Make origin remapping consistent

When the "new" domains (icp0.io & internetcomputer.org) were introduced, a workaround was implemented in II to ensure that dapps would see the same principals regardless on whether they are using CANISTER.ic0.app or CANISTER.icp0.io. This workaround was implemented for fetching the derivation, but actually needs to be applied to all operations deriving a principal from an identity number/origin pair. This change makes sure that all calls perform the remapping, including `get_principal` (which will be used in Verifiable Credentials).
dfinity · Dec 1, 2023 · eccf6df · eccf6df
1 parent a4a299f
commit eccf6df
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 17 deletions.
diff --git a/src/frontend/src/flows/authorize/fetchDelegation.ts b/src/frontend/src/flows/authorize/fetchDelegation.ts
@@ -6,7 +6,6 @@ import { toast } from "$src/components/toast";
 import { AuthenticatedConnection } from "$src/utils/iiConnection";
 import { unknownToString } from "$src/utils/utils";
 import { Signature } from "@dfinity/agent";
-import { nonNullish } from "@dfinity/utils";
 import { Delegation } from "./postMessageInterface";
 
 /**
@@ -28,16 +27,6 @@ export const fetchDelegation = async ({
   publicKey: Uint8Array;
   maxTimeToLive?: bigint;
 }): Promise<[PublicKey, Delegation] | { error: unknown }> => {
-  // In order to give dapps a stable principal regardless whether they use the legacy (ic0.app) or the new domain (icp0.io)
-  // we map back the derivation origin to the ic0.app domain.
-  const ORIGIN_MAPPING_REGEX =
-    /^https:\/\/(?<subdomain>[\w-]+(?:\.raw)?)\.icp0\.io$/;
-  const match = derivationOrigin.match(ORIGIN_MAPPING_REGEX);
-  const subdomain = match?.groups?.subdomain;
-  if (nonNullish(subdomain)) {
-    derivationOrigin = `https://${subdomain}.ic0.app`;
-  }
-
   const result = await connection.prepareDelegation(
     derivationOrigin,
     publicKey,

diff --git a/src/frontend/src/utils/iiConnection.ts b/src/frontend/src/utils/iiConnection.ts
@@ -469,6 +469,17 @@ export class AuthenticatedConnection extends Connection {
     return await actor.get_anchor_info(this.userNumber);
   };
 
+  getPrincipal = async ({
+    origin: origin_,
+  }: {
+    origin: string;
+  }): Promise<Principal> => {
+    const origin = remapToLegacyDomain(origin_);
+
+    const actor = await this.getActor();
+    return await actor.get_principal(this.userNumber, origin);
+  };
+
   enterDeviceRegistrationMode = async (): Promise<Timestamp> => {
     const actor = await this.getActor();
     return await actor.enter_device_registration_mode(this.userNumber);
@@ -525,18 +536,19 @@ export class AuthenticatedConnection extends Connection {
   };
 
   prepareDelegation = async (
-    hostname: FrontendHostname,
+    origin_: FrontendHostname,
     sessionKey: SessionKey,
     maxTimeToLive?: bigint
   ): Promise<[PublicKey, bigint] | { error: unknown }> => {
     try {
+      const origin = remapToLegacyDomain(origin_);
       console.log(
-        `prepare_delegation(user: ${this.userNumber}, hostname: ${hostname}, session_key: ${sessionKey})`
+        `prepare_delegation(user: ${this.userNumber}, origin: ${origin}, session_key: ${sessionKey})`
       );
       const actor = await this.getActor();
       return await actor.prepare_delegation(
         this.userNumber,
-        hostname,
+        origin,
         sessionKey,
         nonNullish(maxTimeToLive) ? [maxTimeToLive] : []
       );
@@ -547,18 +559,19 @@ export class AuthenticatedConnection extends Connection {
   };
 
   getDelegation = async (
-    hostname: FrontendHostname,
+    origin_: FrontendHostname,
     sessionKey: SessionKey,
     timestamp: Timestamp
   ): Promise<GetDelegationResponse | { error: unknown }> => {
     try {
+      const origin = remapToLegacyDomain(origin_);
       console.log(
-        `get_delegation(user: ${this.userNumber}, hostname: ${hostname}, session_key: ${sessionKey}, timestamp: ${timestamp})`
+        `get_delegation(user: ${this.userNumber}, origin: ${origin}, session_key: ${sessionKey}, timestamp: ${timestamp})`
       );
       const actor = await this.getActor();
       return await actor.get_delegation(
         this.userNumber,
-        hostname,
+        origin,
         sessionKey,
         timestamp
       );
@@ -640,6 +653,20 @@ export const creationOptions = (
   };
 };
 
+// In order to give dapps a stable principal regardless whether they use the legacy (ic0.app) or the new domain (icp0.io)
+// we map back the derivation origin to the ic0.app domain.
+const remapToLegacyDomain = (origin: string): string => {
+  const ORIGIN_MAPPING_REGEX =
+    /^https:\/\/(?<subdomain>[\w-]+(?:\.raw)?)\.icp0\.io$/;
+  const match = origin.match(ORIGIN_MAPPING_REGEX);
+  const subdomain = match?.groups?.subdomain;
+  if (nonNullish(subdomain)) {
+    return `https://${subdomain}.ic0.app`;
+  } else {
+    return origin;
+  }
+};
+
 const derFromPubkey = (pubkey: DeviceKey): DerEncodedPublicKey =>
   new Uint8Array(pubkey).buffer as DerEncodedPublicKey;