Always use legacy domain for principal derivation (#1247)

In order to provide a stable principal across both, legacy and new domains without mandating every developer to use alternative origins, we always map back the derivation origin to the legacy domain.
dfinity · Feb 17, 2023 · 3f057bf · 3f057bf
1 parent 075111b
commit 3f057bf
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/src/frontend/src/flows/authorize/fetchDelegation.ts b/src/frontend/src/flows/authorize/fetchDelegation.ts
@@ -21,11 +21,21 @@ export const fetchDelegation = async (
   const sessionKey = Array.from(authContext.authRequest.sessionPublicKey);
 
   // at this point, derivationOrigin is either validated or undefined
-  const derivationOrigin =
+  let derivationOrigin =
     authContext.authRequest.derivationOrigin !== undefined
       ? authContext.authRequest.derivationOrigin
       : authContext.requestOrigin;
 
+  // In order to give dapps a stable principal regardless whether they use the legacy (ic0.app) or the new domain (icp0.io)
+  // we map back the derivation origin to the ic0.app domain.
+  const ORIGIN_MAPPING_REGEX =
+    /^https:\/\/(?<subdomain>[\w-]+(?:\.raw)?)\.icp0\.io$/;
+  const match = derivationOrigin.match(ORIGIN_MAPPING_REGEX);
+  const subdomain = match?.groups?.subdomain;
+  if (subdomain !== undefined && subdomain !== null) {
+    derivationOrigin = `https://${subdomain}.ic0.app`;
+  }
+
   const [userKey, timestamp] = await connection.prepareDelegation(
     derivationOrigin,
     sessionKey,