diff --git a/packages/dapp-toolkit/src/helpers/index.ts b/packages/dapp-toolkit/src/helpers/index.ts index 7b25489c..840c47ae 100644 --- a/packages/dapp-toolkit/src/helpers/index.ts +++ b/packages/dapp-toolkit/src/helpers/index.ts @@ -9,4 +9,5 @@ export * from './typed-error' export * from './unwrap-observable' export * from './validate-wallet-response' export * from './generate-rola-challenge' +export * from './validate-rola-challenge' export * from './parse-signed-challenge' diff --git a/packages/dapp-toolkit/src/helpers/validate-rola-challenge.spec.ts b/packages/dapp-toolkit/src/helpers/validate-rola-challenge.spec.ts new file mode 100644 index 00000000..6883f28b --- /dev/null +++ b/packages/dapp-toolkit/src/helpers/validate-rola-challenge.spec.ts @@ -0,0 +1,32 @@ +import { describe, expect, it } from 'vitest' +import { validateRolaChallenge } from './validate-rola-challenge' + +describe('validateRolaChallenge', () => { + const validTestVectors = [ + '3f30f8d67ca69af8b646170d6ddd0a16cb501dcb7d457d0b49ef78a5d1b4beac', + '0a6a5b8beac0e56b8613f1b1a08223b3986aa28b9acc81d16493c75a428f436e', + '2455077b5bb93e1d5c9816513c3385b88293d91b9d44ed6bd652764834eb997a', + '2455077b5BB93e1d5c9816513c3385b88293d91b9d44ed6BD652764834eb997a', + ] + + const invalidTestVectors = [ + 'abc', + '', + undefined, + null, + {}, + '3f30f8d67ca69af8b646170d6ddd0a16cb501dcb7d457d0b49ef78a5d1b4beacz', + ] + + it('should return true for valid challenge', () => { + validTestVectors.forEach((challenge) => { + expect(validateRolaChallenge(challenge)).toBe(true) + }) + }) + + it('should return false for invalid challenge', () => { + invalidTestVectors.forEach((challenge) => { + expect(validateRolaChallenge(challenge)).toBe(false) + }) + }) +}) diff --git a/packages/dapp-toolkit/src/helpers/validate-rola-challenge.ts b/packages/dapp-toolkit/src/helpers/validate-rola-challenge.ts new file mode 100644 index 00000000..cf57079b --- /dev/null +++ b/packages/dapp-toolkit/src/helpers/validate-rola-challenge.ts @@ -0,0 +1,2 @@ +export const validateRolaChallenge = (challenge?: unknown) => + typeof challenge === 'string' && /^[0-9a-f]{64}$/i.test(challenge); \ No newline at end of file diff --git a/packages/dapp-toolkit/src/modules/wallet-request/wallet-request.ts b/packages/dapp-toolkit/src/modules/wallet-request/wallet-request.ts index 7fa2883c..2e05c099 100644 --- a/packages/dapp-toolkit/src/modules/wallet-request/wallet-request.ts +++ b/packages/dapp-toolkit/src/modules/wallet-request/wallet-request.ts @@ -9,7 +9,7 @@ import { switchMap, tap, } from 'rxjs' -import type { Logger } from '../../helpers' +import { validateRolaChallenge, type Logger } from '../../helpers' import { TransactionStatus } from '../gateway' import { Result, ResultAsync, err, ok, okAsync } from 'neverthrow' import type { @@ -181,6 +181,10 @@ export const WalletRequestModule = (input: { return ResultAsync.fromPromise(challengeGeneratorFn(), () => SdkError('ChallengeGeneratorError', '', 'failed to generate challenge'), + ).andThen((challenge) => + validateRolaChallenge(challenge) + ? ok(challenge) + : err(SdkError('ChallengeValidationError', '', 'challenge is invalid')), ) }