Skip to content

Commit

Permalink
SEP-10: check for muxed accounts in verify_challenge_transaction() (#…
Browse files Browse the repository at this point in the history
…525)

* Fix verify_challenge_transaction() bug

* Added test to verify fix
  • Loading branch information
JakeUrban authored Sep 17, 2021
1 parent 1723e72 commit 8d40fbf
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 1 deletion.
5 changes: 4 additions & 1 deletion stellar_sdk/sep/stellar_web_authentication.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,9 @@
from typing import Iterable, List, Optional, Union

from .. import xdr as stellar_xdr
from ..account import Account
from ..memo import IdMemo, NoneMemo
from ..account import Account
from ..muxed_account import MuxedAccount
from ..exceptions import BadSignatureError, ValueError
from ..keypair import Keypair
from ..operation.manage_data import ManageData
Expand Down Expand Up @@ -547,6 +548,8 @@ def verify_challenge_transaction(
network_passphrase,
)
client_account_id = parsed_challenge_transaction.client_account_id
if client_account_id.startswith(MUXED_ACCOUNT_STARTING_LETTER):
client_account_id = MuxedAccount.from_account(client_account_id).account_id
signers = [Ed25519PublicKeySigner(client_account_id, 255)]
verify_challenge_transaction_signers(
challenge_transaction,
Expand Down
29 changes: 29 additions & 0 deletions tests/sep/test_stellar_web_authentication.py
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,35 @@ def test_verify_challenge_transaction(self):
network_passphrase,
)

def test_verify_challenge_transaction_muxed_client_account(self):
server_kp = Keypair.random()
client_kp = Keypair.random()
client_muxed_account = MuxedAccount(client_kp.public_key, 123).account_muxed
timeout = 600
network_passphrase = Network.PUBLIC_NETWORK_PASSPHRASE
home_domain = "example.com"
web_auth_domain = "auth.example.com"

challenge = build_challenge_transaction(
server_secret=server_kp.secret,
client_account_id=client_muxed_account,
home_domain=home_domain,
web_auth_domain=web_auth_domain,
network_passphrase=network_passphrase,
timeout=timeout,
)

transaction = TransactionEnvelope.from_xdr(challenge, network_passphrase)
transaction.sign(client_kp)
challenge_tx = transaction.to_xdr()
verify_challenge_transaction(
challenge_tx,
server_kp.public_key,
home_domain,
web_auth_domain,
network_passphrase,
)

def test_verify_challenge_transaction_with_multi_domain_names(self):
server_kp = Keypair.random()
client_kp = Keypair.random()
Expand Down

0 comments on commit 8d40fbf

Please sign in to comment.