Skip to content

Commit

Permalink
remove legacy auth validation
Browse files Browse the repository at this point in the history
michavie committed Feb 28, 2024

Verified

This commit was signed with the committer’s verified signature.
baron42bba Andreas Gerler
1 parent 024103f commit da0bd09
Showing 3 changed files with 0 additions and 15 deletions.
12 changes: 0 additions & 12 deletions src/Auth/NativeAuthServer.php
Original file line number Diff line number Diff line change
@@ -19,7 +19,6 @@ public function __construct(
public ?string $apiUrl = null,
public array $acceptedOrigins = [],
public int $maxExpirySeconds = 86400,
public bool $skipLegacyValidation = false,
) {
}

@@ -71,17 +70,6 @@ public function validate(string $accessToken): NativeAuthValidateResult
$valid = UserVerifier::fromAddress(Address::fromBech32($decoded->address))
->verify(new Bytes($verifiable->serializeForSigning()), new Bytes($verifiable->signature->hex()), $verifiable->address->getPublicKey());

if (! $valid && ! $this->skipLegacyValidation) {
$verifiable = new SignableMessage(
message: "{$decoded->address}{$decoded->body}{}",
signature: new Signature($decoded->signature),
address: Address::fromBech32($decoded->address),
);

$valid = UserVerifier::fromAddress(Address::fromBech32($decoded->address))
->verify(new Bytes($verifiable->serializeForSigning()), new Bytes($verifiable->signature->hex()), $verifiable->address->getPublicKey());
}

throw_unless($valid, NativeAuthInvalidSignatureException::class);

return new NativeAuthValidateResult(
1 change: 0 additions & 1 deletion src/Multiversx.php
Original file line number Diff line number Diff line change
@@ -27,7 +27,6 @@ public static function verifyNativeAuthToken(string $accessToken): NativeAuthVal
apiUrl: config('multiversx.urls.api') ?? throw new Exception('missing config: urls.api'),
acceptedOrigins: config('multiversx.native_auth.accepted_origins') ?? throw new Exception('missing native auth config: accepted_origins'),
maxExpirySeconds: config('multiversx.native_auth.max_expiry_seconds') ?? throw new Exception('missing native auth config: max_expiry_seconds'),
skipLegacyValidation: config('multiversx.native_auth.skip_legacy_validation') ?? throw new Exception('missing native auth config: skip_legacy_validation'),
);

return $nativeAuth->validate($accessToken);
2 changes: 0 additions & 2 deletions src/config.php
Original file line number Diff line number Diff line change
@@ -33,7 +33,5 @@
],

'max_expiry_seconds' => 86400,

'skip_legacy_validation' => false,
],
];

0 comments on commit da0bd09

Please sign in to comment.