@arcblock/did-auth/lib/protocol.js

Helper function to setup DID authentication support on a node.js web server

const AES = require('@ocap/mcrypto/lib/crypter/aes').default;
const { decode } = require('@arcblock/jwt');
const { fromBase58 } = require('@ocap/util');

const VERSION = '1.0.0';

const decrypt = (data, config = {}, dataKey = 'userInfo') => {
  try {
    decode(data[dataKey]);
    return data;
  } catch {
    // Do nothing
  }

  if (config.sharedKey && data.version === VERSION) {
    data[dataKey] = AES.decrypt(fromBase58(data[dataKey]), config.sharedKey, 'buffer').toString('utf8');
  }
  return data;
};

const encrypt = (data, config = {}, dataKey = 'authInfo') => {
  const { clientVersion, sharedKey } = config || {};
  if (data.sensitive && sharedKey && clientVersion === VERSION) {
    data.version = VERSION;
    data[dataKey] = AES.encrypt(data[dataKey], sharedKey, 'base58');
  }

  delete data.sensitive;

  return data;
};

module.exports = {
  decrypt,
  encrypt,
  VERSION,
  PROTECTED_KEYS: ['challenge', 'nonce', 'sharedKey', 'encryptionKey'],
  SESSION_STATUS: {
    CREATED: 'created',
    SUCCEED: 'succeed',
    ERROR: 'error',
    BUSY: 'busy',
    SCANNED: 'scanned',
    FORBIDDEN: 'forbidden',
  },
};