feat: e2e api #102
feat: e2e api #102
Conversation
| ) | ||
| class ExtensionDappSecurityContext extends DappSecurityContext { | ||
| constructor(private extensionId: string) { | ||
| super(extensionId) |
There was a problem hiding this comment.
maybe this will cause problem for allowed the storage key length. can you check what is the limit for that? Maybe would be better, if we transform the ID here to some prefixed and trimmed ID
|
|
||
| this.securityContexts[sessionId] = new DappSecurityContext(tabId, frameId, frameContentRoot, originContentRoot) | ||
| if (this.isSenderExtension(sender)) { | ||
| context = new ExtensionDappSecurityContext(String(sessionId)) |
There was a problem hiding this comment.
here the sessionId is the extension ID?
There was a problem hiding this comment.
I'm telling you because the ExtensionDappSecurityContext has extensionId parameter naming
There was a problem hiding this comment.
| context = new ExtensionDappSecurityContext(String(sessionId)) | |
| context = new ExtensionDappSecurityContext(sessionId) |
There was a problem hiding this comment.
Actually, this sessionId/extensionId is not needed at all.
| action: A | ||
| sessionId: string | ||
| parameters: P | ||
| eventId?: string |
There was a problem hiding this comment.
So overall I think then ExtensionDappSecurityContext does not need to extend DappSecurityContext because in this form as you modified it only handles storage that external extensions do not use. Can we split then DappSecurityContext into a new abstract class that defines isValid method?
The storage related methods of DappSessionManager could throw error if it wants to use storage actions with extension context or something similar like this.
|
OK. Then to remove the |
|
now the context only relates to handling storage space, but later it also could track requests and limiting the allowed usage towards the Bee node or pair different API authorization tokens to different contexts. the Extension(s) also need security context, but for now it only has |
|
Can we revive this? Maybe it can be merged once the linter issues are solved. WDYT @nugaon @tomicvladan ? |
|
Hey @vojtechsimetka , now the linter error is fixed and I think it can be merged. |
| private handleBzzLinkProtocolToFakeUrl(request: RequestType): string | null { | ||
| const { | ||
| sessionId, | ||
| parameters: { url, newPage }, | ||
| } = request as BzzLinkProtocolToFakeUrlRequest | ||
|
|
||
| return bzzProtocolToFakeUrl(url, sessionId, newPage) | ||
| } | ||
|
|
||
| private handleBzzLinkUrlToFakeUrl(request: RequestType): string | null { | ||
| const { | ||
| sessionId, | ||
| parameters: { bzzLinkUrl, newPage }, | ||
| } = request as BzzLinkLinkUrlToFakeUrlRequest | ||
|
|
||
| return bzzProtocolToFakeUrl(bzzLinkUrl, sessionId, newPage) | ||
| } | ||
|
|
||
| private handleBzzUrlToFakeUrl(request: RequestType): string | null { | ||
| const { | ||
| sessionId, | ||
| parameters: { url, newPage }, | ||
| } = request as BzzLinkUrlToFakeUrlRequest | ||
|
|
||
| return bzzProtocolToFakeUrl(url, sessionId, newPage) | ||
| } | ||
|
|
||
| private handleWeb2FakeBeeApiAddress(request: RequestType): string { | ||
| const { sessionId } = request | ||
|
|
||
| return appendSwarmSessionIdToUrl(fakeUrl.beeApiAddress, sessionId) | ||
| } | ||
|
|
||
| private handleWeb2FakeBzzAddress(request: RequestType): string { | ||
| const { | ||
| sessionId, | ||
| parameters: { reference }, | ||
| } = request as Web2HelprFakeBzzAddressRequest | ||
|
|
||
| return appendSwarmSessionIdToUrl(`${fakeUrl.bzzProtocol}/${reference}`, sessionId) | ||
| } |
There was a problem hiding this comment.
This logic could be completely on the other extension's side and you could save the async calls.
| @@ -56,19 +85,45 @@ class DappSecurityContext { | |||
| } | |||
| } | |||
|
|
|||
| class ExtensionDappSecurityContext extends DappSecurityContext { | |||
| constructor() { | |||
| super('extension') | |||
There was a problem hiding this comment.
this will mix two different and independent extension's context.
it should be distinguished by their extension id or only the blossom extension should be able to call the swarm-extension
There was a problem hiding this comment.
The ExtensionDappSecurityContext is actually stateless. If in the future we want to store some state, then we can use extension ID to distinguish different extensions.
Extension to extension API (#76)