Add optional field for userIdentifierAdminUrl (#192)

# Problem

SIWA version of SIWF requires an optional `userIdentifierAdminUrl` for
some custom integrations. Adding it.

Author: wilwade

docs/src/DataStructures/Request.md

@@ -1,6 +1,6 @@
 ```json
 {
-  "signedRequest": "eyJyZXF1ZXN0ZWRTaWduYXR1cmVzIjp7InB1YmxpY0tleSI6eyJlbmNvZGVkVmFsdWUiOiJmNmNMNHdxMUhVTngxMVRjdmRBQk5mOVVOWFhveUg0N21WVXdUNTl0elNGUlc4eURIIiwiZW5jb2RpbmciOiJiYXNlNTgiLCJmb3JtYXQiOiJzczU4IiwidHlwZSI6IlNyMjU1MTkifSwic2lnbmF0dXJlIjp7ImFsZ28iOiJTcjI1NTE5IiwiZW5jb2RpbmciOiJiYXNlMTYiLCJlbmNvZGVkVmFsdWUiOiIweDA0MDdjZTgxNGI3Nzg2MWRmOTRkMTZiM2ZjYjMxN2QzN2EwN2FiYzJhN2Y5Y2Q3YzAyY2MyMjUyOWVlN2IzMmQ1Njc5NWY4OGJkNmI0YWQxMDZiNzJiOTFiNjI0NmE3ODM2NzFiY2QyNGNiMDFhYWYwZTkzMTZkYjVlMGNkMDg1In0sInBheWxvYWQiOnsiY2FsbGJhY2siOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJwZXJtaXNzaW9ucyI6WzUsNyw4LDksMTBdfX0sInJlcXVlc3RlZENyZWRlbnRpYWxzIjpbeyJ0eXBlIjoiVmVyaWZpZWRHcmFwaEtleUNyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFtZHZteGQ1NHp2ZTVraWZ5Y2dzZHRvYWhzNWVjZjRoYWwydHMzZWV4a2dvY3ljNW9jYTJ5Il19LHsiYW55T2YiOlt7InR5cGUiOiJWZXJpZmllZEVtYWlsQWRkcmVzc0NyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFlNHFvY3poZnRpY2k0ZHpmdmZiZWw3Zm80aDRzcjVncmNvM29vdnd5azZ5NHluZjQ0dHNpIl19LHsidHlwZSI6IlZlcmlmaWVkUGhvbmVOdW1iZXJDcmVkZW50aWFsIiwiaGFzaCI6WyJiY2lxanNwbmJ3cGMzd2p4NGZld2NlazVkYXlzZGpwYmY1eGppbXo1d251NXVqN2UzdnUydXducSJdfV19XX0",
+  "signedRequest": "eyJyZXF1ZXN0ZWRTaWduYXR1cmVzIjp7InB1YmxpY0tleSI6eyJlbmNvZGVkVmFsdWUiOiJmNmNMNHdxMUhVTngxMVRjdmRBQk5mOVVOWFhveUg0N21WVXdUNTl0elNGUlc4eURIIiwiZW5jb2RpbmciOiJiYXNlNTgiLCJmb3JtYXQiOiJzczU4IiwidHlwZSI6IlNSMjU1MTkifSwic2lnbmF0dXJlIjp7ImFsZ28iOiJTUjI1NTE5IiwiZW5jb2RpbmciOiJiYXNlMTYiLCJlbmNvZGVkVmFsdWUiOiIweGU2NjBiZjA4MTQxNzI3OGE4YzYxOTkwZGM3N2JjZTZjOTQxZWU3ZjM0ZDMwZGRiYjVjYzdjMzk2NmE0MDhjMDA3YmU1MGYyNjBkMzc2Y2I3ZjAyYzRiOGI2ZmFjZTkzOTJkZjZhNzE4MTYzZmJmZDI2YTNkNWQwYzA4NzYwNDgwIn0sInBheWxvYWQiOnsiY2FsbGJhY2siOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJwZXJtaXNzaW9ucyI6WzUsNyw4LDksMTBdfX0sInJlcXVlc3RlZENyZWRlbnRpYWxzIjpbeyJ0eXBlIjoiVmVyaWZpZWRHcmFwaEtleUNyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFtZHZteGQ1NHp2ZTVraWZ5Y2dzZHRvYWhzNWVjZjRoYWwydHMzZWV4a2dvY3ljNW9jYTJ5Il19LHsiYW55T2YiOlt7InR5cGUiOiJWZXJpZmllZEVtYWlsQWRkcmVzc0NyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFlNHFvY3poZnRpY2k0ZHpmdmZiZWw3Zm80aDRzcjVncmNvM29vdnd5azZ5NHluZjQ0dHNpIl19LHsidHlwZSI6IlZlcmlmaWVkUGhvbmVOdW1iZXJDcmVkZW50aWFsIiwiaGFzaCI6WyJiY2lxanNwbmJ3cGMzd2p4NGZld2NlazVkYXlzZGpwYmY1eGppbXo1d251NXVqN2UzdnUydXducSJdfV19XX0",
   "mode": "dark"
 }
 ```

docs/src/DataStructures/RequestUrl.md

@@ -1,3 +1,3 @@
 ```json
-"https://testnet.frequencyaccess.com/siwa/start?signedRequest=eyJyZXF1ZXN0ZWRTaWduYXR1cmVzIjp7InB1YmxpY0tleSI6eyJlbmNvZGVkVmFsdWUiOiJmNmNMNHdxMUhVTngxMVRjdmRBQk5mOVVOWFhveUg0N21WVXdUNTl0elNGUlc4eURIIiwiZW5jb2RpbmciOiJiYXNlNTgiLCJmb3JtYXQiOiJzczU4IiwidHlwZSI6IlNyMjU1MTkifSwic2lnbmF0dXJlIjp7ImFsZ28iOiJTcjI1NTE5IiwiZW5jb2RpbmciOiJiYXNlMTYiLCJlbmNvZGVkVmFsdWUiOiIweDA0MDdjZTgxNGI3Nzg2MWRmOTRkMTZiM2ZjYjMxN2QzN2EwN2FiYzJhN2Y5Y2Q3YzAyY2MyMjUyOWVlN2IzMmQ1Njc5NWY4OGJkNmI0YWQxMDZiNzJiOTFiNjI0NmE3ODM2NzFiY2QyNGNiMDFhYWYwZTkzMTZkYjVlMGNkMDg1In0sInBheWxvYWQiOnsiY2FsbGJhY2siOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJwZXJtaXNzaW9ucyI6WzUsNyw4LDksMTBdfX0sInJlcXVlc3RlZENyZWRlbnRpYWxzIjpbeyJ0eXBlIjoiVmVyaWZpZWRHcmFwaEtleUNyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFtZHZteGQ1NHp2ZTVraWZ5Y2dzZHRvYWhzNWVjZjRoYWwydHMzZWV4a2dvY3ljNW9jYTJ5Il19LHsiYW55T2YiOlt7InR5cGUiOiJWZXJpZmllZEVtYWlsQWRkcmVzc0NyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFlNHFvY3poZnRpY2k0ZHpmdmZiZWw3Zm80aDRzcjVncmNvM29vdnd5azZ5NHluZjQ0dHNpIl19LHsidHlwZSI6IlZlcmlmaWVkUGhvbmVOdW1iZXJDcmVkZW50aWFsIiwiaGFzaCI6WyJiY2lxanNwbmJ3cGMzd2p4NGZld2NlazVkYXlzZGpwYmY1eGppbXo1d251NXVqN2UzdnUydXducSJdfV19XX0&mode=dark"
+"https://testnet.frequencyaccess.com/siwa/start?signedRequest=eyJyZXF1ZXN0ZWRTaWduYXR1cmVzIjp7InB1YmxpY0tleSI6eyJlbmNvZGVkVmFsdWUiOiJmNmNMNHdxMUhVTngxMVRjdmRBQk5mOVVOWFhveUg0N21WVXdUNTl0elNGUlc4eURIIiwiZW5jb2RpbmciOiJiYXNlNTgiLCJmb3JtYXQiOiJzczU4IiwidHlwZSI6IlNSMjU1MTkifSwic2lnbmF0dXJlIjp7ImFsZ28iOiJTUjI1NTE5IiwiZW5jb2RpbmciOiJiYXNlMTYiLCJlbmNvZGVkVmFsdWUiOiIweGU2NjBiZjA4MTQxNzI3OGE4YzYxOTkwZGM3N2JjZTZjOTQxZWU3ZjM0ZDMwZGRiYjVjYzdjMzk2NmE0MDhjMDA3YmU1MGYyNjBkMzc2Y2I3ZjAyYzRiOGI2ZmFjZTkzOTJkZjZhNzE4MTYzZmJmZDI2YTNkNWQwYzA4NzYwNDgwIn0sInBheWxvYWQiOnsiY2FsbGJhY2siOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJwZXJtaXNzaW9ucyI6WzUsNyw4LDksMTBdfX0sInJlcXVlc3RlZENyZWRlbnRpYWxzIjpbeyJ0eXBlIjoiVmVyaWZpZWRHcmFwaEtleUNyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFtZHZteGQ1NHp2ZTVraWZ5Y2dzZHRvYWhzNWVjZjRoYWwydHMzZWV4a2dvY3ljNW9jYTJ5Il19LHsiYW55T2YiOlt7InR5cGUiOiJWZXJpZmllZEVtYWlsQWRkcmVzc0NyZWRlbnRpYWwiLCJoYXNoIjpbImJjaXFlNHFvY3poZnRpY2k0ZHpmdmZiZWw3Zm80aDRzcjVncmNvM29vdnd5azZ5NHluZjQ0dHNpIl19LHsidHlwZSI6IlZlcmlmaWVkUGhvbmVOdW1iZXJDcmVkZW50aWFsIiwiaGFzaCI6WyJiY2lxanNwbmJ3cGMzd2p4NGZld2NlazVkYXlzZGpwYmY1eGppbXo1d251NXVqN2UzdnUydXducSJdfV19XX0&mode=dark"
 ```

docs/src/SignatureGeneration.md

@@ -21,6 +21,10 @@ The list of Frequency Schema Ids permissions your application is requesting from
 
 - See a full list of [Available Delegations](./Delegations.md)
 
+### Parameter: `userIdentifierAdminUrl`
+
+Only used for custom integration situations.
+
 ## Step 2: Signing the Request
 
 To ensure that the correct application is requesting the authentication and that the response is only sent to the authorized party, the request is signed.
@@ -33,7 +37,8 @@ SCALE Type (Note: Order matters!)
 ```json
 {
   "callback": "String",
-  "permissions": "Vec<U16>"
+  "permissions": "Vec<U16>",
+  "userIdentifierAdminUrl": "Option<String>",
 }
 ```
 
@@ -53,10 +58,10 @@ Remember that SR25519 signatures are non-deterministic, so the payload and encod
 This example uses the `//Alice` seed phrase to generate the signature.
 
 - Payload: `{ "callback": "https://localhost:44181", "permissions": [5, 7, 8, 9, 10] }`
-- SCALE Payload (Hex): `0x5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a00`
-- Wrapped Payload (Hex): `0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a003c2f42797465733e`
+- SCALE Payload (Hex): `0x5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a0000`
+- Wrapped Payload (Hex): `0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a00003c2f42797465733e`
 - Signing Public Key (SS58 Prefix 90): `f6cL4wq1HUNx11TcvdABNf9UNXXoyH47mVUwT59tzSFRW8yDH`
-- Signature (Hex): `0x446c32dd524c1f4b06c213891e9e3a025dded43eae55d2df40a766187684ac2704434e1835573077c1abb783b98f3684488e41f8c9bdc359458f9e043ae5cd86`
+- Signature (Hex): `0x9abd3c54e7164e8385627dc692724b9467386acd7b02a13d6187e2c58fd91440d9134781c0410a45812f5532b71f4a34b4a5443ef8d68b5a1956f7f0f81d4286`
 
 ## Step 3 (Optional): Request Credentials (Graph Key, Email, Phone)
 

libraries/js/src/request.ts

@@ -103,7 +103,7 @@ export function buildSignedRequest(
   return {
     requestedSignatures: {
       publicKey: {
-        // TODO: Should this always be encoded as mainnet 90 or check if mainnet?
+        // Should always be encoded as mainnet prefix 90
         encodedValue: encodeAddress(signerPublicKey, 90),
         encoding: 'base58',
         format: 'ss58',

libraries/js/src/response.ts

@@ -24,8 +24,7 @@ export function hasChainSubmissions(result: SiwfResponse): boolean {
  * Validate a possible SIWF Response
  *
  * @param {unknown} response - A possible SIWF Response.
- * @param {SiwfOptions} options - Options for endpoint selection and domain checks.
- *                 options.loginMsgDomain - The login message signed by the user should match this domain. (Default: localhost)
+ * @param {string} loginMsgDomain - The login message signed by the user should match this domain. (Default: localhost)
  *
  * @returns {Promise<SiwfResponse>} The validated response
  */

libraries/js/src/types/request.ts

@@ -23,6 +23,7 @@ export interface SiwfSignedRequest {
     payload: {
       callback: string;
       permissions: number[];
+      userIdentifierAdminUrl?: string;
     };
   };
   requestedCredentials?: SiwfCredentialRequest[];

libraries/js/src/util.test.ts

@@ -10,7 +10,21 @@ import {
 describe('SCALE serializations', () => {
   it('serializeLoginPayloadHex serializes correctly', () => {
     expect(serializeLoginPayloadHex({ callback: 'https://localhost:44181', permissions: [5, 7, 8, 9, 10] })).toEqual(
-      '0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a003c2f42797465733e'
+      '0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a00003c2f42797465733e'
+    );
+
+    expect(
+      serializeLoginPayloadHex({
+        callback: 'https://localhost:44181',
+        permissions: [5, 7, 8, 9, 10],
+        userIdentifierAdminUrl: 'https://localhost:101010',
+      })
+    ).toEqual(
+      '0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a00016068747470733a2f2f6c6f63616c686f73743a3130313031303c2f42797465733e'
+    );
+
+    expect(serializeLoginPayloadHex({ callback: 'https://localhost:44181', permissions: [5, 7, 8, 9, 10] })).toEqual(
+      '0x3c42797465733e5c68747470733a2f2f6c6f63616c686f73743a34343138311405000700080009000a00003c2f42797465733e'
     );
   });
 

libraries/js/src/util.ts

@@ -48,8 +48,10 @@ export function requestPayloadBytes(payload: SiwfSignedRequest['requestedSignatu
     {
       callback: Text,
       permissions: 'Vec<U16>',
+      userIdentifierAdminUrl: 'Option<Text>',
     },
-    payload
+    // Ensure that the userIdentifierAdminUrl is null if it doesn't exist
+    { userIdentifierAdminUrl: null, ...payload }
   ).toU8a();
 }
 

tools/signed-request-generator/playwright.config.ts

@@ -5,6 +5,7 @@ const config: PlaywrightTestConfig = {
 		command: 'NODE_ENV=dev npm run build && npm run preview',
 		port: 4173
 	},
+	retries: 2,
 	testDir: 'tests',
 	testMatch: /(.+\.)?(test|spec)\.[jt]s/
 };