From 178b4d944a6c1b5770017a973ceb5d5a08650ec9 Mon Sep 17 00:00:00 2001 From: hitendra-ap Date: Thu, 19 Nov 2020 20:04:56 +0530 Subject: [PATCH 1/2] add key level param in endorse token and use low level key in cancel token operation acc to sdk-java --- app/package-lock.json | 2 +- app/package.json | 2 +- app/src/http/AuthHttpClient.js | 19 +++++++++++-------- app/src/main/Member.js | 5 +++-- tpp/package-lock.json | 2 +- tpp/package.json | 2 +- tpp/src/http/AuthHttpClient.js | 11 ++++++----- 7 files changed, 24 insertions(+), 19 deletions(-) diff --git a/app/package-lock.json b/app/package-lock.json index 074aa585..927b101f 100644 --- a/app/package-lock.json +++ b/app/package-lock.json @@ -1,6 +1,6 @@ { "name": "@token-io/app", - "version": "1.0.40", + "version": "1.0.41", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/app/package.json b/app/package.json index 6a121692..fdd89b91 100644 --- a/app/package.json +++ b/app/package.json @@ -1,6 +1,6 @@ { "name": "@token-io/app", - "version": "1.0.40", + "version": "1.0.41", "description": "Token JavaScript App SDK", "license": "ISC", "author": { diff --git a/app/src/http/AuthHttpClient.js b/app/src/http/AuthHttpClient.js index 9d2eba00..dd5b807e 100644 --- a/app/src/http/AuthHttpClient.js +++ b/app/src/http/AuthHttpClient.js @@ -405,7 +405,7 @@ class AuthHttpClient extends CoreAuthHttpClient { */ async replaceToken(tokenToCancel, newResources) { const cancelTokenId = tokenToCancel.id; - const cancelReq = await this._tokenOperationRequest(tokenToCancel, 'cancelled'); + const cancelReq = await this._tokenOperationRequest(tokenToCancel, 'cancelled', config.KeyLevel.LOW); const createReq = { payload: { @@ -439,11 +439,13 @@ class AuthHttpClient extends CoreAuthHttpClient { * @param {Object} token - token to endorse * @return {Object} response to the API call */ - async endorseToken(token) { + async endorseToken(token, keyLevel) { return this._tokenOperation( token, 'endorse', - 'endorsed'); + 'endorsed', + null, + keyLevel); } /** @@ -458,7 +460,8 @@ class AuthHttpClient extends CoreAuthHttpClient { token, 'cancel', 'cancelled', - blocking); + blocking, + config.KeyLevel.LOW); } /** @@ -713,24 +716,24 @@ class AuthHttpClient extends CoreAuthHttpClient { return this._instance(request); } - async _tokenOperation(token, operation, suffix, blocking) { + async _tokenOperation(token, operation, suffix, blocking, keyLevel) { const tokenId = token.id; const request = { method: 'put', url: `/tokens/${tokenId}/${operation}`, - data: await this._tokenOperationRequest(token, suffix), + data: await this._tokenOperationRequest(token, suffix, keyLevel), }; if (blocking) request.adapter = BlockingAdapter; return this._instance(request); } - async _tokenOperationRequest(token, suffix) { + async _tokenOperationRequest(token, suffix, keyLevel = config.KeyLevel.STANDARD) { return { tokenId: token.id, signature: await this.tokenOperationSignature( token.payload, suffix, - config.KeyLevel.STANDARD), + keyLevel), }; } } diff --git a/app/src/main/Member.js b/app/src/main/Member.js index 49db1547..0113258b 100644 --- a/app/src/main/Member.js +++ b/app/src/main/Member.js @@ -558,12 +558,13 @@ export default class Member extends CoreMember { * the member prompting them to use a higher-privilege key. * * @param token - token to endorse, can be the token ID as well + * @param {string} keyLevel - 'LOW', 'STANDARD', or 'PRIVILEGED' * @return endorsed token */ - endorseToken(token: Token | string): Promise { + endorseToken(token: Token | string, keyLevel: string): Promise { return Util.callAsync(this.endorseToken, async () => { const finalToken = await this._resolveToken(token); - const endorsed = await this._client.endorseToken(finalToken); + const endorsed = await this._client.endorseToken(finalToken, keyLevel); if (typeof token !== 'string') { token.payloadSignatures = endorsed.data.result.token.payloadSignatures; } diff --git a/tpp/package-lock.json b/tpp/package-lock.json index f7e27390..3715d142 100644 --- a/tpp/package-lock.json +++ b/tpp/package-lock.json @@ -1,6 +1,6 @@ { "name": "@token-io/tpp", - "version": "1.0.49", + "version": "1.0.50", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/tpp/package.json b/tpp/package.json index e2de5d16..0ae88554 100644 --- a/tpp/package.json +++ b/tpp/package.json @@ -1,6 +1,6 @@ { "name": "@token-io/tpp", - "version": "1.0.49", + "version": "1.0.50", "description": "Token JavaScript TPP SDK", "license": "ISC", "author": { diff --git a/tpp/src/http/AuthHttpClient.js b/tpp/src/http/AuthHttpClient.js index 3aff60b1..e0d344bd 100644 --- a/tpp/src/http/AuthHttpClient.js +++ b/tpp/src/http/AuthHttpClient.js @@ -193,7 +193,8 @@ class AuthHttpClient extends CoreAuthHttpClient { return this._tokenOperation( token, 'cancel', - 'cancelled'); + 'cancelled', + config.KeyLevel.LOW); } /** @@ -507,23 +508,23 @@ class AuthHttpClient extends CoreAuthHttpClient { return this._instance(request); } - async _tokenOperation(token, operation, suffix) { + async _tokenOperation(token, operation, suffix, keyLevel) { const tokenId = token.id; const request = { method: 'put', url: `/tokens/${tokenId}/${operation}`, - data: await this._tokenOperationRequest(token, suffix), + data: await this._tokenOperationRequest(token, suffix, keyLevel), }; return this._instance(request); } - async _tokenOperationRequest(token, suffix) { + async _tokenOperationRequest(token, suffix, keyLevel = config.KeyLevel.STANDARD) { return { tokenId: token.id, signature: await this.tokenOperationSignature( token.payload, suffix, - config.KeyLevel.STANDARD), + keyLevel), }; } } From 675035bdaa482f55dfdaa21e8902f7abbc200b33 Mon Sep 17 00:00:00 2001 From: hitendra-ap Date: Thu, 19 Nov 2020 21:50:01 +0530 Subject: [PATCH 2/2] Revert getSigner functionality from b4534793b410ff5c86f173472794682376770c8a --- core/src/http/AuthHttpClient.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/core/src/http/AuthHttpClient.js b/core/src/http/AuthHttpClient.js index 14aa3d4a..ac73c7a9 100644 --- a/core/src/http/AuthHttpClient.js +++ b/core/src/http/AuthHttpClient.js @@ -52,30 +52,30 @@ export class AuthHttpClient { /** * Creates the necessary signer objects, based on the level requested. - * If the level is not available, attempts to fetch a lower level. + * If the level is not available, attempts to fetch a higher level. * - * @param {string} level - requested level of key + * @param {string} level - requested minimum level of key * @return {Promise} object used to sign */ async getSigner(level) { - if (level === config.KeyLevel.LOW) { - return await this._cryptoEngine.createSigner(config.KeyLevel.LOW); + if (level === config.KeyLevel.PRIVILEGED) { + return await this._cryptoEngine.createSigner(config.KeyLevel.PRIVILEGED); } if (level === config.KeyLevel.STANDARD) { try { return await this._cryptoEngine.createSigner(config.KeyLevel.STANDARD); } catch (err) { - return await this._cryptoEngine.createSigner(config.KeyLevel.LOW); + return await this._cryptoEngine.createSigner(config.KeyLevel.PRIVILEGED); } } - if (level === config.KeyLevel.PRIVILEGED) { + if (level === config.KeyLevel.LOW) { try { - return await this._cryptoEngine.createSigner(config.KeyLevel.PRIVILEGED); + return await this._cryptoEngine.createSigner(config.KeyLevel.LOW); } catch (err) { try { return await this._cryptoEngine.createSigner(config.KeyLevel.STANDARD); } catch (err2) { - return await this._cryptoEngine.createSigner(config.KeyLevel.LOW); + return await this._cryptoEngine.createSigner(config.KeyLevel.PRIVILEGED); } } }