Skip to content

Commit

Permalink
sapphire-contract: Change bearer token type calldata -> memory
Browse files Browse the repository at this point in the history
  • Loading branch information
matevz committed Nov 25, 2024
1 parent a4069ee commit 428babf
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 11 deletions.
15 changes: 8 additions & 7 deletions contracts/contracts/auth/A13e.sol
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@ import {SignatureRSV} from "../EthereumUtils.sol";
* @title Interface for authenticatable contracts
* @notice This is the interface for universal authentication mechanism (e.g.
* SIWE):
* 1. The user-facing app calls login() to generate the bearer token on-chain.
* 2. Any smart contract method that requires authentication accept this token
* as an argument. Then, it passes the token to authMsgSender() to verify it
* and obtain the **authenticated** user address. This address can then serve
* as a user ID for authorization.
* 1. The user-facing app calls `login()` which generates the bearer token
* on-chain.
* 2. Any smart contract method that requires authentication takes this token
* as an argument. It passes this token to `authMsgSender()` to verify it
* and obtain the **authenticated** user address. This address can then
* serve as a user ID for authorization.
*/
abstract contract A13e {
/// A mapping of revoked bearers. Access it directly or use the checkRevokedBearer modifier.
Expand All @@ -23,7 +24,7 @@ abstract contract A13e {
/**
* @notice Reverts if the given bearer was revoked
*/
modifier checkRevokedBearer(bytes calldata bearer) {
modifier checkRevokedBearer(bytes memory bearer) {
if (_revokedBearers[keccak256(bearer)]) {
revert RevokedBearer();
}
Expand All @@ -43,7 +44,7 @@ abstract contract A13e {
/**
* @notice Validate the bearer token and return authenticated msg.sender.
*/
function authMsgSender(bytes calldata bearer)
function authMsgSender(bytes memory bearer)
internal
view
virtual
Expand Down
16 changes: 12 additions & 4 deletions contracts/contracts/auth/SiweAuth.sol
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,18 @@ struct Bearer {
/**
* @title Base contract for SIWE-based authentication
* @notice Inherit this contract, if you wish to enable SIWE-based
* authentication for your contract methods that require authenticated calls.
* authentication for your contract methods that require authentication.
* The smart contract needs to be bound to a domain (passed in constructor).
*
* #### Example
*
* ```solidity
* contract MyContract is SiweAuth {
* address private _owner;
* string private _message;
*
* modifier onlyOwner(bytes calldata bearer) {
* if (authMsgSender(bearer) != _owner) {
* if (msg.sender != _owner && authMsgSender(bearer) != _owner) {
* revert("not allowed");
* }
* _;
Expand All @@ -37,7 +38,11 @@ struct Bearer {
* }
*
* function getSecretMessage(bytes calldata bearer) external view onlyOwner(bearer) returns (string memory) {
* return "Very secret message";
* return _message;
* }
*
* function setSecretMessage(string calldata message) external onlyOwner("") {
* _message = message;
* }
* }
* ```
Expand Down Expand Up @@ -144,13 +149,16 @@ contract SiweAuth is A13e {
return _domain;
}

function authMsgSender(bytes calldata bearer)
function authMsgSender(bytes memory bearer)
internal
view
override
checkRevokedBearer(bearer)
returns (address)
{
if (bearer.length == 0) {
return address(0);
}
bytes memory bearerEncoded = Sapphire.decrypt(
_bearerEncKey,
0,
Expand Down

0 comments on commit 428babf

Please sign in to comment.