Skip to content

Commit 022efda

Browse files
janniksjanniks
committed
fix: remove username checking
1 parent b5e4e72 commit 022efda

File tree

3 files changed

+10
-45
lines changed

3 files changed

+10
-45
lines changed

packages/auth/src/userSession.ts

+2-22
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ import {
2525
nextHour,
2626
} from '@stacks/common';
2727
import { extractProfile } from '@stacks/profile';
28-
import { AuthScope, DEFAULT_PROFILE, NAME_LOOKUP_PATH } from './constants';
28+
import { AuthScope, DEFAULT_PROFILE } from './constants';
2929
import * as queryString from 'query-string';
3030
import { UserData } from './userData';
3131
import { StacksMainnet } from '@stacks/network';
@@ -237,27 +237,7 @@ export class UserSession {
237237
throw new Error('Unexpected token payload type of string');
238238
}
239239

240-
// Section below is removed since the config was never persisted and therefore useless
241-
242-
// if (isLaterVersion(tokenPayload.version as string, '1.3.0')
243-
// && tokenPayload.blockstackAPIUrl !== null && tokenPayload.blockstackAPIUrl !== undefined) {
244-
// // override globally
245-
// Logger.info(`Overriding ${config.network.blockstackAPIUrl} `
246-
// + `with ${tokenPayload.blockstackAPIUrl}`)
247-
// // TODO: this config is never saved so the user node preference
248-
// // is not respected in later sessions..
249-
// config.network.blockstackAPIUrl = tokenPayload.blockstackAPIUrl as string
250-
// coreNode = tokenPayload.blockstackAPIUrl as string
251-
// }
252-
253-
const nameLookupURL = `${coreNode}${NAME_LOOKUP_PATH}`;
254-
255-
const fallbackLookupURLs = [
256-
`https://stacks-node-api.stacks.co${NAME_LOOKUP_PATH}`,
257-
`https://registrar.stacks.co${NAME_LOOKUP_PATH}`,
258-
].filter(url => url !== nameLookupURL);
259-
260-
const isValid = await verifyAuthResponse(authResponseToken, nameLookupURL, fallbackLookupURLs);
240+
const isValid = await verifyAuthResponse(authResponseToken);
261241
if (!isValid) {
262242
throw new LoginFailedError('Invalid authentication response.');
263243
}

packages/auth/src/verification.ts

+3-13
Original file line numberDiff line numberDiff line change
@@ -275,22 +275,12 @@ export async function verifyAuthRequestAndLoadManifest(token: string): Promise<a
275275
* @private
276276
* @ignore
277277
*/
278-
export async function verifyAuthResponse(
279-
token: string,
280-
nameLookupURL: string,
281-
fallbackLookupURLs?: string[]
282-
): Promise<boolean> {
283-
const values = await Promise.all([
278+
export async function verifyAuthResponse(token: string): Promise<boolean> {
279+
const conditions = await Promise.all([
284280
isExpirationDateValid(token),
285281
isIssuanceDateValid(token),
286282
doSignaturesMatchPublicKeys(token),
287283
doPublicKeysMatchIssuer(token),
288284
]);
289-
const usernameMatchings = await Promise.all(
290-
[nameLookupURL]
291-
.concat(fallbackLookupURLs || [])
292-
.map(url => doPublicKeysMatchUsername(token, url))
293-
);
294-
const someUsernameMatches = usernameMatchings.includes(true);
295-
return !!someUsernameMatches && values.every(val => val);
285+
return conditions.every(val => val);
296286
}

packages/auth/tests/auth.test.ts

+5-10
Original file line numberDiff line numberDiff line change
@@ -183,7 +183,7 @@ test('makeAuthResponse && verifyAuthResponse', async () => {
183183
);
184184
expect((decodedToken.payload as any).username).toBe(null);
185185

186-
await verifyAuthResponse(authResponse, nameLookupURL).then(verifiedResult => {
186+
await verifyAuthResponse(authResponse).then(verifiedResult => {
187187
expect(verifiedResult).toBe(true);
188188
});
189189

@@ -257,11 +257,11 @@ test('auth response with username', async () => {
257257
expect(verified).toBe(true);
258258
});
259259

260-
await verifyAuthResponse(authResponse, nameLookupURL).then(verifiedResult => {
260+
await verifyAuthResponse(authResponse).then(verifiedResult => {
261261
expect(verifiedResult).toBe(true);
262262
});
263263

264-
expect(fetchMock.mock.calls.length).toEqual(2);
264+
expect(fetchMock.mock.calls.length).toEqual(1);
265265
});
266266

267267
test('auth response with invalid private key', async () => {
@@ -308,8 +308,6 @@ test('auth response with invalid private key', async () => {
308308
});
309309

310310
test('handlePendingSignIn with authResponseToken', async () => {
311-
const url = `${nameLookupURL}ryan.id`;
312-
313311
fetchMock.mockResponse(JSON.stringify(sampleNameRecords.ryan));
314312

315313
const appPrivateKey = makeECPrivateKey();
@@ -338,12 +336,10 @@ test('handlePendingSignIn with authResponseToken', async () => {
338336

339337
expect(fail).toBeCalledTimes(0);
340338
expect(pass).toBeCalledTimes(1);
341-
expect(fetchMock.mock.calls.length).toEqual(3);
342-
expect(fetchMock.mock.calls[0][0]).toEqual(url);
339+
expect(fetchMock.mock.calls.length).toEqual(0);
343340
});
344341

345342
test('handlePendingSignIn 2', async () => {
346-
const url = `${nameLookupURL}ryan.id`;
347343
fetchMock.mockResponse(JSON.stringify(sampleNameRecords.ryan));
348344

349345
const appPrivateKey = makeECPrivateKey();
@@ -371,8 +367,7 @@ test('handlePendingSignIn 2', async () => {
371367
await blockstack.handlePendingSignIn(authResponse).then(pass).catch(fail);
372368
expect(fail).toBeCalledTimes(0);
373369
expect(pass).toBeCalledTimes(1);
374-
expect(fetchMock.mock.calls.length).toEqual(3);
375-
expect(fetchMock.mock.calls[0][0]).toEqual(url);
370+
expect(fetchMock.mock.calls.length).toEqual(0);
376371
});
377372

378373
test('handlePendingSignIn with existing user session', async () => {

0 commit comments

Comments
 (0)