CAIP Multichain API with permission refactor changes

packages/multichain/package.json

@@ -59,7 +59,7 @@
   },
   "devDependencies": {
     "@metamask/auto-changelog": "^3.4.4",
-    "@metamask/json-rpc-engine": "^9.0.3",
+    "@metamask/json-rpc-engine": "^10.0.1",
     "@metamask/network-controller": "^22.0.2",
     "@metamask/permission-controller": "^11.0.3",
     "@open-rpc/meta-schema": "^1.14.6",

packages/multichain/src/adapters/caip-permission-adapter-middleware.ts

@@ -11,8 +11,9 @@ import {
   Caip25CaveatType,
   Caip25EndowmentPermissionName,
 } from '../caip25Permission';
-import { mergeScopes } from '../scope/transform';
-import { KnownWalletScopeString, type ScopeString } from '../scope/types';
+import { KnownWalletScopeString } from '../scope/constants';
+import type { InternalScopeString } from '../scope/types';
+import { getSessionScopes } from './caip-permission-adapter-session-scopes';
 
 /**
  * Middleware to handle CAIP-25 permission requests.
@@ -61,17 +62,14 @@ export async function caipPermissionAdapterMiddleware(
   const { chainId } =
     hooks.getNetworkConfigurationByNetworkClientId(networkClientId);
 
-  const scope: ScopeString = `eip155:${parseInt(chainId, 16)}`;
+  const scope: InternalScopeString = `eip155:${parseInt(chainId, 16)}`;
 
-  const scopesObject = mergeScopes(
-    caveat.value.requiredScopes,
-    caveat.value.optionalScopes,
-  );
+  const sesionScopes = getSessionScopes(caveat.value);
 
   if (
-    !scopesObject[scope]?.methods?.includes(method) &&
-    !scopesObject[KnownWalletScopeString.Eip155]?.methods?.includes(method) &&
-    !scopesObject.wallet?.methods?.includes(method)
+    !sesionScopes[scope]?.methods?.includes(method) &&
+    !sesionScopes[KnownWalletScopeString.Eip155]?.methods?.includes(method) &&
+    !sesionScopes.wallet?.methods?.includes(method)
   ) {
     return end(providerErrors.unauthorized());
   }

packages/multichain/src/adapters/caip-permission-adapter-session-scopes.test.ts

@@ -0,0 +1,87 @@
+import {
+  KnownNotifications,
+  KnownRpcMethods,
+  KnownWalletNamespaceRpcMethods,
+  KnownWalletRpcMethods,
+} from '../scope/constants';
+import { getSessionScopes } from './caip-permission-adapter-session-scopes';
+
+describe('CAIP-25 session scopes adapters', () => {
+  describe('getSessionScopes', () => {
+    it('returns a NormalizedScopesObject for the wallet scope', () => {
+      const result = getSessionScopes({
+        requiredScopes: {},
+        optionalScopes: {
+          wallet: {
+            accounts: [],
+          },
+        },
+      });
+
+      expect(result).toStrictEqual({
+        wallet: {
+          methods: KnownWalletRpcMethods,
+          notifications: [],
+          accounts: [],
+        },
+      });
+    });
+
+    it('returns a NormalizedScopesObject for the wallet:eip155 scope', () => {
+      const result = getSessionScopes({
+        requiredScopes: {},
+        optionalScopes: {
+          'wallet:eip155': {
+            accounts: ['wallet:eip155:0xdeadbeef'],
+          },
+        },
+      });
+
+      expect(result).toStrictEqual({
+        'wallet:eip155': {
+          methods: KnownWalletNamespaceRpcMethods.eip155,
+          notifications: [],
+          accounts: ['wallet:eip155:0xdeadbeef'],
+        },
+      });
+    });
+
+    it('returns a NormalizedScopesObject with empty methods and notifications for scope with wallet namespace and unknown reference', () => {
+      const result = getSessionScopes({
+        requiredScopes: {},
+        optionalScopes: {
+          'wallet:foobar': {
+            accounts: ['wallet:foobar:0xdeadbeef'],
+          },
+        },
+      });
+
+      expect(result).toStrictEqual({
+        'wallet:foobar': {
+          methods: [],
+          notifications: [],
+          accounts: ['wallet:foobar:0xdeadbeef'],
+        },
+      });
+    });
+
+    it('returns a NormalizedScopesObject for a eip155 namespaced scope', () => {
+      const result = getSessionScopes({
+        requiredScopes: {},
+        optionalScopes: {
+          'eip155:1': {
+            accounts: ['eip155:1:0xdeadbeef'],
+          },
+        },
+      });
+
+      expect(result).toStrictEqual({
+        'eip155:1': {
+          methods: KnownRpcMethods.eip155,
+          notifications: KnownNotifications.eip155,
+          accounts: ['eip155:1:0xdeadbeef'],
+        },
+      });
+    });
+  });
+});

packages/multichain/src/adapters/caip-permission-adapter-session-scopes.ts

@@ -0,0 +1,78 @@
+import { KnownCaipNamespace } from '@metamask/utils';
+
+import type { Caip25CaveatValue } from '../caip25Permission';
+import {
+  KnownNotifications,
+  KnownRpcMethods,
+  KnownWalletNamespaceRpcMethods,
+  KnownWalletRpcMethods,
+} from '../scope/constants';
+import { mergeScopes } from '../scope/transform';
+import type {
+  InternalScopesObject,
+  NonWalletKnownCaipNamespace,
+  NormalizedScopesObject,
+} from '../scope/types';
+import { parseScopeString } from '../scope/types';
+
+/**
+ * Converts an InternalScopesObject to a NormalizedScopesObject.
+ * @param internalScopesObject - The InternalScopesObject to convert.
+ * @returns A NormalizedScopesObject.
+ */
+const getNormalizedScopesObject = (
+  internalScopesObject: InternalScopesObject,
+) => {
+  const normalizedScopes: NormalizedScopesObject = {};
+
+  Object.entries(internalScopesObject).forEach(
+    ([_scopeString, { accounts }]) => {
+      const scopeString = _scopeString as keyof typeof internalScopesObject;
+      const { namespace, reference } = parseScopeString(scopeString);
+      let methods: string[] = [];
+      let notifications: string[] = [];
+
+      if (namespace === KnownCaipNamespace.Wallet) {
+        if (reference) {
+          methods =
+            KnownWalletNamespaceRpcMethods[
+              reference as NonWalletKnownCaipNamespace
+            ] ?? [];
+        } else {
+          methods = KnownWalletRpcMethods;
+        }
+      } else {
+        methods =
+          KnownRpcMethods[namespace as NonWalletKnownCaipNamespace] ?? [];
+        notifications =
+          KnownNotifications[namespace as NonWalletKnownCaipNamespace] ?? [];
+      }
+
+      normalizedScopes[scopeString] = {
+        methods,
+        notifications,
+        accounts,
+      };
+    },
+  );
+
+  return normalizedScopes;
+};
+
+/**
+ * Takes the scopes from an endowment:caip25 permission caveat value,
+ * hydrates them with supported methods and notifications, and returns a NormalizedScopesObject.
+ * @param caip25CaveatValue - The CAIP-25 CaveatValue to convert.
+ * @returns A NormalizedScopesObject.
+ */
+export const getSessionScopes = (
+  caip25CaveatValue: Pick<
+    Caip25CaveatValue,
+    'requiredScopes' | 'optionalScopes'
+  >,
+) => {
+  return mergeScopes(
+    getNormalizedScopesObject(caip25CaveatValue.requiredScopes),
+    getNormalizedScopesObject(caip25CaveatValue.optionalScopes),
+  );
+};

packages/multichain/src/handlers/wallet-getSession.test.ts

@@ -1,11 +1,19 @@
 import type { JsonRpcRequest } from '@metamask/utils';
 
+import * as PermissionAdapterSessionScopes from '../adapters/caip-permission-adapter-session-scopes';
 import {
   Caip25CaveatType,
   Caip25EndowmentPermissionName,
 } from '../caip25Permission';
 import { walletGetSession } from './wallet-getSession';
 
+jest.mock('../adapters/caip-permission-adapter-session-scopes', () => ({
+  getSessionScopes: jest.fn(),
+}));
+const MockPermissionAdapterSessionScopes = jest.mocked(
+  PermissionAdapterSessionScopes,
+);
+
 const baseRequest: JsonRpcRequest & { origin: string } = {
   origin: 'http://test.com',
   jsonrpc: '2.0' as const,
@@ -21,25 +29,17 @@ const createMockedHandler = () => {
     value: {
       requiredScopes: {
         'eip155:1': {
-          methods: ['eth_call'],
-          notifications: [],
           accounts: [],
         },
         'eip155:5': {
-          methods: ['eth_chainId'],
-          notifications: [],
           accounts: [],
         },
       },
       optionalScopes: {
         'eip155:1': {
-          methods: ['net_version'],
-          notifications: ['chainChanged'],
           accounts: [],
         },
         wallet: {
-          methods: ['wallet_watchAsset'],
-          notifications: [],
           accounts: [],
         },
       },
@@ -67,6 +67,10 @@ const createMockedHandler = () => {
 };
 
 describe('wallet_getSession', () => {
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
   it('gets the authorized scopes from the CAIP-25 endowment permission', async () => {
     const { handler, getCaveat } = createMockedHandler();
 
@@ -90,9 +94,53 @@ describe('wallet_getSession', () => {
     });
   });
 
-  it('returns the merged scopes', async () => {
+  it('gets the session scopes from the CAIP-25 caveat value', async () => {
+    const { handler } = createMockedHandler();
+
+    await handler(baseRequest);
+    expect(
+      MockPermissionAdapterSessionScopes.getSessionScopes,
+    ).toHaveBeenCalledWith({
+      requiredScopes: {
+        'eip155:1': {
+          accounts: [],
+        },
+        'eip155:5': {
+          accounts: [],
+        },
+      },
+      optionalScopes: {
+        'eip155:1': {
+          accounts: [],
+        },
+        wallet: {
+          accounts: [],
+        },
+      },
+    });
+  });
+
+  it('returns the session scopes', async () => {
     const { handler, response } = createMockedHandler();
 
+    MockPermissionAdapterSessionScopes.getSessionScopes.mockReturnValue({
+      'eip155:1': {
+        methods: ['eth_call', 'net_version'],
+        notifications: ['chainChanged'],
+        accounts: [],
+      },
+      'eip155:5': {
+        methods: ['eth_chainId'],
+        notifications: [],
+        accounts: [],
+      },
+      wallet: {
+        methods: ['wallet_watchAsset'],
+        notifications: [],
+        accounts: [],
+      },
+    });
+
     await handler(baseRequest);
     expect(response.result).toStrictEqual({
       sessionScopes: {

packages/multichain/src/handlers/wallet-getSession.ts

@@ -1,13 +1,13 @@
 import type { Caveat } from '@metamask/permission-controller';
 import type { JsonRpcRequest, JsonRpcSuccess } from '@metamask/utils';
+import type { NormalizedScopesObject } from 'src/scope/types';
 
+import { getSessionScopes } from '../adapters/caip-permission-adapter-session-scopes';
 import type { Caip25CaveatValue } from '../caip25Permission';
 import {
   Caip25CaveatType,
   Caip25EndowmentPermissionName,
 } from '../caip25Permission';
-import { mergeScopes } from '../scope/transform';
-import type { ScopesObject } from '../scope/types';
 
 /**
  * Handler for the `wallet_getSession` RPC method.
@@ -21,7 +21,7 @@ import type { ScopesObject } from '../scope/types';
  */
 async function walletGetSessionHandler(
   request: JsonRpcRequest & { origin: string },
-  response: JsonRpcSuccess<{ sessionScopes: ScopesObject }>,
+  response: JsonRpcSuccess<{ sessionScopes: NormalizedScopesObject }>,
   _next: () => void,
   end: () => void,
   hooks: {
@@ -49,10 +49,7 @@ async function walletGetSessionHandler(
   }
 
   response.result = {
-    sessionScopes: mergeScopes(
-      caveat.value.requiredScopes,
-      caveat.value.optionalScopes,
-    ),
+    sessionScopes: getSessionScopes(caveat.value),
   };
   return end();
 }