Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication providers #531

Merged
merged 11 commits into from
Jun 26, 2024
Merged

Authentication providers #531

merged 11 commits into from
Jun 26, 2024

Conversation

piotr-roslaniec
Copy link
Contributor

@piotr-roslaniec piotr-roslaniec commented Jun 13, 2024
edited
Loading

Type of PR:

  • Feature
  • Other

Required reviews:

  • 2

What this does:

  • Introduces authentication providers to be used internally
  • Exposes auth providers to internal APIs - No changs in user-facing TACo API
  • Exposes method to discover required context parameters from condition context

Issues fixed/closed:

  • Fixes #...

Why it's needed:

Explain how this PR fits in the greater context of the NuCypher Network.
E.g., if this PR address a nucypher/productdev issue, let reviewers know!

Notes for reviewers:

What should reviewers focus on?
Is there a particular commit/function/section of your PR that requires more attention from reviewers?

@piotr-roslaniec piotr-roslaniec mentioned this pull request Jun 13, 2024
Merged
17 tasks
@piotr-roslaniec piotr-roslaniec marked this pull request as ready for review June 19, 2024 07:38
derekpierre
derekpierre reviewed Jun 19, 2024
View reviewed changes
packages/taco-auth/src/providers/eip4361.ts
private readonly storage: LocalStorage;

constructor(
// TODO: We only need the provider to fetch the chainId, consider removing it
private readonly provider: ethers.providers.Provider,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like the only reason for provider is to get the chain id, but isn't this available via the signer - https://docs.ethers.org/v5/api/signer/#Signer-getChainId;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's correct. Signer is only to sign things, provider is to maintain communication with an external RPC / RPC provider

packages/taco/src/conditions/context/context.ts Outdated Show resolved Hide resolved
packages/taco/src/taco.ts
@@ -153,6 +154,8 @@ export const decrypt = async (
messageKit.acp.publicKey,
);
const ritual = await DkgClient.getActiveRitual(provider, domain, ritualId);
// TODO: Temporary helper method to keep the external taco.ts decrypt function simple
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the long-term plan/vision for the TODO?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To expose authentication providers in the user-facing TACo API once we are ready to release. This is going to be a breaking change and it makes sense to bundle it with other auth-related changes, and maybe context parameters refactor (more user-facing API).

@derekpierre
Copy link
Member

Exposes method to discover required context parameters from condition context

More of a general question and something I may have missed - how is the above done by apps?

@piotr-roslaniec piotr-roslaniec mentioned this pull request Jun 21, 2024
Merged
@derekpierre derekpierre mentioned this pull request Jun 21, 2024
Merged
derekpierre
derekpierre approved these changes Jun 24, 2024
View reviewed changes
Copy link
Member

@derekpierre derekpierre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎸

packages/taco-auth/src/providers/eip4361.ts
@@ -53,6 +54,7 @@ export class EIP4361SignatureProvider {
return { signature, address, scheme, typedData: message };
}

// TODO: Create a facility to set these parameters or expose them to the user
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we haven't already, we should track this in an issue somewhere. L70 is particularly concerning - it's unclear how generic it is, as opposed to specific to the taco-composedb demo.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will do that on the back of exposing authentication providers from taco.

Created: #533

@piotr-roslaniec piotr-roslaniec merged commit 2a1a25b into nucypher:epic-auth Jun 26, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derekpierre derekpierre derekpierre approved these changes

@KPrasch KPrasch Awaiting requested review from KPrasch

@cygnusv cygnusv Awaiting requested review from cygnusv

@theref theref Awaiting requested review from theref

@manumonti manumonti Awaiting requested review from manumonti

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@piotr-roslaniec @derekpierre