PR #11883 - changes from review

Signed-off-by: Lachlan Roberts <lachlan.p.roberts@gmail.com>
2024-07-25 10:28:49 +10:00 · 2024-07-25 10:28:49 +10:00 · 44286feae6
parent 2f668353ac
commit 44286feae6
5 changed files with 5 additions and 64 deletions
--- a/jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
+++ b/jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
@ -313,8 +313,6 @@ public abstract class SecurityHandler extends Handler.Wrapper implements Configu
    protected void doStart()
        throws Exception
    {
-        Context context1 = ContextHandler.getCurrentContext();
-
        // complicated resolution of login and identity service to handle
        // many different ways these can be constructed and injected.

--- a/jetty-core/jetty-siwe/src/main/java/module-info.java
+++ b/jetty-core/jetty-siwe/src/main/java/module-info.java
@ -11,10 +11,15 @@
 // ========================================================================
 //

+import org.eclipse.jetty.security.Authenticator;
+import org.eclipse.jetty.security.siwe.EthereumAuthenticatorFactory;
+
 module org.eclipse.jetty.siwe
 {
    requires transitive org.eclipse.jetty.security;
    requires org.bouncycastle.provider;

    exports org.eclipse.jetty.security.siwe;
+
+    provides Authenticator.Factory with EthereumAuthenticatorFactory;
 }
--- a/jetty-core/jetty-siwe/src/main/java/org/eclipse/jetty/security/siwe/EthereumAuthenticator.java
+++ b/jetty-core/jetty-siwe/src/main/java/org/eclipse/jetty/security/siwe/EthereumAuthenticator.java
@ -559,8 +559,6 @@ public class EthereumAuthenticator extends LoginAuthenticator implements Dumpabl
                }
            }

-            // TODO: verify the sessionID is obtained from a cookie.
-
            if (isNonceRequest(uri))
                return handleNonceRequest(request, response, callback);
            if (isAuthenticationRequest(uri))
--- a/jetty-core/jetty-siwe/src/test/java/org/eclipse/jetty/security/siwe/example/SignInWithEthereumEmbeddedExample.java
+++ b/jetty-core/jetty-siwe/src/test/java/org/eclipse/jetty/security/siwe/example/SignInWithEthereumEmbeddedExample.java
@ -89,7 +89,6 @@ public class SignInWithEthereumEmbeddedExample

        server.setHandler(contextHandler);
        server.start();
-        System.err.println(resourceHandler.getBaseResource());
        server.join();
    }

--- a/jetty-ee10/jetty-ee10-tests/jetty-ee10-test-siwe-webapp/src/main/webapp/login.html
+++ b/jetty-ee10/jetty-ee10-tests/jetty-ee10-test-siwe-webapp/src/main/webapp/login.html
@ -1,59 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Sign-In with Ethereum</title>
-    <script src="https://cdn.jsdelivr.net/npm/web3@1.6.1/dist/web3.min.js"></script>
-</head>
-<body>
-<h4>Sign-In with Ethereum</h4>
-<button id="siwe">Sign-In with Ethereum</button>
-<form id="loginForm" action="/auth/login" method="POST" style="display: none;">
-    <input type="hidden" id="signatureField" name="signature">
-    <input type="hidden" id="messageField" name="message">
-</form>
-<p class="alert" style="display: none;">Result: <span id="siweResult"></span></p>
-
-<script>
-    let provider = window.ethereum;
-    let accounts;
-
-    if (!provider) {
-        document.getElementById('siweResult').innerText = 'MetaMask is not installed. Please install MetaMask to use this feature.';
-    } else {
-        document.getElementById('siwe').addEventListener('click', async () => {
-            try {
-                // Request account access if needed
-                accounts = await provider.request({ method: 'eth_requestAccounts' });
-                const domain = window.location.host;
-                const from = accounts[0];
-
-                // Fetch nonce from the server
-                const nonceResponse = await fetch('/auth/nonce');
-                const nonceData = await nonceResponse.json();
-                const nonce = nonceData.nonce;
-
-                const siweMessage = `${domain} wants you to sign in with your Ethereum account:\n${from}\n\nI accept the MetaMask Terms of Service: https://community.metamask.io/tos\n\nURI: https://${domain}\nVersion: 1\nChain ID: 1\nNonce: ${nonce}\nIssued At: ${new Date().toISOString()}`;
-                const signature = await provider.request({
-                    method: 'personal_sign',
-                    params: [siweMessage, from]
-                });
-                console.log("signature: " + signature)
-                console.log("nonce: " + nonce)
-                console.log("length: " + length)
-                console.log("siweMessage: " + siweMessage)
-
-                document.getElementById('signatureField').value = signature;
-                document.getElementById('messageField').value = siweMessage;
-                document.getElementById('loginForm').submit();
-            } catch (error) {
-                console.error('Error during login:', error);
-                document.getElementById('siweResult').innerText = `Error: ${error.message}`;
-                document.getElementById('siweResult').parentElement.style.display = 'block';
-            }
-        });
-    }
-</script>
-</body>
-</html>