|
// Methods that do not require any permissions to use:
|
||||||
|
const SAFE_METHODS = require('./permissions-safe-methods.json') |
||||||
|
|
||||||
|
// some constants
|
||||||
|
const METADATA_STORE_KEY = 'domainMetadata' |
||||||
|
const LOG_STORE_KEY = 'permissionsLog' |
||||||
|
const HISTORY_STORE_KEY = 'permissionsHistory' |
||||||
|
const WALLET_METHOD_PREFIX = 'wallet_' |
||||||
|
const CAVEAT_NAMES = { |
||||||
|
exposedAccounts: 'exposedAccounts', |
||||||
|
} |
||||||
|
const ACCOUNTS_CHANGED_NOTIFICATION = 'wallet_accountsChanged' |
||||||
|
|
||||||
|
class PermissionsController { |
||||||
|
|
||||||
|
constructor ( |
||||||
|
{ |
||||||
|
platform, notifyDomain, notifyAllDomains, keyringController, |
||||||
|
} = {}, |
||||||
|
restoredPermissions = {}, |
||||||
|
restoredState = {}) { |
||||||
|
this.store = new ObservableStore({ |
||||||
|
[METADATA_STORE_KEY]: restoredState[METADATA_STORE_KEY] || {}, |
||||||
|
[LOG_STORE_KEY]: restoredState[LOG_STORE_KEY] || [], |
||||||
|
[HISTORY_STORE_KEY]: restoredState[HISTORY_STORE_KEY] || {}, |
||||||
|
}) |
||||||
|
this.notifyDomain = notifyDomain |
||||||
|
this.notifyAllDomains = notifyAllDomains |
||||||
|
this.keyringController = keyringController |
||||||
|
this._platform = platform |
||||||
|
this._restrictedMethods = getRestrictedMethods(this) |
||||||
|
this._initializePermissions(restoredPermissions) |
||||||
|
} |
||||||
|
|
||||||
|
createMiddleware ({ origin, extensionId }) { |
||||||
|
|
||||||
|
if (extensionId) { |
||||||
|
this.store.updateState({ |
||||||
|
[METADATA_STORE_KEY]: { |
||||||
|
...this.store.getState()[METADATA_STORE_KEY], |
||||||
|
[origin]: { extensionId }, |
||||||
|
}, |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
const engine = new JsonRpcEngine() |
||||||
|
|
||||||
|
engine.push(createLoggerMiddleware({ |
||||||
|
walletPrefix: WALLET_METHOD_PREFIX, |
||||||
|
restrictedMethods: Object.keys(this._restrictedMethods), |
||||||
|
ignoreMethods: [ 'wallet_sendDomainMetadata' ], |
||||||
|
store: this.store, |
||||||
|
logStoreKey: LOG_STORE_KEY, |
||||||
|
historyStoreKey: HISTORY_STORE_KEY, |
||||||
|
})) |
||||||
|
|
||||||
|
engine.push(createMethodMiddleware({ |
||||||
|
store: this.store, |
||||||
|
storeKey: METADATA_STORE_KEY, |
||||||
|
getAccounts: this.getAccounts.bind(this, origin), |
||||||
|
requestAccountsPermission: this._requestPermissions.bind( |
||||||
|
this, origin, { eth_accounts: {} } |
||||||
|
), |
||||||
|
})) |
||||||
|
|
||||||
|
engine.push(this.permissions.providerMiddlewareFunction.bind( |
||||||
|
this.permissions, { origin } |
||||||
|
)) |
||||||
|
return asMiddleware(engine) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Returns the accounts that should be exposed for the given origin domain, |
||||||
|
* if any. This method exists for when a trusted context needs to know |
||||||
|
* which accounts are exposed to a given domain. |
||||||
|
* |
||||||
|
* @param {string} origin - The origin string. |
||||||
|
*/ |
||||||
|
getAccounts (origin) { |
||||||
|
return new Promise((resolve, _) => { |
||||||
|
|
||||||
|
const req = { method: 'eth_accounts' } |
||||||
|
const res = {} |
||||||
|
this.permissions.providerMiddlewareFunction( |
||||||
|
{ origin }, req, res, () => {}, _end |
||||||
|
) |
||||||
|
|
||||||
|
function _end () { |
||||||
|
if (res.error || !Array.isArray(res.result)) { |
||||||
|
resolve([]) |
||||||
|
} else { |
||||||
|
resolve(res.result) |
||||||
|
} |
||||||
|
} |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Submits a permissions request to rpc-cap. Internal use only. |
||||||
|
* |
||||||
|
* @param {string} origin - The origin string. |
||||||
|
* @param {IRequestedPermissions} permissions - The requested permissions. |
||||||
|
*/ |
||||||
|
_requestPermissions (origin, permissions) { |
||||||
|
return new Promise((resolve, reject) => { |
||||||
|
|
||||||
|
const req = { method: 'wallet_requestPermissions', params: [permissions] } |
||||||
|
const res = {} |
||||||
|
this.permissions.providerMiddlewareFunction( |
||||||
|
{ origin }, req, res, () => {}, _end |
||||||
|
) |
||||||
|
|
||||||
|
function _end (err) { |
||||||
|
if (err || res.error) { |
||||||
|
reject(err || res.error) |
||||||
|
} else { |
||||||
|
resolve(res.result) |
||||||
|
} |
||||||
|
} |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* User approval callback. The request can fail if the request is invalid. |
||||||
|
* |
||||||
|
* @param {object} approved the approved request object |
||||||
|
*/ |
||||||
|
async approvePermissionsRequest (approved, accounts) { |
||||||
|
|
||||||
|
const { id } = approved.metadata |
||||||
|
const approval = this.pendingApprovals[id] |
||||||
|
|
||||||
|
try { |
||||||
|
|
||||||
|
// attempt to finalize the request and resolve it
|
||||||
|
await this.finalizePermissionsRequest(approved.permissions, accounts) |
||||||
|
approval.resolve(approved.permissions) |
||||||
|
|
||||||
|
} catch (err) { |
||||||
|
|
||||||
|
// if finalization fails, reject the request
|
||||||
|
approval.reject(ethErrors.rpc.invalidRequest({ |
||||||
|
message: err.message, data: err, |
||||||
|
})) |
||||||
|
} |
||||||
|
|
||||||
|
delete this.pendingApprovals[id] |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* User rejection callback. |
||||||
|
* |
||||||
|
* @param {string} id the id of the rejected request |
||||||
|
*/ |
||||||
|
async rejectPermissionsRequest (id) { |
||||||
|
const approval = this.pendingApprovals[id] |
||||||
|
approval.reject(ethErrors.provider.userRejectedRequest()) |
||||||
|
delete this.pendingApprovals[id] |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Grants the given origin the eth_accounts permission for the given account(s). |
||||||
|
* This method should ONLY be called as a result of direct user action in the UI, |
||||||
|
* with the intention of supporting legacy dapps that don't support EIP 1102. |
||||||
|
* |
||||||
|
* @param {string} origin - The origin to expose the account(s) to. |
||||||
|
* @param {Array<string>} accounts - The account(s) to expose. |
||||||
|
*/ |
||||||
|
async legacyExposeAccounts (origin, accounts) { |
||||||
|
|
||||||
|
const permissions = { |
||||||
|
eth_accounts: {}, |
||||||
|
} |
||||||
|
|
||||||
|
await this.finalizePermissionsRequest(permissions, accounts) |
||||||
|
|
||||||
|
let error |
||||||
|
try { |
||||||
|
await new Promise((resolve, reject) => { |
||||||
|
this.permissions.grantNewPermissions(origin, permissions, {}, err => err ? resolve() : reject(err)) |
||||||
|
}) |
||||||
|
} catch (err) { |
||||||
|
error = err |
||||||
|
} |
||||||
|
|
||||||
|
if (error) { |
||||||
|
if (error.code === 4001) { |
||||||
|
throw error |
||||||
|
} else { |
||||||
|
throw ethErrors.rpc.internal({ |
||||||
|
message: `Failed to add 'eth_accounts' to '${origin}'.`, |
||||||
|
data: { |
||||||
|
originalError: error, |
||||||
|
accounts, |
||||||
|
}, |
||||||
|
}) |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Update the accounts exposed to the given origin. |
||||||
|
* Throws error if the update fails. |
||||||
|
* |
||||||
|
* @param {string} origin - The origin to change the exposed accounts for. |
||||||
|
* @param {string[]} accounts - The new account(s) to expose. |
||||||
|
*/ |
||||||
|
async updateExposedAccounts (origin, accounts) { |
||||||
|
|
||||||
|
await this.validateExposedAccounts(accounts) |
||||||
|
|
||||||
|
this.permissions.updateCaveatFor( |
||||||
|
origin, 'eth_accounts', CAVEAT_NAMES.exposedAccounts, accounts |
||||||
|
) |
||||||
|
|
||||||
|
this.notifyDomain(origin, { |
||||||
|
method: ACCOUNTS_CHANGED_NOTIFICATION, |
||||||
|
result: accounts, |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Finalizes a permissions request. |
||||||
|
* Throws if request validation fails. |
||||||
|
* |
||||||
|
* @param {Object} requestedPermissions - The requested permissions. |
||||||
|
* @param {string[]} accounts - The accounts to expose, if any. |
||||||
|
*/ |
||||||
|
async finalizePermissionsRequest (requestedPermissions, accounts) { |
||||||
|
|
||||||
|
const { eth_accounts: ethAccounts } = requestedPermissions |
||||||
|
|
||||||
|
if (ethAccounts) { |
||||||
|
|
||||||
|
await this.validateExposedAccounts(accounts) |
||||||
|
|
||||||
|
if (!ethAccounts.caveats) { |
||||||
|
ethAccounts.caveats = [] |
||||||
|
} |
||||||
|
|
||||||
|
// caveat names are unique, and we will only construct this caveat here
|
||||||
|
ethAccounts.caveats = ethAccounts.caveats.filter(c => ( |
||||||
|
c.name !== CAVEAT_NAMES.exposedAccounts |
||||||
|
)) |
||||||
|
|
||||||
|
ethAccounts.caveats.push( |
||||||
|
{ |
||||||
|
type: 'filterResponse', |
||||||
|
value: accounts, |
||||||
|
name: CAVEAT_NAMES.exposedAccounts, |
||||||
|
}, |
||||||
|
) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Validate an array of accounts representing accounts to be exposed |
||||||
|
* to a domain. Throws error if validation fails. |
||||||
|
* |
||||||
|
* @param {string[]} accounts - An array of addresses. |
||||||
|
*/ |
||||||
|
async validateExposedAccounts (accounts) { |
||||||
|
|
||||||
|
if (!Array.isArray(accounts) || accounts.length === 0) { |
||||||
|
throw new Error('Must provide non-empty array of account(s).') |
||||||
|
} |
||||||
|
|
||||||
|
// assert accounts exist
|
||||||
|
const allAccounts = await this.keyringController.getAccounts() |
||||||
|
accounts.forEach(acc => { |
||||||
|
if (!allAccounts.includes(acc)) { |
||||||
|
throw new Error(`Unknown account: ${acc}`) |
||||||
|
} |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Removes the given permissions for the given domain. |
||||||
|
* @param {object} domains { origin: [permissions] } |
||||||
|
*/ |
||||||
|
removePermissionsFor (domains) { |
||||||
|
|
||||||
|
Object.entries(domains).forEach(([origin, perms]) => { |
||||||
|
|
||||||
|
this.permissions.removePermissionsFor( |
||||||
|
origin, |
||||||
|
perms.map(methodName => { |
||||||
|
|
||||||
|
if (methodName === 'eth_accounts') { |
||||||
|
this.notifyDomain( |
||||||
|
origin, |
||||||
|
{ method: ACCOUNTS_CHANGED_NOTIFICATION, result: [] } |
||||||
|
) |
||||||
|
} |
||||||
|
|
||||||
|
return { parentCapability: methodName } |
||||||
|
}) |
||||||
|
) |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Removes all known domains and their related permissions. |
||||||
|
*/ |
||||||
|
clearPermissions () { |
||||||
|
this.permissions.clearDomains() |
||||||
|
this.notifyAllDomains({ |
||||||
|
method: ACCOUNTS_CHANGED_NOTIFICATION, |
||||||
|
result: [], |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* A convenience method for retrieving a login object |
||||||
|
* or creating a new one if needed. |
||||||
|
* |
||||||
|
* @param {string} origin = The origin string representing the domain. |
||||||
|
*/ |
||||||
|
_initializePermissions (restoredState) { |
||||||
|
|
||||||
|
// these permission requests are almost certainly stale
|
||||||
|
const initState = { ...restoredState, permissionsRequests: [] } |
||||||
|
|
||||||
|
this.pendingApprovals = {} |
||||||
|
|
||||||
|
this.permissions = new RpcCap({ |
||||||
|
|
||||||
|
// Supports passthrough methods:
|
||||||
|
safeMethods: SAFE_METHODS, |
||||||
|
|
||||||
|
// optional prefix for internal methods
|
||||||
|
methodPrefix: WALLET_METHOD_PREFIX, |
||||||
|
|
||||||
|
restrictedMethods: this._restrictedMethods, |
||||||
|
|
||||||
|
/** |
||||||
|
* A promise-returning callback used to determine whether to approve |
||||||
|
* permissions requests or not. |
||||||
|
* |
||||||
|
* Currently only returns a boolean, but eventually should return any |
||||||
|
* specific parameters or amendments to the permissions. |
||||||
|
* |
||||||
|
* @param {string} req - The internal rpc-cap user request object. |
||||||
|
*/ |
||||||
|
requestUserApproval: async (req) => { |
||||||
|
const { metadata: { id } } = req |
||||||
|
|
||||||
|
this._platform.openExtensionInBrowser('connect') |
||||||
|
|
||||||
|
return new Promise((resolve, reject) => { |
||||||
|
this.pendingApprovals[id] = { resolve, reject } |
||||||
|
}) |
||||||
|
}, |
||||||
|
}, initState) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
module.exports = { |
||||||
|
PermissionsController, |
||||||
|
addInternalMethodPrefix: prefix, |
||||||
|
CAVEAT_NAMES, |
||||||
|
} |
||||||
|
|
||||||
|
|
||||||
|
function prefix (method) { |
||||||
|
return WALLET_METHOD_PREFIX + method |
||||||
|
} |
||||||
@ -0,0 +1,169 @@ |
|||||||
|
|
||||||
|
const clone = require('clone') |
||||||
|
const { isValidAddress } = require('ethereumjs-util') |
||||||
|
|
||||||
|
const LOG_LIMIT = 100 |
||||||
|
|
||||||
|
/** |
||||||
|
* Create middleware for logging requests and responses to restricted and |
||||||
|
* permissions-related methods. |
||||||
|
*/ |
||||||
|
module.exports = function createLoggerMiddleware ({ |
||||||
|
walletPrefix, restrictedMethods, store, logStoreKey, historyStoreKey, ignoreMethods, |
||||||
|
}) { |
||||||
|
return (req, res, next, _end) => { |
||||||
|
let activityEntry, requestedMethods |
||||||
|
const { origin, method } = req |
||||||
|
const isInternal = method.startsWith(walletPrefix) |
||||||
|
if ((isInternal || restrictedMethods.includes(method)) && !ignoreMethods.includes(method)) { |
||||||
|
activityEntry = logActivity(req, isInternal) |
||||||
|
if (method === `${walletPrefix}requestPermissions`) { |
||||||
|
requestedMethods = getRequestedMethods(req) |
||||||
|
} |
||||||
|
} else if (method === 'eth_requestAccounts') { |
||||||
|
activityEntry = logActivity(req, isInternal) |
||||||
|
requestedMethods = [ 'eth_accounts' ] |
||||||
|
} else { |
||||||
|
return next() |
||||||
|
} |
||||||
|
|
||||||
|
next(cb => { |
||||||
|
const time = Date.now() |
||||||
|
addResponse(activityEntry, res, time) |
||||||
|
if (!res.error && requestedMethods) { |
||||||
|
logHistory(requestedMethods, origin, res.result, time, method === 'eth_requestAccounts') |
||||||
|
} |
||||||
|
cb() |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
function logActivity (request, isInternal) { |
||||||
|
const activityEntry = { |
||||||
|
id: request.id, |
||||||
|
method: request.method, |
||||||
|
methodType: isInternal ? 'internal' : 'restricted', |
||||||
|
origin: request.origin, |
||||||
|
request: cloneObj(request), |
||||||
|
requestTime: Date.now(), |
||||||
|
response: null, |
||||||
|
responseTime: null, |
||||||
|
success: null, |
||||||
|
} |
||||||
|
commitActivity(activityEntry) |
||||||
|
return activityEntry |
||||||
|
} |
||||||
|
|
||||||
|
function addResponse (activityEntry, response, time) { |
||||||
|
if (!response) { |
||||||
|
return |
||||||
|
} |
||||||
|
activityEntry.response = cloneObj(response) |
||||||
|
activityEntry.responseTime = time |
||||||
|
activityEntry.success = !response.error |
||||||
|
} |
||||||
|
|
||||||
|
function commitActivity (entry) { |
||||||
|
const logs = store.getState()[logStoreKey] |
||||||
|
if (logs.length > LOG_LIMIT - 2) { |
||||||
|
logs.pop() |
||||||
|
} |
||||||
|
logs.push(entry) |
||||||
|
store.updateState({ [logStoreKey]: logs }) |
||||||
|
} |
||||||
|
|
||||||
|
function getRequestedMethods (request) { |
||||||
|
if ( |
||||||
|
!request.params || |
||||||
|
typeof request.params[0] !== 'object' || |
||||||
|
Array.isArray(request.params[0]) |
||||||
|
) { |
||||||
|
return null |
||||||
|
} |
||||||
|
return Object.keys(request.params[0]) |
||||||
|
} |
||||||
|
|
||||||
|
function logHistory (requestedMethods, origin, result, time, isEthRequestAccounts) { |
||||||
|
let accounts, entries |
||||||
|
if (isEthRequestAccounts) { |
||||||
|
accounts = result |
||||||
|
const accountToTimeMap = accounts.reduce((acc, account) => ({ ...acc, [account]: time }), {}) |
||||||
|
entries = { 'eth_accounts': { accounts: accountToTimeMap, lastApproved: time } } |
||||||
|
} else { |
||||||
|
entries = result |
||||||
|
? result |
||||||
|
.map(perm => { |
||||||
|
if (perm.parentCapability === 'eth_accounts') { |
||||||
|
accounts = getAccountsFromPermission(perm) |
||||||
|
} |
||||||
|
return perm.parentCapability |
||||||
|
}) |
||||||
|
.reduce((acc, m) => { |
||||||
|
if (requestedMethods.includes(m)) { |
||||||
|
if (m === 'eth_accounts') { |
||||||
|
const accountToTimeMap = accounts.reduce((acc, account) => ({ ...acc, [account]: time }), {}) |
||||||
|
acc[m] = { lastApproved: time, accounts: accountToTimeMap } |
||||||
|
} else { |
||||||
|
acc[m] = { lastApproved: time } |
||||||
|
} |
||||||
|
} |
||||||
|
return acc |
||||||
|
}, {}) |
||||||
|
: {} |
||||||
|
} |
||||||
|
|
||||||
|
if (Object.keys(entries).length > 0) { |
||||||
|
commitHistory(origin, entries) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
function commitHistory (origin, entries) { |
||||||
|
const history = store.getState()[historyStoreKey] || {} |
||||||
|
const newOriginHistory = { |
||||||
|
...history[origin], |
||||||
|
...entries, |
||||||
|
} |
||||||
|
|
||||||
|
if (history[origin] && history[origin]['eth_accounts'] && entries['eth_accounts']) { |
||||||
|
newOriginHistory['eth_accounts'] = { |
||||||
|
lastApproved: entries['eth_accounts'].lastApproved, |
||||||
|
accounts: { |
||||||
|
...history[origin]['eth_accounts'].accounts, |
||||||
|
...entries['eth_accounts'].accounts, |
||||||
|
}, |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
history[origin] = newOriginHistory |
||||||
|
|
||||||
|
store.updateState({ [historyStoreKey]: history }) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
// the call to clone is set to disallow circular references
|
||||||
|
// we attempt cloning at a depth of 3 and 2, then return a
|
||||||
|
// shallow copy of the object
|
||||||
|
function cloneObj (obj) { |
||||||
|
for (let i = 3; i > 1; i--) { |
||||||
|
try { |
||||||
|
return clone(obj, false, i) |
||||||
|
} catch (_) {} |
||||||
|
} |
||||||
|
return { ...obj } |
||||||
|
} |
||||||
|
|
||||||
|
function getAccountsFromPermission (perm) { |
||||||
|
if (perm.parentCapability !== 'eth_accounts' || !perm.caveats) { |
||||||
|
return [] |
||||||
|
} |
||||||
|
const accounts = {} |
||||||
|
for (const c of perm.caveats) { |
||||||
|
if (c.type === 'filterResponse' && Array.isArray(c.value)) { |
||||||
|
for (const v of c.value) { |
||||||
|
if (isValidAddress(v)) { |
||||||
|
accounts[v] = true |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
return Object.keys(accounts) |
||||||
|
} |
||||||
@ -0,0 +1,90 @@ |
|||||||
|
|
||||||
|
const createAsyncMiddleware = require('json-rpc-engine/src/createAsyncMiddleware') |
||||||
|
const { ethErrors } = require('eth-json-rpc-errors') |
||||||
|
|
||||||
|
/** |
||||||
|
* Create middleware for handling certain methods and preprocessing permissions requests. |
||||||
|
*/ |
||||||
|
module.exports = function createMethodMiddleware ({ |
||||||
|
store, storeKey, getAccounts, requestAccountsPermission, |
||||||
|
}) { |
||||||
|
return createAsyncMiddleware(async (req, res, next) => { |
||||||
|
|
||||||
|
if (typeof req.method !== 'string') { |
||||||
|
res.error = ethErrors.rpc.invalidRequest({ data: req}) |
||||||
|
return |
||||||
|
} |
||||||
|
|
||||||
|
switch (req.method) { |
||||||
|
|
||||||
|
// intercepting eth_accounts requests for backwards compatibility,
|
||||||
|
// i.e. return an empty array instead of an error
|
||||||
|
case 'eth_accounts': |
||||||
|
|
||||||
|
res.result = await getAccounts() |
||||||
|
return |
||||||
|
|
||||||
|
case 'eth_requestAccounts': |
||||||
|
|
||||||
|
// first, just try to get accounts
|
||||||
|
let accounts = await getAccounts() |
||||||
|
if (accounts.length > 0) { |
||||||
|
res.result = accounts |
||||||
|
return |
||||||
|
} |
||||||
|
|
||||||
|
// if no accounts, request the accounts permission
|
||||||
|
try { |
||||||
|
await requestAccountsPermission() |
||||||
|
} catch (err) { |
||||||
|
res.error = err |
||||||
|
return |
||||||
|
} |
||||||
|
|
||||||
|
// get the accounts again
|
||||||
|
accounts = await getAccounts() |
||||||
|
if (accounts.length > 0) { |
||||||
|
res.result = accounts |
||||||
|
} else { |
||||||
|
// this should never happen
|
||||||
|
res.error = ethErrors.rpc.internal( |
||||||
|
'Accounts unexpectedly unavailable. Please report this bug.' |
||||||
|
) |
||||||
|
} |
||||||
|
|
||||||
|
return |
||||||
|
|
||||||
|
// custom method for getting metadata from the requesting domain
|
||||||
|
case 'wallet_sendDomainMetadata': |
||||||
|
|
||||||
|
const storeState = store.getState()[storeKey] |
||||||
|
const extensionId = storeState[req.origin] |
||||||
|
? storeState[req.origin].extensionId |
||||||
|
: undefined |
||||||
|
|
||||||
|
if ( |
||||||
|
req.domainMetadata && |
||||||
|
typeof req.domainMetadata.name === 'string' |
||||||
|
) { |
||||||
|
|
||||||
|
store.updateState({ |
||||||
|
[storeKey]: { |
||||||
|
...storeState, |
||||||
|
[req.origin]: { |
||||||
|
extensionId, |
||||||
|
...req.domainMetadata, |
||||||
|
}, |
||||||
|
}, |
||||||
|
}) |
||||||
|
} |
||||||
|
|
||||||
|
res.result = true |
||||||
|
return |
||||||
|
|
||||||
|
default: |
||||||
|
break |
||||||
|
} |
||||||
|
|
||||||
|
next() |
||||||
|
}) |
||||||
|
} |
||||||
@ -0,0 +1,49 @@ |
|||||||
|
[ |
||||||
|
"web3_sha3", |
||||||
|
"net_listening", |
||||||
|
"net_peerCount", |
||||||
|
"net_version", |
||||||
|
"eth_blockNumber", |
||||||
|
"eth_call", |
||||||
|
"eth_chainId", |
||||||
|
"eth_coinbase", |
||||||
|
"eth_estimateGas", |
||||||
|
"eth_gasPrice", |
||||||
|
"eth_getBalance", |
||||||
|
"eth_getBlockByHash", |
||||||
|
"eth_getBlockByNumber", |
||||||
|
"eth_getBlockTransactionCountByHash", |
||||||
|
"eth_getBlockTransactionCountByNumber", |
||||||
|
"eth_getCode", |
||||||
|
"eth_getFilterChanges", |
||||||
|
"eth_getFilterLogs", |
||||||
|
"eth_getLogs", |
||||||
|
"eth_getStorageAt", |
||||||
|
"eth_getTransactionByBlockHashAndIndex", |
||||||
|
"eth_getTransactionByBlockNumberAndIndex", |
||||||
|
"eth_getTransactionByHash", |
||||||
|
"eth_getTransactionCount", |
||||||
|
"eth_getTransactionReceipt", |
||||||
|
"eth_getUncleByBlockHashAndIndex", |
||||||
|
"eth_getUncleByBlockNumberAndIndex", |
||||||
|
"eth_getUncleCountByBlockHash", |
||||||
|
"eth_getUncleCountByBlockNumber", |
||||||
|
"eth_getWork", |
||||||
|
"eth_hashrate", |
||||||
|
"eth_mining", |
||||||
|
"eth_newBlockFilter", |
||||||
|
"eth_newFilter", |
||||||
|
"eth_newPendingTransactionFilter", |
||||||
|
"eth_protocolVersion", |
||||||
|
"eth_sendRawTransaction", |
||||||
|
"eth_sendTransaction", |
||||||
|
"eth_sign", |
||||||
|
"personal_sign", |
||||||
|
"eth_signTypedData", |
||||||
|
"eth_signTypedData_v1", |
||||||
|
"eth_signTypedData_v3", |
||||||
|
"eth_submitHashrate", |
||||||
|
"eth_submitWork", |
||||||
|
"eth_syncing", |
||||||
|
"eth_uninstallFilter" |
||||||
|
] |
||||||
@ -0,0 +1,20 @@ |
|||||||
|
|
||||||
|
module.exports = function getRestrictedMethods (permissionsController) { |
||||||
|
return { |
||||||
|
|
||||||
|
'eth_accounts': { |
||||||
|
description: 'View the address of the selected account', |
||||||
|
method: (_, res, __, end) => { |
||||||
|
permissionsController.keyringController.getAccounts() |
||||||
|
.then((accounts) => { |
||||||
|
res.result = accounts |
||||||
|
end() |
||||||
|
}) |
||||||
|
.catch((err) => { |
||||||
|
res.error = err |
||||||
|
end(err) |
||||||
|
}) |
||||||
|
}, |
||||||
|
}, |
||||||
|
} |
||||||
|
} |
||||||
@ -1,175 +0,0 @@ |
|||||||
const ObservableStore = require('obs-store') |
|
||||||
const SafeEventEmitter = require('safe-event-emitter') |
|
||||||
const createAsyncMiddleware = require('json-rpc-engine/src/createAsyncMiddleware') |
|
||||||
const { errors: rpcErrors } = require('eth-json-rpc-errors') |
|
||||||
|
|
||||||
/** |
|
||||||
* A controller that services user-approved requests for a full Ethereum provider API |
|
||||||
*/ |
|
||||||
class ProviderApprovalController extends SafeEventEmitter { |
|
||||||
/** |
|
||||||
* Creates a ProviderApprovalController |
|
||||||
* |
|
||||||
* @param {Object} [config] - Options to configure controller |
|
||||||
*/ |
|
||||||
constructor ({ closePopup, initState, keyringController, openPopup, preferencesController } = {}) { |
|
||||||
super() |
|
||||||
this.closePopup = closePopup |
|
||||||
this.keyringController = keyringController |
|
||||||
this.openPopup = openPopup |
|
||||||
this.preferencesController = preferencesController |
|
||||||
this.memStore = new ObservableStore({ |
|
||||||
providerRequests: [], |
|
||||||
}) |
|
||||||
|
|
||||||
const defaultState = { approvedOrigins: {} } |
|
||||||
this.store = new ObservableStore(Object.assign(defaultState, initState)) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Called when a user approves access to a full Ethereum provider API |
|
||||||
* |
|
||||||
* @param {object} opts - opts for the middleware contains the origin for the middleware |
|
||||||
*/ |
|
||||||
createMiddleware ({ senderUrl, extensionId, getSiteMetadata }) { |
|
||||||
return createAsyncMiddleware(async (req, res, next) => { |
|
||||||
// only handle requestAccounts
|
|
||||||
if (req.method !== 'eth_requestAccounts') return next() |
|
||||||
// if already approved or privacy mode disabled, return early
|
|
||||||
const isUnlocked = this.keyringController.memStore.getState().isUnlocked |
|
||||||
const origin = senderUrl.hostname |
|
||||||
if (this.shouldExposeAccounts(origin) && isUnlocked) { |
|
||||||
res.result = [this.preferencesController.getSelectedAddress()] |
|
||||||
return |
|
||||||
} |
|
||||||
// register the provider request
|
|
||||||
const metadata = { hostname: senderUrl.hostname, origin } |
|
||||||
if (extensionId) { |
|
||||||
metadata.extensionId = extensionId |
|
||||||
} else { |
|
||||||
const siteMetadata = await getSiteMetadata(origin) |
|
||||||
Object.assign(metadata, { siteTitle: siteMetadata.name, siteImage: siteMetadata.icon}) |
|
||||||
} |
|
||||||
this._handleProviderRequest(metadata) |
|
||||||
// wait for resolution of request
|
|
||||||
const approved = await new Promise(resolve => this.once(`resolvedRequest:${origin}`, ({ approved }) => resolve(approved))) |
|
||||||
if (approved) { |
|
||||||
res.result = [this.preferencesController.getSelectedAddress()] |
|
||||||
} else { |
|
||||||
throw rpcErrors.eth.userRejectedRequest('User denied account authorization') |
|
||||||
} |
|
||||||
}) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* @typedef {Object} SiteMetadata |
|
||||||
* @param {string} hostname - The hostname of the site |
|
||||||
* @param {string} origin - The origin of the site |
|
||||||
* @param {string} [siteTitle] - The title of the site |
|
||||||
* @param {string} [siteImage] - The icon for the site |
|
||||||
* @param {string} [extensionId] - The extension ID of the extension |
|
||||||
*/ |
|
||||||
/** |
|
||||||
* Called when a tab requests access to a full Ethereum provider API |
|
||||||
* |
|
||||||
* @param {SiteMetadata} siteMetadata - The metadata for the site requesting full provider access |
|
||||||
*/ |
|
||||||
_handleProviderRequest (siteMetadata) { |
|
||||||
const { providerRequests } = this.memStore.getState() |
|
||||||
const origin = siteMetadata.origin |
|
||||||
this.memStore.updateState({ |
|
||||||
providerRequests: [ |
|
||||||
...providerRequests, |
|
||||||
siteMetadata, |
|
||||||
], |
|
||||||
}) |
|
||||||
const isUnlocked = this.keyringController.memStore.getState().isUnlocked |
|
||||||
const { approvedOrigins } = this.store.getState() |
|
||||||
const originAlreadyHandled = approvedOrigins[origin] |
|
||||||
if (originAlreadyHandled && isUnlocked) { |
|
||||||
return |
|
||||||
} |
|
||||||
this.openPopup && this.openPopup() |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Called when a user approves access to a full Ethereum provider API |
|
||||||
* |
|
||||||
* @param {string} origin - origin of the domain that had provider access approved |
|
||||||
*/ |
|
||||||
approveProviderRequestByOrigin (origin) { |
|
||||||
if (this.closePopup) { |
|
||||||
this.closePopup() |
|
||||||
} |
|
||||||
|
|
||||||
const { approvedOrigins } = this.store.getState() |
|
||||||
const { providerRequests } = this.memStore.getState() |
|
||||||
const providerRequest = providerRequests.find((request) => request.origin === origin) |
|
||||||
const remainingProviderRequests = providerRequests.filter(request => request.origin !== origin) |
|
||||||
this.store.updateState({ |
|
||||||
approvedOrigins: { |
|
||||||
...approvedOrigins, |
|
||||||
[origin]: { |
|
||||||
siteTitle: providerRequest ? providerRequest.siteTitle : null, |
|
||||||
siteImage: providerRequest ? providerRequest.siteImage : null, |
|
||||||
hostname: providerRequest ? providerRequest.hostname : null, |
|
||||||
}, |
|
||||||
}, |
|
||||||
}) |
|
||||||
this.memStore.updateState({ providerRequests: remainingProviderRequests }) |
|
||||||
this.emit(`resolvedRequest:${origin}`, { approved: true }) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Called when a tab rejects access to a full Ethereum provider API |
|
||||||
* |
|
||||||
* @param {string} origin - origin of the domain that had provider access approved |
|
||||||
*/ |
|
||||||
rejectProviderRequestByOrigin (origin) { |
|
||||||
if (this.closePopup) { |
|
||||||
this.closePopup() |
|
||||||
} |
|
||||||
|
|
||||||
const { approvedOrigins } = this.store.getState() |
|
||||||
const { providerRequests } = this.memStore.getState() |
|
||||||
const remainingProviderRequests = providerRequests.filter(request => request.origin !== origin) |
|
||||||
|
|
||||||
// We're cloning and deleting keys here because we don't want to keep unneeded keys
|
|
||||||
const _approvedOrigins = Object.assign({}, approvedOrigins) |
|
||||||
delete _approvedOrigins[origin] |
|
||||||
|
|
||||||
this.store.putState({ approvedOrigins: _approvedOrigins }) |
|
||||||
this.memStore.putState({ providerRequests: remainingProviderRequests }) |
|
||||||
this.emit(`resolvedRequest:${origin}`, { approved: false }) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Clears any approvals for user-approved origins |
|
||||||
*/ |
|
||||||
clearApprovedOrigins () { |
|
||||||
this.store.updateState({ |
|
||||||
approvedOrigins: {}, |
|
||||||
}) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Determines if a given origin should have accounts exposed |
|
||||||
* |
|
||||||
* @param {string} origin - Domain origin to check for approval status |
|
||||||
* @returns {boolean} - True if the origin has been approved |
|
||||||
*/ |
|
||||||
shouldExposeAccounts (origin) { |
|
||||||
return Boolean(this.store.getState().approvedOrigins[origin]) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Returns a merged state representation |
|
||||||
* @return {object} |
|
||||||
* @private |
|
||||||
*/ |
|
||||||
_getMergedState () { |
|
||||||
return Object.assign({}, this.memStore.getState(), this.store.getState()) |
|
||||||
} |
|
||||||
} |
|
||||||
|
|
||||||
module.exports = ProviderApprovalController |
|
||||||
@ -1,73 +0,0 @@ |
|||||||
class StandardProvider { |
|
||||||
_isConnected |
|
||||||
_provider |
|
||||||
|
|
||||||
constructor (provider) { |
|
||||||
this._provider = provider |
|
||||||
this._subscribe() |
|
||||||
// indicate that we've connected, mostly just for standard compliance
|
|
||||||
setTimeout(() => { |
|
||||||
this._onConnect() |
|
||||||
}) |
|
||||||
} |
|
||||||
|
|
||||||
_onClose () { |
|
||||||
if (this._isConnected === undefined || this._isConnected) { |
|
||||||
this._provider.emit('close', { |
|
||||||
code: 1011, |
|
||||||
reason: 'Network connection error', |
|
||||||
}) |
|
||||||
} |
|
||||||
this._isConnected = false |
|
||||||
} |
|
||||||
|
|
||||||
_onConnect () { |
|
||||||
!this._isConnected && this._provider.emit('connect') |
|
||||||
this._isConnected = true |
|
||||||
} |
|
||||||
|
|
||||||
_subscribe () { |
|
||||||
this._provider.on('data', (error, { method, params }) => { |
|
||||||
if (!error && method === 'eth_subscription') { |
|
||||||
this._provider.emit('notification', params.result) |
|
||||||
} |
|
||||||
}) |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Initiate an RPC method call |
|
||||||
* |
|
||||||
* @param {string} method - RPC method name to call |
|
||||||
* @param {string[]} params - Array of RPC method parameters |
|
||||||
* @returns {Promise<*>} Promise resolving to the result if successful |
|
||||||
*/ |
|
||||||
send (method, params = []) { |
|
||||||
return new Promise((resolve, reject) => { |
|
||||||
try { |
|
||||||
this._provider.sendAsync({ id: 1, jsonrpc: '2.0', method, params }, (error, response) => { |
|
||||||
error = error || response.error |
|
||||||
error ? reject(error) : resolve(response) |
|
||||||
}) |
|
||||||
} catch (error) { |
|
||||||
reject(error) |
|
||||||
} |
|
||||||
}) |
|
||||||
} |
|
||||||
} |
|
||||||
|
|
||||||
/** |
|
||||||
* Converts a legacy provider into an EIP-1193-compliant standard provider |
|
||||||
* @param {Object} provider - Legacy provider to convert |
|
||||||
* @returns {Object} Standard provider |
|
||||||
*/ |
|
||||||
export default function createStandardProvider (provider) { |
|
||||||
const standardProvider = new StandardProvider(provider) |
|
||||||
const sendLegacy = provider.send |
|
||||||
provider.send = (methodOrPayload, callbackOrArgs) => { |
|
||||||
if (typeof methodOrPayload === 'string' && !callbackOrArgs || Array.isArray(callbackOrArgs)) { |
|
||||||
return standardProvider.send(methodOrPayload, callbackOrArgs) |
|
||||||
} |
|
||||||
return sendLegacy.call(provider, methodOrPayload, callbackOrArgs) |
|
||||||
} |
|
||||||
return provider |
|
||||||
} |
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue