UNPKG

permissionless

Version:

A utility library for working with ERC-4337

docs.pimlico.io/permissionless

pimlicolabs/permissionless.js

143 lines (129 loc) 4.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
// import { Base64 } from "ox" import type { Account, Chain, Client, Hex, Transport } from "viem" import type { PasskeyServerRpcSchema } from "../../types/passkeyServer.js" import { getOxExports } from "../../utils/ox.js" export type VerifyAuthenticationParameters = { raw: { id: string rawId: ArrayBuffer authenticatorAttachment: string response: { authenticatorData?: ArrayBuffer signature?: ArrayBuffer userHandle?: ArrayBuffer clientDataJSON: ArrayBuffer } getClientExtensionResults: () => Record<string, unknown> type: string } uuid: string } export type VerifyAuthenticationReturnType = { success: boolean id: string publicKey: Hex userName: string } export const verifyAuthentication = async ( client: Client< Transport, Chain | undefined, Account | undefined, PasskeyServerRpcSchema >, args: VerifyAuthenticationParameters ): Promise<VerifyAuthenticationReturnType> => { const { raw, uuid } = args const { Base64 } = await getOxExports() let responseAuthenticatorData: string if ("authenticatorData" in raw.response) { responseAuthenticatorData = Base64.fromBytes( new Uint8Array(raw.response.authenticatorData as ArrayBuffer), { url: true } ) } else { throw new Error("authenticatorData not found in the signature") } let signature: string if ("signature" in raw.response) { signature = Base64.fromBytes( new Uint8Array(raw.response.signature as ArrayBuffer), { pad: false, url: true } ) } else { throw new Error("signature not found in the signature") } let userHandle: string | undefined if ("userHandle" in raw.response) { userHandle = Base64.fromBytes( new Uint8Array(raw.response.userHandle as ArrayBuffer), { pad: false, url: true } ) } const serverResponse = await client.request( { method: "pks_verifyAuthentication", params: [ { id: raw.id, rawId: Base64.fromBytes(new Uint8Array(raw.rawId), { pad: false, url: true }), authenticatorAttachment: raw.authenticatorAttachment as | "cross-platform" | "platform", response: { clientDataJSON: Base64.fromBytes( new Uint8Array(raw.response.clientDataJSON), { pad: false, url: true } ), authenticatorData: responseAuthenticatorData, signature, userHandle }, clientExtensionResults: raw.getClientExtensionResults(), type: raw.type as "public-key" }, { uuid } ] }, { retryCount: 0 } ) const success = Boolean(serverResponse?.success) const id = serverResponse?.id const publicKey = serverResponse?.publicKey const userName = serverResponse?.userName if (typeof id !== "string") { throw new Error("Invalid passkey id returned from server") } if (typeof publicKey !== "string" || !publicKey.startsWith("0x")) { throw new Error( "Invalid public key returned from server - must be hex string starting with 0x" ) } if (typeof userName !== "string") { throw new Error("Invalid user name returned from server") } return { success, id, publicKey: publicKey as Hex, userName } }