Merge pull request #435 from stellar/add-memo-to-new-challenge

1. Add memo field to Sep10Challenge.newChallenge() 2. Verify memo field in Sep10Challenge.newChallenge() and readChallengeTransaction()
lightsail-network · May 27, 2022 · d364100 · d364100
2 parents 2bca9e1 + c087775
commit d364100
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 14 deletions.
diff --git a/build.gradle b/build.gradle
@@ -13,7 +13,7 @@ plugins {
 }
 
 sourceCompatibility = 1.6
-version = '0.33.0'
+version = '0.34.0'
 group = 'stellar'
 jar.enabled = false
 

diff --git a/src/main/java/org/stellar/sdk/Sep10Challenge.java b/src/main/java/org/stellar/sdk/Sep10Challenge.java
@@ -49,18 +49,19 @@ public static Transaction newChallenge(
  return newChallenge(signer, network, clientAccountId, domainName, webAuthDomain, timebounds, "", "");
  }
 
- /**
- * Returns a valid <a href="https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md#response" target="_blank">SEP 10</a> challenge, for use in web authentication.
- *
- * @param signer The server's signing account.
- * @param network The Stellar network used by the server.
- * @param clientAccountId The stellar account belonging to the client.
- * @param domainName The <a href="https://en.wikipedia.org/wiki/Fully_qualified_domain_name" target="_blank">fully qualified domain name</a> of the service requiring authentication.
- * @param webAuthDomain The fully qualified domain name of the service issuing the challenge.
- * @param timebounds The lifetime of the challenge token.
- * @param clientDomain The domain of the client application requesting authentication.
- * @param clientSigningKey The stellar account listed as the SIGNING_KEY on the client domain's TOML file.
- */
+ /**
+ * Returns a valid <a href="https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md#response" target="_blank">SEP 10</a> challenge, for use in web authentication.
+ *
+ * @param signer The server's signing account.
+ * @param network The Stellar network used by the server.
+ * @param clientAccountId The stellar account belonging to the client.
+ * @param domainName The <a href="https://en.wikipedia.org/wiki/Fully_qualified_domain_name" target="_blank">fully qualified domain name</a> of the service requiring authentication.
+ * @param webAuthDomain The fully qualified domain name of the service issuing the challenge.
+ * @param timebounds The lifetime of the challenge token.
+ * @param clientDomain The domain of the client application requesting authentication.
+ * @param clientSigningKey The stellar account listed as the SIGNING_KEY on the client domain's TOML file.
+ * @param memo The memo of the challenge transaction.
+ */
  public static Transaction newChallenge(
  KeyPair signer,
  Network network,
@@ -69,7 +70,8 @@ public static Transaction newChallenge(
  String webAuthDomain,
  TimeBounds timebounds,
  String clientDomain,
- String clientSigningKey
+ String clientSigningKey,
+ Memo memo
  ) throws InvalidSep10ChallengeException {
  byte[] nonce = new byte[48];
  SecureRandom random = new SecureRandom();
@@ -99,6 +101,13 @@ public static Transaction newChallenge(
  .addOperation(domainNameOperation)
  .addOperation(webAuthDomainOperation);
 
+ if (memo != null) {
+ if (!(memo instanceof MemoId)) {
+ throw new InvalidSep10ChallengeException("only memo type `id` is supported");
+ }
+ builder.addMemo(memo);
+ }
+
  if (!clientSigningKey.isEmpty()) {
  if (StrKey.decodeVersionByte(clientSigningKey) != StrKey.VersionByte.ACCOUNT_ID) {
  throw new InvalidSep10ChallengeException(clientSigningKey + " is not a valid account id");
@@ -114,6 +123,32 @@ public static Transaction newChallenge(
  return transaction;
  }
 
+
+ /**
+ * Returns a valid <a href="https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0010.md#response" target="_blank">SEP 10</a> challenge, for use in web authentication.
+ *
+ * @param signer The server's signing account.
+ * @param network The Stellar network used by the server.
+ * @param clientAccountId The stellar account belonging to the client.
+ * @param domainName The <a href="https://en.wikipedia.org/wiki/Fully_qualified_domain_name" target="_blank">fully qualified domain name</a> of the service requiring authentication.
+ * @param webAuthDomain The fully qualified domain name of the service issuing the challenge.
+ * @param timebounds The lifetime of the challenge token.
+ * @param clientDomain The domain of the client application requesting authentication.
+ * @param clientSigningKey The stellar account listed as the SIGNING_KEY on the client domain's TOML file.
+ */
+ public static Transaction newChallenge(
+ KeyPair signer,
+ Network network,
+ String clientAccountId,
+ String domainName,
+ String webAuthDomain,
+ TimeBounds timebounds,
+ String clientDomain,
+ String clientSigningKey
+ ) throws InvalidSep10ChallengeException {
+ return newChallenge(signer, network, clientAccountId, domainName, webAuthDomain, timebounds, clientDomain, clientSigningKey, null);
+ }
+
  /**
  * Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
  * <p>
@@ -162,6 +197,11 @@ public static ChallengeTransaction readChallengeTransaction(String challengeXdr,
  throw new InvalidSep10ChallengeException("The transaction sequence number should be zero.");
  }
 
+ Memo memo = transaction.getMemo();
+ if (memo != null && !(memo instanceof MemoNone || memo instanceof MemoId)) {
+ throw new InvalidSep10ChallengeException("only memo type `id` is supported");
+ }
+
  long maxTime = transaction.getTimeBounds().getMaxTime();
  long minTime = transaction.getTimeBounds().getMinTime();
  if (maxTime == 0L) {