Skip to content

Commit

Permalink
remove legacy auth validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@michavie
michavie committed Feb 28, 2024
1 parent 024103f commit da0bd09
Show file tree
Hide file tree
Showing 3 changed files with 0 additions and 15 deletions.
12 changes: 0 additions & 12 deletions src/Auth/NativeAuthServer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ public function __construct(
public ?string $apiUrl = null,
public array $acceptedOrigins = [],
public int $maxExpirySeconds = 86400,
public bool $skipLegacyValidation = false,
) {
}

Expand Down Expand Up @@ -71,17 +70,6 @@ public function validate(string $accessToken): NativeAuthValidateResult
$valid = UserVerifier::fromAddress(Address::fromBech32($decoded->address))
->verify(new Bytes($verifiable->serializeForSigning()), new Bytes($verifiable->signature->hex()), $verifiable->address->getPublicKey());

if (! $valid && ! $this->skipLegacyValidation) {
$verifiable = new SignableMessage(
message: "{$decoded->address}{$decoded->body}{}",
signature: new Signature($decoded->signature),
address: Address::fromBech32($decoded->address),
);

$valid = UserVerifier::fromAddress(Address::fromBech32($decoded->address))
->verify(new Bytes($verifiable->serializeForSigning()), new Bytes($verifiable->signature->hex()), $verifiable->address->getPublicKey());
}

throw_unless($valid, NativeAuthInvalidSignatureException::class);

return new NativeAuthValidateResult(
Expand Down
1 change: 0 additions & 1 deletion src/Multiversx.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ public static function verifyNativeAuthToken(string $accessToken): NativeAuthVal
apiUrl: config('multiversx.urls.api') ?? throw new Exception('missing config: urls.api'),
acceptedOrigins: config('multiversx.native_auth.accepted_origins') ?? throw new Exception('missing native auth config: accepted_origins'),
maxExpirySeconds: config('multiversx.native_auth.max_expiry_seconds') ?? throw new Exception('missing native auth config: max_expiry_seconds'),
skipLegacyValidation: config('multiversx.native_auth.skip_legacy_validation') ?? throw new Exception('missing native auth config: skip_legacy_validation'),
);

return $nativeAuth->validate($accessToken);
Expand Down
2 changes: 0 additions & 2 deletions src/config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,5 @@
],

'max_expiry_seconds' => 86400,

'skip_legacy_validation' => false,
],
];

0 comments on commit da0bd09

Please sign in to comment.