{"version":3,"file":"siwe.mjs","sourceRoot":"","sources":["../src/siwe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,wBAAwB;AAC3C,OAAO,EAAE,aAAa,EAAE,8BAA8B;AAEtD,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,qBAAiB;AAE7D,MAAM,GAAG,GAAG,kBAAkB,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;AAE7D;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC;AACvB,CAAC;AAED;;;;;GAKG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAC9C,uEAAuE;QACvE,cAAc;QACd,iDAAiD;QACjD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC/D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC;QACX,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AA6BD,MAAM,yBAAyB,GAAG;IAChC,OAAO,EAAE,IAAI;IACb,QAAQ,EAAE,KAAK;CACU,CAAC;AAE5B;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,MAAc,EACd,cAAsB,EACT,EAAE;IACf,IAAI,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;QAClC,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,IAAI,GAAG,CAAC,GAAG,cAAc,KAAK,MAAM,EAAE,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,GAAuB,EAAW,EAAE;IACpE,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QAE7B,oDAAoD;QACpD,2EAA2E;QAC3E,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,gBAAgB,CAClC,IAAI,CAAC,aAAa,CAAC,MAAM,EACzB,WAAW,CAAC,QAAQ,CACrB,CAAC;QAEF,IACE,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE;YAClE,WAAW,EAAE,QAAQ;SACtB,CAAC,KAAK,CAAC,EACR,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,WAAW,CAAC,IAAI,KAAK,EAAE,IAAI,WAAW,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACrE,+DAA+D;YAC/D,OAAO,CACL,WAAW,CAAC,IAAI,KAAK,EAAE;gBACvB,WAAW,CAAC,IAAI,KAAK,yBAAyB,CAAC,WAAW,CAAC,QAAQ,CAAC,CACrE,CAAC;QACJ,CAAC;QAED,IACE,WAAW,CAAC,QAAQ,KAAK,EAAE;YAC3B,WAAW,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ,EAC7C,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC;AAaF;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,SAA2B,EAAe,EAAE;IACrE,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC;QAC3B,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACnC,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC,OAAO,CAAC,CAAC;QAEjD,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,aAAa;SACd,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;QAC9C,OAAO;YACL,aAAa,EAAE,KAAK;YACpB,aAAa,EAAE,IAAI;SACpB,CAAC;IACJ,CAAC;AACH,CAAC,CAAC","sourcesContent":["import { remove0x } from '@metamask/utils';\nimport { ParsedMessage } from '@spruceid/siwe-parser';\n\nimport { projectLogger, createModuleLogger } from './logger';\n\nconst log = createModuleLogger(projectLogger, 'detect-siwe');\n\n/**\n * This function strips the hex prefix from a string if it has one.\n * If the input is not a string, return it unmodified.\n *\n * @param str - The string to check\n * @returns The string without the hex prefix\n */\nfunction safeStripHexPrefix(str: string): string {\n if (typeof str !== 'string') {\n return str;\n }\n return remove0x(str);\n}\n\n/**\n * This function converts a hex string to text if it's not a 32 byte hex string.\n *\n * @param hexValue - The hex string to convert to text\n * @returns The text representation of the hex string\n */\nfunction msgHexToText(hexValue: string): string {\n try {\n const stripped = safeStripHexPrefix(hexValue);\n // TODO: Use `@metamask/utils` version of this function to avoid Buffer\n // usage here.\n // eslint-disable-next-line no-restricted-globals\n const buff = Buffer.from(stripped, 'hex');\n return buff.length === 32 ? hexValue : buff.toString('utf8');\n } catch (error) {\n log(error);\n return hexValue;\n }\n}\n\n/**\n * @type WrappedSIWERequest\n *\n * Sign-In With Ethereum (SIWE)(EIP-4361) message with request metadata\n *\n * @property from - Subject account address\n * @property origin - The RFC 3986 originating authority of the signing request, including scheme\n * @property siwe - The data parsed from the message\n */\n// This interface was created before this ESLint rule was added.\n// Convert to a `type` in a future major version.\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\nexport interface WrappedSIWERequest {\n from: string;\n origin: string;\n siwe: SIWEMessage;\n}\n\n// This interface was created before this ESLint rule was added.\n// Convert to a `type` in a future major version.\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface DomainParts {\n username?: string;\n hostname: string;\n port?: string;\n}\n\nconst DEFAULT_PORTS_BY_PROTOCOL = {\n 'http:': '80',\n 'https:': '443',\n} as Record;\n\n/**\n * Parses parts from RFC 3986 authority from EIP-4361 `domain` field.\n *\n * @param domain - input string\n * @param originProtocol - implied protocol from origin\n * @returns parsed parts\n */\nexport const parseDomainParts = (\n domain: string,\n originProtocol: string,\n): DomainParts => {\n if (domain.match(/^[^/:]*:\\/\\//u)) {\n return new URL(domain);\n }\n return new URL(`${originProtocol}//${domain}`);\n};\n\n/**\n * Validates origin of a Sign-In With Ethereum (SIWE)(EIP-4361) request.\n * As per spec:\n * hostname must match.\n * port and username must match iff specified.\n * Protocol binding and full same-origin are currently not performed.\n *\n * @param req - Signature request\n * @returns true if origin matches domain; false otherwise\n */\nexport const isValidSIWEOrigin = (req: WrappedSIWERequest): boolean => {\n try {\n const { origin, siwe } = req;\n\n // origin = scheme://[user[:password]@]domain[:port]\n // origin is supplied by environment and must match domain claim in message\n if (!origin || !siwe?.parsedMessage?.domain) {\n return false;\n }\n\n const originParts = new URL(origin);\n const domainParts = parseDomainParts(\n siwe.parsedMessage.domain,\n originParts.protocol,\n );\n\n if (\n domainParts.hostname.localeCompare(originParts.hostname, undefined, {\n sensitivity: 'accent',\n }) !== 0\n ) {\n return false;\n }\n\n if (domainParts.port !== '' && domainParts.port !== originParts.port) {\n // If origin port is not specified, protocol default is implied\n return (\n originParts.port === '' &&\n domainParts.port === DEFAULT_PORTS_BY_PROTOCOL[originParts.protocol]\n );\n }\n\n if (\n domainParts.username !== '' &&\n domainParts.username !== originParts.username\n ) {\n return false;\n }\n\n return true;\n } catch (error) {\n log(error);\n return false;\n }\n};\n\n/**\n * A locally defined object used to provide data to identify a Sign-In With Ethereum (SIWE)(EIP-4361) message and provide the parsed message\n *\n * @typedef SIWEMessage\n * @param {boolean} isSIWEMessage - Does the intercepted message conform to the SIWE specification?\n * @param {ParsedMessage} parsedMessage - The data parsed out of the message\n */\nexport type SIWEMessage =\n | { isSIWEMessage: true; parsedMessage: ParsedMessage }\n | { isSIWEMessage: false; parsedMessage: null };\n\n/**\n * This function intercepts a sign message, detects if it's a\n * Sign-In With Ethereum (SIWE)(EIP-4361) message, and returns an object with\n * relevant SIWE data.\n *\n * {@see {@link https://eips.ethereum.org/EIPS/eip-4361}}\n *\n * @param msgParams - The params of the message to sign\n * @param msgParams.data - The data of the message to sign\n * @returns An object with the relevant SIWE data\n */\nexport const detectSIWE = (msgParams: { data: string }): SIWEMessage => {\n try {\n const { data } = msgParams;\n const message = msgHexToText(data);\n const parsedMessage = new ParsedMessage(message);\n\n return {\n isSIWEMessage: true,\n parsedMessage,\n };\n } catch {\n // ignore error, it's not a valid SIWE message\n return {\n isSIWEMessage: false,\n parsedMessage: null,\n };\n }\n};\n"]}