From 3f057bfc8903d10b410de5a805886d4f9689b0eb Mon Sep 17 00:00:00 2001
From: Frederik Rothenberger <frederik.rothenberger@dfinity.org>
Date: Fri, 17 Feb 2023 17:50:00 +0100
Subject: [PATCH] Always use legacy domain for principal derivation (#1247)

In order to provide a stable principal across both, legacy and new domains
without mandating every developer to use alternative origins, we always map
back the derivation origin to the legacy domain.
---
 src/frontend/src/flows/authorize/fetchDelegation.ts | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/frontend/src/flows/authorize/fetchDelegation.ts b/src/frontend/src/flows/authorize/fetchDelegation.ts
index 6d85f439c4..96774fa2be 100644
--- a/src/frontend/src/flows/authorize/fetchDelegation.ts
+++ b/src/frontend/src/flows/authorize/fetchDelegation.ts
@@ -21,11 +21,21 @@ export const fetchDelegation = async (
   const sessionKey = Array.from(authContext.authRequest.sessionPublicKey);
 
   // at this point, derivationOrigin is either validated or undefined
-  const derivationOrigin =
+  let derivationOrigin =
     authContext.authRequest.derivationOrigin !== undefined
       ? authContext.authRequest.derivationOrigin
       : authContext.requestOrigin;
 
+  // In order to give dapps a stable principal regardless whether they use the legacy (ic0.app) or the new domain (icp0.io)
+  // we map back the derivation origin to the ic0.app domain.
+  const ORIGIN_MAPPING_REGEX =
+    /^https:\/\/(?<subdomain>[\w-]+(?:\.raw)?)\.icp0\.io$/;
+  const match = derivationOrigin.match(ORIGIN_MAPPING_REGEX);
+  const subdomain = match?.groups?.subdomain;
+  if (subdomain !== undefined && subdomain !== null) {
+    derivationOrigin = `https://${subdomain}.ic0.app`;
+  }
+
   const [userKey, timestamp] = await connection.prepareDelegation(
     derivationOrigin,
     sessionKey,