Revert "feat: Support metamask mobile login (#2844)"

This reverts commit bfa2ab63ad62e1dad6a9a40c2c91fecda9fced8f.
2025-05-23 02:35:49 +08:00 · 2024-03-30 00:35:19 +08:00 · 2024-03-30 00:35:19 +08:00 · 5d19527af8
commit 5d19527af8
parent bfa2ab63ad
8 changed files with 49 additions and 1721 deletions
--- a/go.mod
+++ b/go.mod
@ -19,7 +19,6 @@ require (
 	github.com/denisenkom/go-mssqldb v0.9.0
 	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
 	github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3
-	github.com/ethereum/go-ethereum v1.13.14
 	github.com/fogleman/gg v1.3.0
 	github.com/forestmgy/ldapserver v1.1.0
 	github.com/go-asn1-ber/asn1-ber v1.5.5
@ -40,7 +39,7 @@ require (
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.12.0
+	github.com/prometheus/client_golang v1.11.1
 	github.com/prometheus/client_model v0.4.0
 	github.com/qiangmzsx/string-adapter/v2 v2.1.0
 	github.com/robfig/cron/v3 v3.0.1
@ -55,6 +54,7 @@ require (
 	github.com/tealeg/xlsx v1.0.5
 	github.com/thanhpk/randstr v1.0.4
 	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tklauser/go-sysconf v0.3.10 // indirect
 	github.com/xorm-io/builder v0.3.13
 	github.com/xorm-io/core v0.7.4
 	github.com/xorm-io/xorm v1.1.6
--- a/go.sum
+++ b/go.sum
--- a/idp/metamask.go
+++ b/idp/metamask.go
@ -15,43 +15,15 @@
 package idp

 import (
-	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
-	"strings"
 	"time"

-	"github.com/ethereum/go-ethereum/crypto"
-
 	"golang.org/x/oauth2"
 )

-type EIP712Message struct {
-	Domain struct {
-		ChainId string `json:"chainId"`
-		Name    string `json:"name"`
-		Version string `json:"version"`
-	} `json:"domain"`
-	Message struct {
-		Prompt   string `json:"prompt"`
-		Nonce    string `json:"nonce"`
-		CreateAt string `json:"createAt"`
-	} `json:"message"`
-	PrimaryType string `json:"primaryType"`
-	Types       struct {
-		EIP712Domain []struct {
-			Name string `json:"name"`
-			Type string `json:"type"`
-		} `json:"EIP712Domain"`
-		AuthRequest []struct {
-			Name string `json:"name"`
-			Type string `json:"type"`
-		} `json:"AuthRequest"`
-	} `json:"types"`
-}
-
 type MetaMaskIdProvider struct {
 	Client *http.Client
 }
@ -70,15 +42,6 @@ func (idp *MetaMaskIdProvider) GetToken(code string) (*oauth2.Token, error) {
 	if err := json.Unmarshal([]byte(code), &web3AuthToken); err != nil {
 		return nil, err
 	}
-	valid, err := VerifySignature(web3AuthToken.Address, web3AuthToken.TypedData, web3AuthToken.Signature)
-	if err != nil {
-		return nil, err
-	}
-
-	if !valid {
-		return nil, fmt.Errorf("invalid signature")
-	}
-
 	token := &oauth2.Token{
 		AccessToken: web3AuthToken.Signature,
 		TokenType:   "Bearer",
@ -105,43 +68,3 @@ func (idp *MetaMaskIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, erro
 	}
 	return userInfo, nil
 }
-
-func VerifySignature(userAddress string, originalMessage string, signatureHex string) (bool, error) {
-	var eip712Mes EIP712Message
-	err := json.Unmarshal([]byte(originalMessage), &eip712Mes)
-	if err != nil {
-		return false, fmt.Errorf("invalid signature (Error parsing JSON)")
-	}
-
-	createAtTime, err := time.Parse("2006/1/2 15:04:05", eip712Mes.Message.CreateAt)
-	currentTime := time.Now()
-	if createAtTime.Before(currentTime.Add(-1*time.Minute)) && createAtTime.After(currentTime) {
-		return false, fmt.Errorf("invalid signature (signature does not meet time requirements)")
-	}
-
-	if !strings.HasPrefix(signatureHex, "0x") {
-		signatureHex = "0x" + signatureHex
-	}
-
-	signatureBytes, err := hex.DecodeString(signatureHex[2:])
-	if err != nil {
-		return false, err
-	}
-
-	if signatureBytes[64] != 27 && signatureBytes[64] != 28 {
-		return false, fmt.Errorf("invalid signature (incorrect recovery id)")
-	}
-	signatureBytes[64] -= 27
-
-	msg := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len([]byte(originalMessage)), []byte(originalMessage))
-	hash := crypto.Keccak256Hash([]byte(msg))
-
-	pubKey, err := crypto.SigToPub(hash.Bytes(), signatureBytes)
-	if err != nil {
-		return false, err
-	}
-
-	recoveredAddr := crypto.PubkeyToAddress(*pubKey)
-
-	return strings.EqualFold(recoveredAddr.Hex(), userAddress), nil
-}
--- a/web/package.json
+++ b/web/package.json
@ -10,7 +10,6 @@
    "@ctrl/tinycolor": "^3.5.0",
    "@emotion/react": "^11.10.5",
    "@metamask/eth-sig-util": "^6.0.0",
-    "@metamask/sdk-react": "^0.18.0",
    "@web3-onboard/coinbase": "^2.2.5",
    "@web3-onboard/core": "^2.20.5",
    "@web3-onboard/frontier": "^2.0.4",
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -1337,20 +1337,6 @@ class ProviderEditPage extends React.Component {
            </Row>
          ) : null
        }
-        {
-          this.state.provider.type === "MetaMask" ? (
-            <Row style={{marginTop: "20px"}} >
-              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                {Setting.getLabel(i18next.t("provider:Signature messages"), i18next.t("provider:Signature messages - Tooltip"))} :
-              </Col>
-              <Col span={22}>
-                <Input value={this.state.provider.metadata} onChange={e => {
-                  this.updateProviderField("metadata", e.target.value);
-                }} />
-              </Col>
-            </Row>
-          ) : null
-        }
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :
--- a/web/src/auth/MetaMaskLoginButton.js
+++ b/web/src/auth/MetaMaskLoginButton.js
@ -1,107 +0,0 @@
-// Copyright 2024 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-import {getAuthUrl} from "./Provider";
-import {getProviderLogoURL, goToLink, showMessage} from "../Setting";
-import i18next from "i18next";
-import {
-  generateNonce,
-  getWeb3AuthTokenKey,
-  setWeb3AuthToken
-} from "./Web3Auth";
-import {useSDK} from "@metamask/sdk-react";
-import React, {useEffect} from "react";
-
-export function MetaMaskLoginButton(props) {
-  const {application, web3Provider, method, width, margin} = props;
-  const {sdk, chainId, account} = useSDK();
-  const [typedData, setTypedData] = React.useState("");
-  const [nonce, setNonce] = React.useState("");
-  const [signature, setSignature] = React.useState();
-
-  useEffect(() => {
-    if (account && signature) {
-      const date = new Date();
-
-      const token = {
-        address: account,
-        nonce: nonce,
-        createAt: Math.floor(date.getTime() / 1000),
-        typedData: typedData,
-        signature: signature,
-      };
-      setWeb3AuthToken(token);
-
-      const redirectUri = `${getAuthUrl(application, web3Provider, method)}&web3AuthTokenKey=${getWeb3AuthTokenKey(account)}`;
-      goToLink(redirectUri);
-    }
-  }, [account, signature]);
-
-  const handleConnectAndSign = async() => {
-    try {
-      terminate();
-
-      const date = new Date();
-
-      const nonce = generateNonce();
-      setNonce(nonce);
-
-      const prompt = web3Provider?.metadata === "" ? "Casdoor: In order to authenticate to this website, sign this request and your public address will be sent to the server in a verifiable way." : web3Provider.metadata;
-      const typedData = JSON.stringify({
-        domain: {
-          chainId: chainId,
-          name: "Casdoor",
-          version: "1",
-        },
-        message: {
-          prompt: `${prompt}`,
-          nonce: nonce,
-          createAt: `${date.toLocaleString()}`,
-        },
-        primaryType: "AuthRequest",
-        types: {
-          EIP712Domain: [
-            {name: "name", type: "string"},
-            {name: "version", type: "string"},
-            {name: "chainId", type: "uint256"},
-          ],
-          AuthRequest: [
-            {name: "prompt", type: "string"},
-            {name: "nonce", type: "string"},
-            {name: "createAt", type: "string"},
-          ],
-        },
-      });
-      setTypedData(typedData);
-
-      const sig = await sdk.connectAndSign({msg: typedData});
-      setSignature(sig);
-    } catch (err) {
-      showMessage("error", `${i18next.t("login:Failed to obtain MetaMask authorization")}: ${err.message}`);
-    }
-  };
-
-  const terminate = () => {
-    sdk?.terminate();
-  };
-
-  return (
-    <a key={web3Provider.displayName} onClick={handleConnectAndSign}>
-      <img width={width} height={width} src={getProviderLogoURL(web3Provider)} alt={web3Provider.displayName}
-        className="provider-img" style={{margin: margin}} />
-    </a>
-  );
-}
-
-export default MetaMaskLoginButton;
--- a/web/src/auth/ProviderButton.js
+++ b/web/src/auth/ProviderButton.js
@ -43,8 +43,6 @@ import DouyinLoginButton from "./DouyinLoginButton";
 import LoginButton from "./LoginButton";
 import * as AuthBackend from "./AuthBackend";
 import {WechatOfficialAccountModal} from "./Util";
-import {MetaMaskProvider} from "@metamask/sdk-react";
-import MetaMaskLoginButton from "./MetaMaskLoginButton";

 function getSigninButton(provider) {
  const text = i18next.t("login:Sign in with {type}").replace("{type}", provider.displayName !== "" ? provider.displayName : provider.type);
@ -162,36 +160,11 @@ export function renderProviderLogo(provider, application, width, margin, size, l
        </a>
      );
    } else if (provider.category === "Web3") {
-      if (provider.type === "MetaMask") {
-        return (
-          <MetaMaskProvider
-            debug={false}
-            sdkOptions={{
-              communicationServerUrl: process.env.REACT_APP_COMM_SERVER_URL,
-              checkInstallationImmediately: false, // This will automatically connect to MetaMask on page load
-              dappMetadata: {
-                name: "Casdoor",
-                url: window.location.protocol + "//" + window.location.host,
-              },
-            }}
-          >
-            <MetaMaskLoginButton
-              application={application}
-              web3Provider={provider}
-              method={"signup"}
-              width={width}
-              margin={margin}
-            />
-          </MetaMaskProvider>
-        );
-      } else {
-        return (
-          <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
-            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName}
-              className="provider-img" style={{margin: margin}} />
-          </a>
-        );
-      }
+      return (
+        <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
+          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
+        </a>
+      );
    }
  } else if (provider.type === "Custom") {
    // style definition
--- a/web/yarn.lock
+++ b/web/yarn.lock