Merge pull request #73 from tuum-tech/audit-fixes

Audit fixes

packages/backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tuum-tech/identity-snap-example-backend",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": " A basic starter for an express.js API with Typescript",
   "keywords": [],
   "repository": {

packages/site/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tuum-tech/identity-snap-example-site",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "private": true,
   "license": "(MIT-0 OR Apache-2.0)",
   "scripts": {
@@ -27,7 +27,7 @@
   "dependencies": {
     "@metamask/providers": "10.2.1",
     "@react-oauth/google": "^0.7.0",
-    "@tuum-tech/identity-snap": "1.3.2",
+    "@tuum-tech/identity-snap": "1.4.0",
     "@veramo/core": "5.0.1-next.12",
     "axios": "^1.2.4",
     "bootstrap": "^5.2.3",

packages/site/src/App.tsx

@@ -4,10 +4,10 @@ import styled from 'styled-components';
 import { Footer, Header, Modal } from './components/base';
 
 import 'bootstrap/dist/css/bootstrap.min.css';
+import { ToggleThemeContext } from './Root';
 import { GlobalStyle } from './config/theme';
 import { ModalContextProvider } from './contexts/ModalContext';
 import { VcContextProvider } from './contexts/VcContext';
-import { ToggleThemeContext } from './Root';
 
 const Wrapper = styled.div`
   display: flex;

packages/site/src/components/cards/ConfigureGoogleAccount.tsx

@@ -42,14 +42,15 @@ const ConfigureGoogleAccount: FC<Props> = ({
       const externalAccountParams =
         externalAccountRef.current?.handleGetAccountParams();
 
-      await configureGoogleAccount(
+      const configured = await configureGoogleAccount(
         metamaskAddress,
         tokenResponse.access_token,
         externalAccountParams,
       );
+      console.log('Google Drive Configured: ', configured);
       showModal({
-        title: 'Google Account Configuration',
-        content: 'Google Account configuration was successful!',
+        title: 'Verify VC',
+        content: `Google Drive Configured: ${configured}`,
       });
       setLoading(false);
     },

packages/site/src/utils/snap.ts

@@ -29,16 +29,23 @@ export const getSnaps = async (): Promise<GetSnapsResponse> => {
  * @param snapId - The ID of the snap, params - The params to pass with the snap to connect.
  */
 export const connectSnap = async (snapId: string = defaultSnapId) => {
-  const identitySnap = await window.ethereum.request({
-    method: 'wallet_requestSnaps',
-    params: {
-      [snapId]: { version: 'latest' },
-    },
-  });
-  console.log('Identity Snap Details: ', JSON.stringify(identitySnap, null, 4));
-  const account = await getCurrentMetamaskAccount();
-  console.log('Metamask account: ', account);
-  return account;
+  try {
+    const identitySnap = await window.ethereum.request({
+      method: 'wallet_requestSnaps',
+      params: {
+        [snapId]: {},
+      },
+    });
+    console.log(
+      'Identity Snap Details: ',
+      JSON.stringify(identitySnap, null, 4),
+    );
+    const account = await getCurrentMetamaskAccount();
+    console.log('Metamask account: ', account);
+    return account;
+  } catch (error) {
+    console.log('Could not connect to Identity Snap: ', error);
+  }
 };
 
 /**

packages/snap/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tuum-tech/identity-snap",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "A snap for managing Decentralized Identifiers(DIDs)",
   "keywords": [
     "MetaMask",

packages/snap/snap.manifest.json

@@ -1,13 +1,13 @@
 {
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "A snap for managing Decentralized Identifiers(DIDs)",
   "proposedName": "Identity Snap",
   "repository": {
     "type": "git",
     "url": "https://github.com/tuum-tech/identity-snap.git"
   },
   "source": {
-    "shasum": "lig35r9xEwMpB4sEN0D1YyF6pQY3sP9F6BVFD5cNSUg=",
+    "shasum": "PtVptDi9xAIHeF+j1A+2voTxLwOu+mPfqhYXdCazDUs=",
     "location": {
       "npm": {
         "filePath": "dist/snap.js",

packages/snap/src/index.ts

@@ -1,5 +1,5 @@
 import { OnRpcRequestHandler } from '@metamask/snaps-types';
-import { heading, panel, text } from '@metamask/snaps-ui';
+import { heading, text } from '@metamask/snaps-ui';
 import { Account, ExternalAccount, IdentitySnapParams } from './interfaces';
 import { getAccountInfo } from './rpc/account/getAccountInfo';
 import { getAvailableDIDMethods } from './rpc/did/getAvailableDIDMethods';
@@ -20,6 +20,7 @@ import { syncGoogleVCs } from './rpc/vc/syncGoogleVCs';
 import { verifyVC } from './rpc/vc/verifyVC';
 import { verifyVP } from './rpc/vc/verifyVP';
 import { getCurrentAccount } from './snap/account';
+import { generateCommonPanel } from './snap/dialog';
 import { getSnapStateUnchecked } from './snap/state';
 import { CreateNewHederaAccountRequestParams } from './types/params';
 import { init } from './utils/init';
@@ -89,6 +90,7 @@ export const onRpcRequest: OnRpcRequestHandler = async ({
   );
 
   const identitySnapParams: IdentitySnapParams = {
+    origin,
     snap,
     state,
     metamask: ethereum,
@@ -107,8 +109,8 @@ export const onRpcRequest: OnRpcRequestHandler = async ({
             - 'prompt': for inputting some information.
           */
           type: 'alert',
-          content: panel([
-            heading(`Hello, ${origin}!`),
+          content: await generateCommonPanel(origin, [
+            heading('Hello from Identity Snap!'),
             text('This custom alert is just for display purposes.'),
           ]),
         },

packages/snap/src/interfaces.ts

@@ -60,15 +60,21 @@ export type IdentityAccountState = {
   extraData?: unknown;
 };
 
+export type GoogleUserInfo = {
+  accessToken: string;
+  email: string;
+};
+
 export type IdentityAccountConfig = {
   identity: {
     didMethod: string;
     vcStore: string;
-    googleAccessToken: string;
+    googleUserInfo: GoogleUserInfo;
   };
 };
 
 export type IdentitySnapParams = {
+  origin: string;
   snap: SnapsGlobalObject;
   state: IdentitySnapState;
   metamask: MetaMaskInpageProvider;

packages/snap/src/plugins/veramo/google-drive-data-store/src/googleDriveVCStore.ts

@@ -31,11 +31,14 @@ export class GoogleDriveVCStore extends AbstractDataStore {
 
   accessToken: string;
 
+  email: string;
+
   constructor(snap: SnapsGlobalObject, state: IdentitySnapState) {
     super();
     this.snap = snap;
     this.state = state;
     this.accessToken = '';
+    this.email = '';
   }
 
   async queryVC(args: IFilterArgs): Promise<IQueryResult[]> {
@@ -258,8 +261,9 @@ export class GoogleDriveVCStore extends AbstractDataStore {
 
   public async configure({ accessToken }: IConfigureArgs): Promise<boolean> {
     try {
-      await verifyToken(accessToken);
+      const email = await verifyToken(accessToken);
       this.accessToken = accessToken;
+      this.email = email;
 
       return true;
     } catch (error) {

packages/snap/src/plugins/veramo/google-drive-data-store/src/googleUtils.ts

@@ -6,7 +6,7 @@ type UploadData = {
 export const GOOGLE_DRIVE_VCS_FILE_NAME = 'identity-snap-vcs.json';
 const BOUNDARY = '314159265358979323846';
 
-export const verifyToken = async (accessToken: string) => {
+export const verifyToken = async (accessToken: string): Promise<string> => {
   try {
     const res = await fetch(
       `https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=${accessToken}`,
@@ -18,9 +18,9 @@ export const verifyToken = async (accessToken: string) => {
     if (res.status !== 200) {
       throw new Error(data.error_description);
     }
-    console.log('VerifyToken: ', { data: JSON.stringify(data) });
+    console.log('VerifyToken data: ', JSON.stringify(data, null, 4));
 
-    return true;
+    return data.email;
   } catch (error) {
     console.error(`Failed to verify token: ${error}`);
     throw new Error(`Failed to verify token: ${error}`);
@@ -39,7 +39,7 @@ const searchFile = async (accessToken: string, fileName: string) => {
       },
     );
     const data = await res.json();
-    console.log('searchFile: ', { data: JSON.stringify(data) });
+    console.log('searchFile data: ', JSON.stringify(data, null, 4));
 
     const count = data.files.length;
 

packages/snap/src/rpc/did/switchDIDMethod.ts

@@ -1,6 +1,6 @@
-import { divider, heading, panel, text } from '@metamask/snaps-ui';
+import { divider, heading, text } from '@metamask/snaps-ui';
 import { IdentitySnapParams, SnapDialogParams } from '../../interfaces';
-import { snapDialog } from '../../snap/dialog';
+import { generateCommonPanel, snapDialog } from '../../snap/dialog';
 import { getAccountStateByCoinType, updateSnapState } from '../../snap/state';
 import { availableMethods, isValidMethod } from '../../types/constants';
 
@@ -33,7 +33,7 @@ export async function switchDIDMethod(
   if (method !== didMethod) {
     const dialogParams: SnapDialogParams = {
       type: 'confirmation',
-      content: panel([
+      content: await generateCommonPanel(origin, [
         heading('Switch to a different DID method to use'),
         text('Would you like to change did method to the following?'),
         divider(),

packages/snap/src/rpc/gdrive/configureGoogleAccount.ts

@@ -1,24 +1,59 @@
-import { GoogleToken, IdentitySnapParams } from '../../interfaces';
+import { divider, heading, text } from '@metamask/snaps-ui';
+import {
+  GoogleToken,
+  IdentitySnapParams,
+  SnapDialogParams,
+} from '../../interfaces';
 import { verifyToken } from '../../plugins/veramo/google-drive-data-store';
+import { generateCommonPanel, snapDialog } from '../../snap/dialog';
 import { getCurrentCoinType, updateSnapState } from '../../snap/state';
 
 export const configureGoogleAccount = async (
   identitySnapParams: IdentitySnapParams,
   { accessToken }: GoogleToken,
 ) => {
-  const { snap, state, account } = identitySnapParams;
+  const { origin, snap, state, account } = identitySnapParams;
   try {
-    await verifyToken(accessToken);
+    const newGUserEmail = await verifyToken(accessToken);
     const coinType = await getCurrentCoinType();
-    state.accountState[coinType][
-      account.evmAddress
-    ].accountConfig.identity.googleAccessToken = accessToken;
-    console.log('new state: ', JSON.stringify(state, null, 4));
-    await updateSnapState(snap, state);
-    return true;
+
+    const currentGUserInfo =
+      state.accountState[coinType][account.evmAddress].accountConfig.identity
+        .googleUserInfo;
+
+    const dialogParams: SnapDialogParams = {
+      type: 'confirmation',
+      content: await generateCommonPanel(origin, [
+        heading('Configure Google Drive'),
+        text('Would you like to change your Google account to the following?'),
+        divider(),
+        text(
+          `Current Gdrive account: ${
+            currentGUserInfo.email ? currentGUserInfo.email : 'Not yet set'
+          }`,
+        ),
+        text(`New Gdrive account: ${newGUserEmail}`),
+      ]),
+    };
+
+    const result = await snapDialog(snap, dialogParams);
+    if (result) {
+      state.accountState[coinType][
+        account.evmAddress
+      ].accountConfig.identity.googleUserInfo.accessToken = accessToken;
+
+      state.accountState[coinType][
+        account.evmAddress
+      ].accountConfig.identity.googleUserInfo.email = newGUserEmail;
+
+      console.log('new state: ', JSON.stringify(state, null, 4));
+      await updateSnapState(snap, state);
+      return true;
+    }
+    return false;
   } catch (error) {
     console.error(
-      'Could not configure google account',
+      'Could not configure Google Drive',
       JSON.stringify(error, null, 4),
     );
     throw error;

packages/snap/src/rpc/snap/togglePopups.ts

@@ -1,6 +1,10 @@
-import { heading, panel, text } from '@metamask/snaps-ui';
+import { heading, text } from '@metamask/snaps-ui';
 import { IdentitySnapParams, SnapDialogParams } from '../../interfaces';
-import { snapDialog, updatePopups } from '../../snap/dialog';
+import {
+  generateCommonPanel,
+  snapDialog,
+  updatePopups,
+} from '../../snap/dialog';
 
 /**
  * Function to toggle popups.
@@ -10,13 +14,13 @@ import { snapDialog, updatePopups } from '../../snap/dialog';
 export async function togglePopups(
   identitySnapParams: IdentitySnapParams,
 ): Promise<boolean> {
-  const { snap, state } = identitySnapParams;
+  const { origin, snap, state } = identitySnapParams;
   const { disablePopups } = state.snapConfig.dApp;
 
   const toggleTextToShow = disablePopups ? 'enable' : 'disable';
   const dialogParams: SnapDialogParams = {
     type: 'confirmation',
-    content: panel([
+    content: await generateCommonPanel(origin, [
       heading('Toggle Popups'),
       text(`Would you like to ${toggleTextToShow} the popups?`),
     ]),

packages/snap/src/rpc/vc/createVC.ts

@@ -1,4 +1,4 @@
-import { divider, heading, panel, text } from '@metamask/snaps-ui';
+import { divider, heading, text } from '@metamask/snaps-ui';
 import { ProofFormat, W3CVerifiableCredential } from '@veramo/core';
 import cloneDeep from 'lodash.clonedeep';
 import { v4 as uuidv4 } from 'uuid';
@@ -9,7 +9,7 @@ import {
   ISaveVC,
   SaveOptions,
 } from '../../plugins/veramo/verifiable-creds-manager';
-import { snapDialog } from '../../snap/dialog';
+import { generateCommonPanel, snapDialog } from '../../snap/dialog';
 import { getCurrentNetwork } from '../../snap/network';
 import { getAccountStateByCoinType } from '../../snap/state';
 import {
@@ -28,7 +28,7 @@ export async function createVC(
   identitySnapParams: IdentitySnapParams,
   vcRequestParams: CreateVCRequestParams,
 ): Promise<CreateVCResponseResult> {
-  const { snap, state, metamask, account } = identitySnapParams;
+  const { origin, snap, state, metamask, account } = identitySnapParams;
 
   // Get Veramo agent
   const agent = await getVeramoAgent(snap, state);
@@ -47,7 +47,7 @@ export async function createVC(
 
   const dialogParams: SnapDialogParams = {
     type: 'confirmation',
-    content: panel([
+    content: await generateCommonPanel(origin, [
       heading('Create Verifiable Credential'),
       text('Would you like to create and save the following VC in the snap?'),
       divider(),
@@ -104,7 +104,8 @@ export async function createVC(
     const saved: IDataManagerSaveResult[] = await agent.saveVC({
       data: [{ vc: verifiableCredential, id: uuidv4() }] as ISaveVC[],
       options: optionsFiltered,
-      accessToken: accountState.accountConfig.identity.googleAccessToken,
+      accessToken:
+        accountState.accountConfig.identity.googleUserInfo.accessToken,
     });
 
     // Retrieve the created Verifiable Credential