@@ -18,7 +18,6 @@ use primitives::{
1818} ;
1919use reqwest:: Client ;
2020use serde:: { Deserialize , Serialize } ;
21- use serde_hex:: { SerHexOpt , StrictPfx } ;
2221use serde_json:: Value ;
2322use std:: convert:: TryFrom ;
2423use std:: error:: Error ;
@@ -223,17 +222,19 @@ impl Adapter for EthereumAdapter {
223222
224223 let sess = match & verified. payload . identity {
225224 Some ( identity) => {
226- let privilege = self . relayer . get_privilege ( identity) . await ?;
227-
228- if privilege > * PRIVILEGE_LEVEL_NONE {
229- return Err ( AdapterError :: Authorization (
230- "insufficient privilege" . to_string ( ) ,
231- ) ) ;
232- } else {
225+ if self
226+ . relayer
227+ . has_privileges ( & verified. from , identity)
228+ . await ?
229+ {
233230 Session {
234231 era : verified. payload . era ,
235- uid : identity. into ( ) ,
232+ uid : identity. to_owned ( ) ,
236233 }
234+ } else {
235+ return Err ( AdapterError :: Authorization (
236+ "insufficient privilege" . to_string ( ) ,
237+ ) ) ;
237238 }
238239 }
239240 None => Session {
@@ -282,30 +283,34 @@ impl RelayerClient {
282283 } )
283284 }
284285
285- pub async fn get_privilege ( & self , identity : & [ u8 ; 20 ] ) -> Result < u8 , AdapterError > {
286+ /// Checks whether there are any privileges (i.e. > 0)
287+ pub async fn has_privileges (
288+ & self ,
289+ from : & ValidatorId ,
290+ identity : & ValidatorId ,
291+ ) -> Result < bool , AdapterError > {
286292 use reqwest:: Response ;
287293 use std:: collections:: HashMap ;
288294
289295 let relay_url = format ! (
290296 "{}/identity/by-owner/{}" ,
291297 self . relayer_url,
292- hex :: encode ( identity )
298+ from . to_checksum ( )
293299 ) ;
294300
295- let identities_owned: HashMap < [ u8 ; 20 ] , u8 > = self
301+ let identities_owned: HashMap < ValidatorId , u8 > = self
296302 . client
297303 . get ( & relay_url)
298304 . send ( )
299305 . and_then ( |res : Response | res. json ( ) )
300306 . await
301307 . map_err ( |_| map_error ( "Fetching privileges failed" ) ) ?;
302308
303- let privilege = identities_owned
309+ let has_privileges = identities_owned
304310 . get ( identity)
305- . copied ( )
306- . unwrap_or_else ( || 0_u8 ) ;
311+ . map_or ( false , |privileges| * privileges > 0 ) ;
307312
308- Ok ( privilege )
313+ Ok ( has_privileges )
309314 }
310315}
311316
@@ -334,12 +339,8 @@ pub struct Payload {
334339 pub id : String ,
335340 pub era : i64 ,
336341 pub address : String ,
337- #[ serde(
338- default ,
339- skip_serializing_if = "Option::is_none" ,
340- with = "SerHexOpt::<StrictPfx>"
341- ) ]
342- pub identity : Option < [ u8 ; 20 ] > ,
342+ #[ serde( default , skip_serializing_if = "Option::is_none" ) ]
343+ pub identity : Option < ValidatorId > ,
343344}
344345
345346#[ derive( Clone , Debug ) ]
@@ -515,6 +516,33 @@ mod test {
515516 ) ;
516517 }
517518
519+ #[ tokio:: test]
520+ #[ ignore]
521+ async fn test_session_from_token ( ) {
522+ use primitives:: ToETHChecksum ;
523+ let identity = ValidatorId :: try_from ( "0x5B04DBc513F90CaAFAa09307Ad5e3C65EB4b26F0" ) . unwrap ( ) ;
524+
525+ let mut eth_adapter = setup_eth_adapter ( None ) ;
526+ eth_adapter. unlock ( ) . expect ( "should unlock eth adapter" ) ;
527+ let wallet = eth_adapter. wallet . clone ( ) ;
528+
529+ let era = Utc :: now ( ) . timestamp_millis ( ) as f64 / 60000.0 ;
530+ let payload = Payload {
531+ id : eth_adapter. whoami ( ) . to_checksum ( ) ,
532+ era : era. floor ( ) as i64 ,
533+ identity : Some ( identity. clone ( ) ) ,
534+ address : eth_adapter. whoami ( ) . to_checksum ( ) ,
535+ } ;
536+
537+ let token = ewt_sign ( & wallet. unwrap ( ) , & eth_adapter. keystore_pwd , & payload)
538+ . map_err ( |_| map_error ( "Failed to sign token" ) )
539+ . unwrap ( ) ;
540+
541+ let session: Session = eth_adapter. session_from_token ( & token) . await . unwrap ( ) ;
542+
543+ assert_eq ! ( session. uid, identity) ;
544+ }
545+
518546 #[ tokio:: test]
519547 async fn should_validate_valid_channel_properly ( ) {
520548 let ( _eloop, http) =
0 commit comments