@lit-protocol/auth-helpers/src/lib/resources.js

Advanced authentication utilities for managing blockchain resource permissions and capabilities within the Lit Protocol ecosystem. Built on top of SIWE (Sign-In with Ethereum) and SIWE-RECAP for robust authentication flows.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.LitActionResource = exports.LitRLIResource = exports.LitPKPResource = exports.LitAccessControlConditionResource = void 0;
exports.parseLitResource = parseLitResource;
const access_control_conditions_1 = require("@lit-protocol/access-control-conditions");
const constants_1 = require("@lit-protocol/constants");
const uint8arrays_1 = require("@lit-protocol/uint8arrays");
const utils_1 = require("./utils");
class LitResourceBase {
    constructor(resource) {
        this.resource = resource;
    }
    getResourceKey() {
        return `${this.resourcePrefix}://${this.resource}`;
    }
    toString() {
        return this.getResourceKey();
    }
}
class LitAccessControlConditionResource extends LitResourceBase {
    /**
     * Creates a new LitAccessControlConditionResource.
     * @param resource The identifier for the resource. This should be the
     * hashed key value of the access control condition.
     */
    constructor(resource) {
        super(resource);
        this.resourcePrefix = constants_1.LIT_RESOURCE_PREFIX.AccessControlCondition;
    }
    isValidLitAbility(litAbility) {
        return (litAbility === constants_1.LIT_ABILITY.AccessControlConditionDecryption ||
            litAbility === constants_1.LIT_ABILITY.AccessControlConditionSigning);
    }
    /**
     * Composes a resource string by hashing access control conditions and appending a data hash.
     *
     * @param {AccessControlConditions} accs - The access control conditions to hash.
     * @param {string} dataToEncryptHash - The hash of the data to encrypt.
     * @returns {Promise<string>} The composed resource string in the format 'hashedAccs/dataToEncryptHash'.
     */
    static async generateResourceString(accs, dataToEncryptHash) {
        if (!accs || !dataToEncryptHash) {
            throw new constants_1.InvalidArgumentException({
                info: {
                    accs,
                    dataToEncryptHash,
                },
            }, 'Invalid input: Access control conditions and data hash are required.');
        }
        const hashedAccs = await (0, access_control_conditions_1.hashAccessControlConditions)(accs);
        const hashedAccsStr = (0, uint8arrays_1.uint8arrayToString)(new Uint8Array(hashedAccs), 'base16');
        const resourceString = `${hashedAccsStr}/${dataToEncryptHash}`;
        return resourceString;
    }
}
exports.LitAccessControlConditionResource = LitAccessControlConditionResource;
class LitPKPResource extends LitResourceBase {
    /**
     * Creates a new LitPKPResource.
     * @param resource The identifier for the resource. This should be the
     * PKP token ID.
     */
    constructor(resource) {
        const fixedResource = (0, utils_1.formatPKPResource)(resource);
        super(fixedResource);
        this.resourcePrefix = constants_1.LIT_RESOURCE_PREFIX.PKP;
    }
    isValidLitAbility(litAbility) {
        return litAbility === constants_1.LIT_ABILITY.PKPSigning;
    }
}
exports.LitPKPResource = LitPKPResource;
class LitRLIResource extends LitResourceBase {
    /**
     * Creates a new LitRLIResource.
     * @param resource The identifier for the resource. This should be the
     * RLI token ID.
     */
    constructor(resource) {
        super(resource);
        this.resourcePrefix = constants_1.LIT_RESOURCE_PREFIX.RLI;
    }
    isValidLitAbility(litAbility) {
        return litAbility === constants_1.LIT_ABILITY.RateLimitIncreaseAuth;
    }
}
exports.LitRLIResource = LitRLIResource;
class LitActionResource extends LitResourceBase {
    /**
     * Creates a new LitActionResource.
     * @param resource The identifier for the resource. This should be the
     * Lit Action IPFS CID.
     */
    constructor(resource) {
        super(resource);
        this.resourcePrefix = constants_1.LIT_RESOURCE_PREFIX.LitAction;
    }
    isValidLitAbility(litAbility) {
        return litAbility === constants_1.LIT_ABILITY.LitActionExecution;
    }
}
exports.LitActionResource = LitActionResource;
function parseLitResource(resourceKey) {
    if (resourceKey.startsWith(constants_1.LIT_RESOURCE_PREFIX.AccessControlCondition)) {
        return new LitAccessControlConditionResource(resourceKey.substring(`${constants_1.LIT_RESOURCE_PREFIX.AccessControlCondition}://`.length));
    }
    else if (resourceKey.startsWith(constants_1.LIT_RESOURCE_PREFIX.PKP)) {
        return new LitPKPResource(resourceKey.substring(`${constants_1.LIT_RESOURCE_PREFIX.PKP}://`.length));
    }
    else if (resourceKey.startsWith(constants_1.LIT_RESOURCE_PREFIX.RLI)) {
        return new LitRLIResource(resourceKey.substring(`${constants_1.LIT_RESOURCE_PREFIX.RLI}://`.length));
    }
    else if (resourceKey.startsWith(constants_1.LIT_RESOURCE_PREFIX.LitAction)) {
        return new LitActionResource(resourceKey.substring(`${constants_1.LIT_RESOURCE_PREFIX.LitAction}://`.length));
    }
    throw new constants_1.InvalidArgumentException({
        info: {
            resourceKey,
        },
    }, `Invalid resource prefix`);
}
//# sourceMappingURL=resources.js.map