UNPKG

@metamask/snaps-rpc-methods

Version:
1 lines 12.2 kB
{"version":3,"file":"requestSnaps.cjs","sourceRoot":"","sources":["../../src/permitted/requestSnaps.ts"],"names":[],"mappings":";;;AAYA,qDAAiD;AAMjD,uDAG+B;AAE/B,2CAAgE;AAChE,6CAAoC;AAEpC,6DAAsE;AAWtE;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACU,QAAA,mBAAmB,GAAG;IACjC,cAAc,EAAE,0BAA0B;IAC1C,WAAW,EAAE;QACX,6BAA6B;QAC7B,yCAAyC;QACzC,qCAAqC;KACtC;CAOF,CAAC;AAEF;;;;;;;GAOG;AACH,SAAgB,iBAAiB,CAC/B,mBAAyD,EACzD,cAAuC;IAEvC,MAAM,YAAY,GAAG,mBAAmB,CACtC,uCAA0B,CAC3B,EAAE,OAAO,EAAE,IAAI,CACd,CAAC,MAA4B,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,4BAAc,CAAC,OAAO,CACzE,CAAC;IAEF,MAAM,cAAc,GAAG,YAAY,EAAE,KAAK,CAAC;IAC3C,IAAI,IAAA,gBAAQ,EAAC,cAAc,CAAC,EAAE,CAAC;QAC7B,OAAO,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,KAAK,CAAC,CAAC,aAAa,EAAE,EAAE,CACzD,IAAA,mBAAW,EAAC,cAAc,EAAE,aAAa,CAAC,CAC3C,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAjBD,8CAiBC;AAED;;;;;;;GAOG;AACH,SAAgB,yBAAyB,CACvC,mBAAyD,EACzD,oBAA6B;IAE7B,IAAA,4CAA8B,EAAC,oBAAoB,CAAC,CAAC;IAErD,IAAI,CAAC,mBAAmB,CAAC,uCAA0B,CAAC,EAAE,CAAC;QACrD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED,MAAM,YAAY,GAAG,mBAAmB,CACtC,uCAA0B,CAC3B,CAAC,OAAO,EAAE,IAAI,CACb,CAAC,MAA4B,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,4BAAc,CAAC,OAAO,CACzE,CAAC;IAEF,MAAM,cAAc,GAAI,YAAY,EAAE,KAA8B,IAAI,EAAE,CAAC;IAE3E,MAAM,cAAc,GAClB,oBAAoB,CAAC,uCAA0B,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAEpE,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC;QACxB,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC;QAC9B,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC;KAC/B,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,MAAM,CAC7C,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAClB,OAAO,CAAC,MAAM,CAAC,GAAG,cAAc,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;QACnE,OAAO,OAAO,CAAC;IACjB,CAAC,EACD,EAAE,CACH,CAAC;IAEF,oBAAoB,CAAC,uCAA0B,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK;QAC/D,iBAAiB,CAAC;IAEpB,OAAO,oBAAoB,CAAC;AAC9B,CAAC;AAtCD,8DAsCC;AAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;AAE1B;;;;;GAKG;AACH,SAAS,QAAQ,CAAC,MAAc;IAC9B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,mBAAK,EAAE,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAC7B,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,0BAA0B,CACvC,GAAiD,EACjD,GAA+C,EAC/C,KAAc,EACd,GAA6B,EAC7B,MAAa,EACb,SAAuD;IAEvD,MAAM,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC;IAClC,IAAI,CAAC,IAAA,gBAAQ,EAAC,cAAc,CAAC,EAAE,CAAC;QAC9B,OAAO,GAAG,CACR,sBAAS,CAAC,aAAa,CAAC;YACtB,OAAO,EAAE,6BAA6B;SACvC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7C,OAAO,GAAG,CACR,sBAAS,CAAC,aAAa,CAAC;YACtB,OAAO,EAAE,gDAAgD;SAC1D,CAAC,CACH,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;IAE/B,iFAAiF;IACjF,qBAAqB;IACrB,MAAM,KAAK,CAAC,YAAY,CAAC,KAAK,IAAI,EAAE;QAClC,IAAI,CAAC;YACH,MAAM,oBAAoB,GAAG;gBAC3B,CAAC,uCAA0B,CAAC,EAAE;oBAC5B,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,4BAAc,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;iBACnE;aACsB,CAAC;YAC1B,MAAM,mBAAmB,GAAG,SAAS,CAAC,IAAI,CACxC,qCAAqC,EACrC,MAAM,CACP,CAAC;YAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBACzB,MAAM,CAAC,EAAE,QAAQ,CAAC,GAAG,MAAM,SAAS,CAAC,IAAI,CACvC,yCAAyC,EACzC,EAAE,MAAM,EAAE,EACV,oBAAoB,CACrB,CAAC;gBAEF,IAAA,cAAM,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBAEtB,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,IAAI,CACxB,uCAA0B,CACL,CAAC;YAC1B,CAAC;iBAAM,IAAI,iBAAiB,CAAC,mBAAmB,EAAE,cAAc,CAAC,EAAE,CAAC;gBAClE,GAAG,CAAC,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAC/B,6BAA6B,EAC7B,MAAM,EACN,cAAc,CACf,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,wBAAwB,GAAG,yBAAyB,CACxD,mBAAmB,EACnB,oBAAoB,CACrB,CAAC;gBAEF,MAAM,CAAC,EAAE,QAAQ,CAAC,GAAG,MAAM,SAAS,CAAC,IAAI,CACvC,yCAAyC,EACzC,EAAE,MAAM,EAAE,EACV,wBAAwB,CACzB,CAAC;gBAEF,IAAA,cAAM,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBAEtB,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,IAAI,CACxB,uCAA0B,CACL,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC;QACpB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,EAAE,CAAC;AACf,CAAC","sourcesContent":["import type {\n JsonRpcEngineEndCallback,\n MethodHandler,\n} from '@metamask/json-rpc-engine';\nimport type { Messenger } from '@metamask/messenger';\nimport type {\n Caveat,\n PermissionConstraint,\n PermissionControllerGetPermissionsAction,\n PermissionControllerRequestPermissionsAction,\n RequestedPermissions,\n} from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type {\n RequestSnapsParams,\n RequestSnapsResult,\n} from '@metamask/snaps-sdk';\nimport type { SnapsPermissionRequest } from '@metamask/snaps-utils';\nimport {\n SnapCaveatType,\n verifyRequestedSnapPermissions,\n} from '@metamask/snaps-utils';\nimport type { PendingJsonRpcResponse, Json } from '@metamask/utils';\nimport { assert, hasProperty, isObject } from '@metamask/utils';\nimport { Mutex } from 'async-mutex';\n\nimport { WALLET_SNAP_PERMISSION_KEY } from '../restricted/invokeSnap';\nimport type {\n JsonRpcRequestWithOrigin,\n SnapControllerInstallSnapsAction,\n} from '../types';\n\nexport type RequestSnapsMethodActions =\n | SnapControllerInstallSnapsAction\n | PermissionControllerRequestPermissionsAction\n | PermissionControllerGetPermissionsAction;\n\n/**\n * Request permission for a dapp to communicate with the specified Snaps and\n * attempt to install them if they're not already installed.\n *\n * If the Snap version range is specified, MetaMask attempts to install a\n * version of the Snap that satisfies the range. If a compatible version of the\n * Snap is already installed, the request succeeds. If an incompatible version\n * is installed, MetaMask attempts to update the Snap to the latest version that\n * satisfies the range. The request succeeds if the Snap is successfully\n * installed.\n *\n * If the installation of any Snap fails, or the user rejects the installation\n * or permission request, this method returns the error that caused the failure.\n *\n * @example\n * ```ts\n * const result = await snap.request({\n * method: 'wallet_requestSnaps',\n * params: {\n * 'npm:@metamask/example-snap': {},\n * 'npm:@metamask/another-snap': { version: '1.2.3' },\n * },\n * });\n * ```\n */\nexport const requestSnapsHandler = {\n implementation: requestSnapsImplementation,\n actionNames: [\n 'SnapController:installSnaps',\n 'PermissionController:requestPermissions',\n 'PermissionController:getPermissions',\n ],\n} satisfies MethodHandler<\n never,\n RequestSnapsMethodActions,\n RequestSnapsParams,\n RequestSnapsResult,\n { origin: string }\n>;\n\n/**\n * Checks whether an origin has existing `wallet_snap` permission and\n * whether or not it has the requested snapIds caveat.\n *\n * @param existingPermissions - The existing permissions for the origin.\n * @param requestedSnaps - The requested snaps.\n * @returns True if the existing permissions satisfy the requested snaps, otherwise false.\n */\nexport function hasRequestedSnaps(\n existingPermissions: Record<string, PermissionConstraint>,\n requestedSnaps: Record<string, unknown>,\n): boolean {\n const snapIdCaveat = existingPermissions[\n WALLET_SNAP_PERMISSION_KEY\n ]?.caveats?.find(\n (caveat: Caveat<string, Json>) => caveat.type === SnapCaveatType.SnapIds,\n );\n\n const permittedSnaps = snapIdCaveat?.value;\n if (isObject(permittedSnaps)) {\n return Object.keys(requestedSnaps).every((requestedSnap) =>\n hasProperty(permittedSnaps, requestedSnap),\n );\n }\n return false;\n}\n\n/**\n * Constructs a valid permission request with merged caveats based on existing permissions\n * and the requested snaps.\n *\n * @param existingPermissions - The existing permissions for the origin.\n * @param requestedPermissions - The permission request passed into `requestPermissions`.\n * @returns `requestedPermissions`.\n */\nexport function getSnapPermissionsRequest(\n existingPermissions: Record<string, PermissionConstraint>,\n requestedPermissions: unknown,\n): SnapsPermissionRequest {\n verifyRequestedSnapPermissions(requestedPermissions);\n\n if (!existingPermissions[WALLET_SNAP_PERMISSION_KEY]) {\n return requestedPermissions;\n }\n\n const snapIdCaveat = existingPermissions[\n WALLET_SNAP_PERMISSION_KEY\n ].caveats?.find(\n (caveat: Caveat<string, Json>) => caveat.type === SnapCaveatType.SnapIds,\n );\n\n const permittedSnaps = (snapIdCaveat?.value as Record<string, Json>) ?? {};\n\n const requestedSnaps =\n requestedPermissions[WALLET_SNAP_PERMISSION_KEY].caveats[0].value;\n\n const snapIdSet = new Set([\n ...Object.keys(permittedSnaps),\n ...Object.keys(requestedSnaps),\n ]);\n\n const mergedCaveatValue = [...snapIdSet].reduce<Record<string, Json>>(\n (request, snapId) => {\n request[snapId] = requestedSnaps[snapId] ?? permittedSnaps[snapId];\n return request;\n },\n {},\n );\n\n requestedPermissions[WALLET_SNAP_PERMISSION_KEY].caveats[0].value =\n mergedCaveatValue;\n\n return requestedPermissions;\n}\n\nconst mutexes = new Map();\n\n/**\n * Get the corresponding Snap installation mutex for a given origin.\n *\n * @param origin - The origin of the request.\n * @returns A mutex for that specific origin.\n */\nfunction getMutex(origin: string) {\n if (!mutexes.has(origin)) {\n mutexes.set(origin, new Mutex());\n }\n return mutexes.get(origin);\n}\n\n/**\n * The `wallet_requestSnaps` method implementation.\n * Tries to install the requested snaps and adds them to the JSON-RPC response.\n *\n * @param req - The JSON-RPC request object.\n * @param res - The JSON-RPC response object.\n * @param _next - The `json-rpc-engine` \"next\" callback. Not used by this\n * function.\n * @param end - The `json-rpc-engine` \"end\" callback.\n * @param _hooks - The RPC method hooks. Not used by this function.\n * @param messenger - The messenger used to call controller actions.\n * @returns A promise that resolves once the JSON-RPC response has been modified.\n * @throws If the params are invalid.\n */\nasync function requestSnapsImplementation(\n req: JsonRpcRequestWithOrigin<RequestSnapsParams>,\n res: PendingJsonRpcResponse<RequestSnapsResult>,\n _next: unknown,\n end: JsonRpcEngineEndCallback,\n _hooks: never,\n messenger: Messenger<string, RequestSnapsMethodActions>,\n): Promise<void> {\n const requestedSnaps = req.params;\n if (!isObject(requestedSnaps)) {\n return end(\n rpcErrors.invalidParams({\n message: '\"params\" must be an object.',\n }),\n );\n }\n\n if (Object.keys(requestedSnaps).length === 0) {\n return end(\n rpcErrors.invalidParams({\n message: 'Request must have at least one requested snap.',\n }),\n );\n }\n\n const { origin } = req;\n\n const mutex = getMutex(origin);\n\n // Process requests sequentially for each origin as permissions need to be merged\n // for every request.\n await mutex.runExclusive(async () => {\n try {\n const requestedPermissions = {\n [WALLET_SNAP_PERMISSION_KEY]: {\n caveats: [{ type: SnapCaveatType.SnapIds, value: requestedSnaps }],\n },\n } as RequestedPermissions;\n const existingPermissions = messenger.call(\n 'PermissionController:getPermissions',\n origin,\n );\n\n if (!existingPermissions) {\n const [, metadata] = await messenger.call(\n 'PermissionController:requestPermissions',\n { origin },\n requestedPermissions,\n );\n\n assert(metadata.data);\n\n res.result = metadata.data[\n WALLET_SNAP_PERMISSION_KEY\n ] as RequestSnapsResult;\n } else if (hasRequestedSnaps(existingPermissions, requestedSnaps)) {\n res.result = await messenger.call(\n 'SnapController:installSnaps',\n origin,\n requestedSnaps,\n );\n } else {\n const mergedPermissionsRequest = getSnapPermissionsRequest(\n existingPermissions,\n requestedPermissions,\n );\n\n const [, metadata] = await messenger.call(\n 'PermissionController:requestPermissions',\n { origin },\n mergedPermissionsRequest,\n );\n\n assert(metadata.data);\n\n res.result = metadata.data[\n WALLET_SNAP_PERMISSION_KEY\n ] as RequestSnapsResult;\n }\n } catch (error) {\n res.error = error;\n }\n });\n\n return end();\n}\n"]}