[1] Update ledgers.js to 4.0.3

[2] ensure to use token auth with overhide libs
[3] update documentation

README.md

@@ -6,6 +6,16 @@
 
 [Please click here to run the demo as it's hosted on Azure Static Web Apps.](https://thankful-grass-03b28b11e.azurestaticapps.net/)
 
+
+
+------
+
+**This hack serves as a demo of the [ledgers.js library](https://www.npmjs.com/package/ledgers.js).  Please see use of `oh$` in [./src/ledgers.js-react-widget/services/PaymentsService.js](./src/ledgers.js-react-widget/services/PaymentsService.js) (UX widget) and [./api/SharedCode/overhide.js](./api/SharedCode/overhide.js) (back-end).**
+
+------
+
+
+
 ## Introduction
 
 This demo presents symbiosis between "[Ledger Based Authorizations](https://overhide.io/)" and [Azure's Static Web Apps](https://azure.microsoft.com/en-us/services/app-service/static/#overview).
@@ -82,8 +92,8 @@ The basic steps to use what you see here in your projects:
 - if you want to get paid in Ethers, ensure to onboard onto Ethereum
   - onboarding just means getting an Ethereum public/private key pair
 - if you want to get paid in US dollars, ensure to onboard on [overhide-ledger](https://overhide.io/):
-  - [test ledger onboarding](https://test.ohledger.com/onboard)
-  - [production ledger onboarding](https://ohledger.com/onboard)
+  - [test ledger onboarding](https://test.ledger.overhide.io/onboard)
+  - [production ledger onboarding](https://ledger.overhide.io/onboard)
 - configure your new application with your onboarded public addresses (both Ethereum and overhide)
   - see all the `*_FEATURE_*_LEDGER_ADDRESS` Azure function configuration points in the [Configuration](#configuration) section below
   - see the `/api/local.settings.json` file for local (F5 run) settings of same
@@ -99,7 +109,7 @@ Next we dive a bit deeper into sections of code significant to this demo from a
 
 The Azure functions to make this solution work are very simple, they live in the `/api` folder.
 
-In `/api/SharedCode/overhide.js` we have three tiny functions that call the [two ledger APIs](https://overhide.io/2020/09/06/remuneration-api.html) (`is-signature-valid` and `get-transactions`) from the back-end (Azure functions).  This is all that's needed for the back-end to validate authN and authZ.  The APIs are detailed [here](https://test.ohledger.com/swagger.html) for dollars and [here](https://rinkeby.ethereum.overhide.io/swagger.html) for ethers.
+In `/api/SharedCode/overhide.js` we have four tiny functions that call the [two ledger APIs](https://overhide.io/2020/09/06/remuneration-api.html) (`is-signature-valid` and `get-transactions`) from the back-end (Azure functions).  The API calls use a bearer-token `Authorization` header with [a retrieved token](https://token.overhide.io/swagger.html).  This is all that's needed for the back-end to validate authN and authZ.  The APIs are detailed [here](https://test.ledger.overhide.io/swagger.html) for dollars and [here](https://rinkeby.ethereum.overhide.io/swagger.html) for ethers.
 
 See how this `/api/SharedCode/overhide.js` is used in the *RunFeature* Azure function.  This small utility file is all you need for your projects.
 
@@ -113,7 +123,7 @@ In `/src/ledgers.js-react-widget` lives the React login widget:
 
 To use this widget in your UI:
 
-- add `ledgers.js: 2.1.9` to you `/package.json` React app dependencies, `npm install`
+- add `ledgers.js: 4.0.3` to you `/package.json` React app dependencies, `npm install`
 
 - copy the `/src/ledgers.js-react-widget` folder to your project's components (will make it an [npm](https://www.npmjs.com/) component soon)
 
@@ -229,4 +239,4 @@ Runs the app in the development mode.<br />
 Open [http://localhost:3000](http://localhost:3000) to view it in the browser.
 
 The page will reload if you make edits.<br />
-You will also see any lint errors in the console.
+You will also see any lint errors in the console.

api/RunFeature/index.js

@@ -19,7 +19,7 @@ module.exports = async function (context, req) {
   const cost = +feesSchedule[featureName][currency].cost * MULTIPLIER[currency];
   const expiryMinutes = +feesSchedule[featureName].expiryMinutes || null;
 
-  const uri = currency === 'ethers' ? 'https://rinkeby.ethereum.overhide.io' : 'https://test.ohledger.com/v1'
+  const uri = currency === 'ethers' ? 'https://rinkeby.ethereum.overhide.io' : 'https://test.ledger.overhide.io/v1'
 
   try {
     if (await overhide.isValidOnLedger(uri, address, message, signature)

api/SharedCode/overhide.js

@@ -1,5 +1,32 @@
 const fetch = require('node-fetch');
 
+/**
+ * Retrieve API access token
+ * 
+ * @returns {string} the token.
+ */
+async function getToken() {
+  const tokenUrl = `https://token.overhide.io/token`;
+  const apiKey = '0x___API_KEY_ONLY_FOR_DEMOS_AND_TESTS___';
+  const url = `${tokenUrl}?apikey=${apiKey}`;
+
+  console.log('retrieving token for APIs');
+  return fetch(url, {
+    method: 'GET'
+  }).then(result => {
+    if (result.status == 200) {
+      return result.text();
+    } else {
+      throw(JSON.stringify({url: url, status: result.status, error: result.message}));
+    }
+  }).then(token => {
+    console.log('successfuly retrieved token for APIs');
+    return token;
+  }).catch(e => {
+    console.log('failed to get token for APIs: ' + e);
+  });
+}
+
 /**
  * Call overhide remuneration API to get transaction tally for determining authority tiers
  * 
@@ -18,7 +45,7 @@ async function getTally(uri, from, to, date) {
   uri = `${uri}/get-transactions/${from}/${to}?tally-only=true${since}`;
   console.log(`remunaration API >> getTally call (${uri})`);
 
-  return await fetch(uri)
+  return await fetch(uri, {headers: { "Authorization": `Bearer ${await getToken()}` }})
     .then(res => res.json())
     .then(res => {
       console.log('remunaration API >> getTally call OK');
@@ -74,7 +101,10 @@ module.exports = {
 
     return await fetch(uri, {
       method: "POST",
-      headers: { "Content-Type": "application/json; charset=utf-8" },
+      headers: { 
+        "Content-Type": "application/json; charset=utf-8",
+        "Authorization": `Bearer ${await getToken()}`
+      },
       body: body
     })
     .then((result) => {

package.json

@@ -6,10 +6,10 @@
     "@testing-library/jest-dom": "^4.2.4",
     "@testing-library/react": "^9.3.2",
     "@testing-library/user-event": "^7.1.2",
+    "ledgers.js": "file:../ledgers.js/ledgers.js-4.0.3.tgz",
     "react": "^16.12.0",
     "react-dom": "^16.12.0",
-    "react-scripts": "3.4.0",
-    "ledgers.js": "2.1.9"
+    "react-scripts": "3.4.0"
   },
   "scripts": {
     "start": "react-scripts start",

src/ledgers.js-react-widget/services/PaymentsService.js

@@ -381,9 +381,38 @@ class PaymentsService {
     this.#updateApplicationStateFn(newInfo);
   }
 
+  /**
+   * Retrieve API access token
+   * 
+   * @returns {string} the token.
+   */
+  #getToken = async () => {
+    const tokenUrl = `https://token.overhide.io/token`;
+    const apiKey = '0x___API_KEY_ONLY_FOR_DEMOS_AND_TESTS___';
+    const url = `${tokenUrl}?apikey=${apiKey}`;
+
+    return fetch(url, {
+      method: 'GET'
+    }).then(result => {
+      if (result.status == 200) {
+        return result.text();
+      } else {
+        throw(JSON.stringify({url: url, status: result.status, error: result.message}));
+      }
+    }).then(token => {
+      return token;
+    }).catch(e => {
+    });
+  }
+
   // Initialize oh$ listeners.
   #init = () => {
 
+    // Ensure oh$ has a token.
+    (async () => {
+      oh$.enable(await this.#getToken());
+    })();
+
     // Determine if ethers should be enabled based on uri from wallet (versus admin)
     // Ethers only enabled if wallet, so do everything in 'onWalletChange'
     oh$.addEventListener('onWalletChange', async (e) => {