llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Revert "feat: Support metamask mobile login (#2844)"

Browse Source 
This reverts commit bfa2ab63ad62e1dad6a9a40c2c91fecda9fced8f.
This commit is contained in:
Eric Luo 2024-03-30 00:35:19 +08:00 committed by GitHub
parent bfa2ab63ad
commit 5d19527af8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 49 additions and 1721 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
go.mod
View File

@ -19,7 +19,6 @@ require (
github.com/denisenkom/go-mssqldb v0.9.0 github.com/denisenkom/go-mssqldb v0.9.0
github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3 github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3
github.com/ethereum/go-ethereum v1.13.14
github.com/fogleman/gg v1.3.0 github.com/fogleman/gg v1.3.0
github.com/forestmgy/ldapserver v1.1.0 github.com/forestmgy/ldapserver v1.1.0
github.com/go-asn1-ber/asn1-ber v1.5.5 github.com/go-asn1-ber/asn1-ber v1.5.5
@ -40,7 +39,7 @@ require (
github.com/mitchellh/mapstructure v1.5.0 github.com/mitchellh/mapstructure v1.5.0
github.com/nyaruka/phonenumbers v1.1.5 github.com/nyaruka/phonenumbers v1.1.5
github.com/pquerna/otp v1.4.0 github.com/pquerna/otp v1.4.0
github.com/prometheus/client_golang v1.12.0 github.com/prometheus/client_golang v1.11.1
github.com/prometheus/client_model v0.4.0 github.com/prometheus/client_model v0.4.0
github.com/qiangmzsx/string-adapter/v2 v2.1.0 github.com/qiangmzsx/string-adapter/v2 v2.1.0
github.com/robfig/cron/v3 v3.0.1 github.com/robfig/cron/v3 v3.0.1
@ -55,6 +54,7 @@ require (
github.com/tealeg/xlsx v1.0.5 github.com/tealeg/xlsx v1.0.5
github.com/thanhpk/randstr v1.0.4 github.com/thanhpk/randstr v1.0.4
github.com/tidwall/pretty v1.2.1 // indirect github.com/tidwall/pretty v1.2.1 // indirect
github.com/tklauser/go-sysconf v0.3.10 // indirect
github.com/xorm-io/builder v0.3.13 github.com/xorm-io/builder v0.3.13
github.com/xorm-io/core v0.7.4 github.com/xorm-io/core v0.7.4
github.com/xorm-io/xorm v1.1.6 github.com/xorm-io/xorm v1.1.6

453
go.sum
View File

File diff suppressed because it is too large Load Diff

77
idp/metamask.go
View File

@ -15,43 +15,15 @@
package idp package idp
import ( import (
"encoding/hex"
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"strings"
"time" "time"
"github.com/ethereum/go-ethereum/crypto"
"golang.org/x/oauth2" "golang.org/x/oauth2"
) )
type EIP712Message struct {
Domain struct {
ChainId string `json:"chainId"`
Name string `json:"name"`
Version string `json:"version"`
} `json:"domain"`
Message struct {
Prompt string `json:"prompt"`
Nonce string `json:"nonce"`
CreateAt string `json:"createAt"`
} `json:"message"`
PrimaryType string `json:"primaryType"`
Types struct {
EIP712Domain []struct {
Name string `json:"name"`
Type string `json:"type"`
} `json:"EIP712Domain"`
AuthRequest []struct {
Name string `json:"name"`
Type string `json:"type"`
} `json:"AuthRequest"`
} `json:"types"`
}
type MetaMaskIdProvider struct { type MetaMaskIdProvider struct {
Client *http.Client Client *http.Client
} }
@ -70,15 +42,6 @@ func (idp *MetaMaskIdProvider) GetToken(code string) (*oauth2.Token, error) {
if err := json.Unmarshal([]byte(code), &web3AuthToken); err != nil { if err := json.Unmarshal([]byte(code), &web3AuthToken); err != nil {
return nil, err return nil, err
} }
valid, err := VerifySignature(web3AuthToken.Address, web3AuthToken.TypedData, web3AuthToken.Signature)
if err != nil {
return nil, err
}
if !valid {
return nil, fmt.Errorf("invalid signature")
}
token := &oauth2.Token{ token := &oauth2.Token{
AccessToken: web3AuthToken.Signature, AccessToken: web3AuthToken.Signature,
TokenType: "Bearer", TokenType: "Bearer",
@ -105,43 +68,3 @@ func (idp *MetaMaskIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, erro
} }
return userInfo, nil return userInfo, nil
} }
func VerifySignature(userAddress string, originalMessage string, signatureHex string) (bool, error) {
var eip712Mes EIP712Message
err := json.Unmarshal([]byte(originalMessage), &eip712Mes)
if err != nil {
return false, fmt.Errorf("invalid signature (Error parsing JSON)")
}
createAtTime, err := time.Parse("2006/1/2 15:04:05", eip712Mes.Message.CreateAt)
currentTime := time.Now()
if createAtTime.Before(currentTime.Add(-1*time.Minute)) && createAtTime.After(currentTime) {
return false, fmt.Errorf("invalid signature (signature does not meet time requirements)")
}
if !strings.HasPrefix(signatureHex, "0x") {
signatureHex = "0x" + signatureHex
}
signatureBytes, err := hex.DecodeString(signatureHex[2:])
if err != nil {
return false, err
}
if signatureBytes[64] != 27 && signatureBytes[64] != 28 {
return false, fmt.Errorf("invalid signature (incorrect recovery id)")
}
signatureBytes[64] -= 27
msg := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len([]byte(originalMessage)), []byte(originalMessage))
hash := crypto.Keccak256Hash([]byte(msg))
pubKey, err := crypto.SigToPub(hash.Bytes(), signatureBytes)
if err != nil {
return false, err
}
recoveredAddr := crypto.PubkeyToAddress(*pubKey)
return strings.EqualFold(recoveredAddr.Hex(), userAddress), nil
}

1
web/package.json
View File

@ -10,7 +10,6 @@
"@ctrl/tinycolor": "^3.5.0", "@ctrl/tinycolor": "^3.5.0",
"@emotion/react": "^11.10.5", "@emotion/react": "^11.10.5",
"@metamask/eth-sig-util": "^6.0.0", "@metamask/eth-sig-util": "^6.0.0",
"@metamask/sdk-react": "^0.18.0",
"@web3-onboard/coinbase": "^2.2.5", "@web3-onboard/coinbase": "^2.2.5",
"@web3-onboard/core": "^2.20.5", "@web3-onboard/core": "^2.20.5",
"@web3-onboard/frontier": "^2.0.4", "@web3-onboard/frontier": "^2.0.4",

14
web/src/ProviderEditPage.js
View File

@ -1337,20 +1337,6 @@ class ProviderEditPage extends React.Component {
</Row> </Row>
) : null ) : null
} }
{
this.state.provider.type === "MetaMask" ? (
<Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("provider:Signature messages"), i18next.t("provider:Signature messages - Tooltip"))} :
</Col>
<Col span={22}>
<Input value={this.state.provider.metadata} onChange={e => {
this.updateProviderField("metadata", e.target.value);
}} />
</Col>
</Row>
) : null
}
<Row style={{marginTop: "20px"}} > <Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}> <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} : {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :

107
web/src/auth/MetaMaskLoginButton.js
View File

@ -1,107 +0,0 @@
// Copyright 2024 The Casdoor Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
import {getAuthUrl} from "./Provider";
import {getProviderLogoURL, goToLink, showMessage} from "../Setting";
import i18next from "i18next";
import {
generateNonce,
getWeb3AuthTokenKey,
setWeb3AuthToken
} from "./Web3Auth";
import {useSDK} from "@metamask/sdk-react";
import React, {useEffect} from "react";
export function MetaMaskLoginButton(props) {
const {application, web3Provider, method, width, margin} = props;
const {sdk, chainId, account} = useSDK();
const [typedData, setTypedData] = React.useState("");
const [nonce, setNonce] = React.useState("");
const [signature, setSignature] = React.useState();
useEffect(() => {
if (account && signature) {
const date = new Date();
const token = {
address: account,
nonce: nonce,
createAt: Math.floor(date.getTime() / 1000),
typedData: typedData,
signature: signature,
};
setWeb3AuthToken(token);
const redirectUri = `${getAuthUrl(application, web3Provider, method)}&web3AuthTokenKey=${getWeb3AuthTokenKey(account)}`;
goToLink(redirectUri);
}
}, [account, signature]);
const handleConnectAndSign = async() => {
try {
terminate();
const date = new Date();
const nonce = generateNonce();
setNonce(nonce);
const prompt = web3Provider?.metadata === "" ? "Casdoor: In order to authenticate to this website, sign this request and your public address will be sent to the server in a verifiable way." : web3Provider.metadata;
const typedData = JSON.stringify({
domain: {
chainId: chainId,
name: "Casdoor",
version: "1",
},
message: {
prompt: `${prompt}`,
nonce: nonce,
createAt: `${date.toLocaleString()}`,
},
primaryType: "AuthRequest",
types: {
EIP712Domain: [
{name: "name", type: "string"},
{name: "version", type: "string"},
{name: "chainId", type: "uint256"},
],
AuthRequest: [
{name: "prompt", type: "string"},
{name: "nonce", type: "string"},
{name: "createAt", type: "string"},
],
},
});
setTypedData(typedData);
const sig = await sdk.connectAndSign({msg: typedData});
setSignature(sig);
} catch (err) {
showMessage("error", `${i18next.t("login:Failed to obtain MetaMask authorization")}: ${err.message}`);
}
};
const terminate = () => {
sdk?.terminate();
};
return (
<a key={web3Provider.displayName} onClick={handleConnectAndSign}>
<img width={width} height={width} src={getProviderLogoURL(web3Provider)} alt={web3Provider.displayName}
className="provider-img" style={{margin: margin}} />
</a>
);
}
export default MetaMaskLoginButton;

37
web/src/auth/ProviderButton.js
View File

@ -43,8 +43,6 @@ import DouyinLoginButton from "./DouyinLoginButton";
import LoginButton from "./LoginButton"; import LoginButton from "./LoginButton";
import * as AuthBackend from "./AuthBackend"; import * as AuthBackend from "./AuthBackend";
import {WechatOfficialAccountModal} from "./Util"; import {WechatOfficialAccountModal} from "./Util";
import {MetaMaskProvider} from "@metamask/sdk-react";
import MetaMaskLoginButton from "./MetaMaskLoginButton";
function getSigninButton(provider) { function getSigninButton(provider) {
const text = i18next.t("login:Sign in with {type}").replace("{type}", provider.displayName !== "" ? provider.displayName : provider.type); const text = i18next.t("login:Sign in with {type}").replace("{type}", provider.displayName !== "" ? provider.displayName : provider.type);
@ -162,36 +160,11 @@ export function renderProviderLogo(provider, application, width, margin, size, l
</a> </a>
); );
} else if (provider.category === "Web3") { } else if (provider.category === "Web3") {
if (provider.type === "MetaMask") { return (
return ( <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
<MetaMaskProvider <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
debug={false} </a>
sdkOptions={{ );
communicationServerUrl: process.env.REACT_APP_COMM_SERVER_URL,
checkInstallationImmediately: false, // This will automatically connect to MetaMask on page load
dappMetadata: {
name: "Casdoor",
url: window.location.protocol + "//" + window.location.host,
},
}}
>
<MetaMaskLoginButton
application={application}
web3Provider={provider}
method={"signup"}
width={width}
margin={margin}
/>
</MetaMaskProvider>
);
} else {
return (
<a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
<img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName}
className="provider-img" style={{margin: margin}} />
</a>
);
}
} }
} else if (provider.type === "Custom") { } else if (provider.type === "Custom") {
// style definition // style definition

1077
web/yarn.lock
View File

File diff suppressed because it is too large Load Diff