silberengel
/
newsroom
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
clone of github.com/decent-newsroom/newsroom
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
441 Commits
1 Branch
0 Tags
12 MiB
 
 
 
 
 
 
Tree: 5021ba7335
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5021ba7335'
${ noResults }
newsroom/node_modules/nostr-tools/lib/cjs/nip98.js

230 lines
7.4 KiB
Raw Blame History

"use strict";
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
// nip98.ts
var nip98_exports = {};
__export(nip98_exports, {
getToken: () => getToken,
hashPayload: () => hashPayload,
unpackEventFromToken: () => unpackEventFromToken,
validateEvent: () => validateEvent2,
validateEventKind: () => validateEventKind,
validateEventMethodTag: () => validateEventMethodTag,
validateEventPayloadTag: () => validateEventPayloadTag,
validateEventTimestamp: () => validateEventTimestamp,
validateEventUrlTag: () => validateEventUrlTag,
validateToken: () => validateToken
});
module.exports = __toCommonJS(nip98_exports);
var import_sha2562 = require("@noble/hashes/sha256");
var import_utils4 = require("@noble/hashes/utils");
var import_base = require("@scure/base");
// pure.ts
var import_secp256k1 = require("@noble/curves/secp256k1");
var import_utils2 = require("@noble/hashes/utils");
// core.ts
var verifiedSymbol = Symbol("verified");
var isRecord = (obj) => obj instanceof Object;
function validateEvent(event) {
if (!isRecord(event))
return false;
if (typeof event.kind !== "number")
return false;
if (typeof event.content !== "string")
return false;
if (typeof event.created_at !== "number")
return false;
if (typeof event.pubkey !== "string")
return false;
if (!event.pubkey.match(/^[a-f0-9]{64}$/))
return false;
if (!Array.isArray(event.tags))
return false;
for (let i2 = 0; i2 < event.tags.length; i2++) {
let tag = event.tags[i2];
if (!Array.isArray(tag))
return false;
for (let j = 0; j < tag.length; j++) {
if (typeof tag[j] !== "string")
return false;
}
}
return true;
}
// pure.ts
var import_sha256 = require("@noble/hashes/sha256");
// utils.ts
var import_utils = require("@noble/hashes/utils");
var utf8Decoder = new TextDecoder("utf-8");
var utf8Encoder = new TextEncoder();
// pure.ts
var JS = class {
generateSecretKey() {
return import_secp256k1.schnorr.utils.randomPrivateKey();
}
getPublicKey(secretKey) {
return (0, import_utils2.bytesToHex)(import_secp256k1.schnorr.getPublicKey(secretKey));
}
finalizeEvent(t, secretKey) {
const event = t;
event.pubkey = (0, import_utils2.bytesToHex)(import_secp256k1.schnorr.getPublicKey(secretKey));
event.id = getEventHash(event);
event.sig = (0, import_utils2.bytesToHex)(import_secp256k1.schnorr.sign(getEventHash(event), secretKey));
event[verifiedSymbol] = true;
return event;
}
verifyEvent(event) {
if (typeof event[verifiedSymbol] === "boolean")
return event[verifiedSymbol];
const hash = getEventHash(event);
if (hash !== event.id) {
event[verifiedSymbol] = false;
return false;
}
try {
const valid = import_secp256k1.schnorr.verify(event.sig, hash, event.pubkey);
event[verifiedSymbol] = valid;
return valid;
} catch (err) {
event[verifiedSymbol] = false;
return false;
}
}
};
function serializeEvent(evt) {
if (!validateEvent(evt))
throw new Error("can't serialize event with wrong or missing properties");
return JSON.stringify([0, evt.pubkey, evt.created_at, evt.kind, evt.tags, evt.content]);
}
function getEventHash(event) {
let eventHash = (0, import_sha256.sha256)(utf8Encoder.encode(serializeEvent(event)));
return (0, import_utils2.bytesToHex)(eventHash);
}
var i = new JS();
var generateSecretKey = i.generateSecretKey;
var getPublicKey = i.getPublicKey;
var finalizeEvent = i.finalizeEvent;
var verifyEvent = i.verifyEvent;
// kinds.ts
var HTTPAuth = 27235;
// nip98.ts
var _authorizationScheme = "Nostr ";
async function getToken(loginUrl, httpMethod, sign, includeAuthorizationScheme = false, payload) {
const event = {
kind: HTTPAuth,
tags: [
["u", loginUrl],
["method", httpMethod]
],
created_at: Math.round(new Date().getTime() / 1e3),
content: ""
};
if (payload) {
event.tags.push(["payload", hashPayload(payload)]);
}
const signedEvent = await sign(event);
const authorizationScheme = includeAuthorizationScheme ? _authorizationScheme : "";
return authorizationScheme + import_base.base64.encode(utf8Encoder.encode(JSON.stringify(signedEvent)));
}
async function validateToken(token, url, method) {
const event = await unpackEventFromToken(token).catch((error) => {
throw error;
});
const valid = await validateEvent2(event, url, method).catch((error) => {
throw error;
});
return valid;
}
async function unpackEventFromToken(token) {
if (!token) {
throw new Error("Missing token");
}
token = token.replace(_authorizationScheme, "");
const eventB64 = utf8Decoder.decode(import_base.base64.decode(token));
if (!eventB64 || eventB64.length === 0 || !eventB64.startsWith("{")) {
throw new Error("Invalid token");
}
const event = JSON.parse(eventB64);
return event;
}
function validateEventTimestamp(event) {
if (!event.created_at) {
return false;
}
return Math.round(new Date().getTime() / 1e3) - event.created_at < 60;
}
function validateEventKind(event) {
return event.kind === HTTPAuth;
}
function validateEventUrlTag(event, url) {
const urlTag = event.tags.find((t) => t[0] === "u");
if (!urlTag) {
return false;
}
return urlTag.length > 0 && urlTag[1] === url;
}
function validateEventMethodTag(event, method) {
const methodTag = event.tags.find((t) => t[0] === "method");
if (!methodTag) {
return false;
}
return methodTag.length > 0 && methodTag[1].toLowerCase() === method.toLowerCase();
}
function hashPayload(payload) {
const hash = (0, import_sha2562.sha256)(utf8Encoder.encode(JSON.stringify(payload)));
return (0, import_utils4.bytesToHex)(hash);
}
function validateEventPayloadTag(event, payload) {
const payloadTag = event.tags.find((t) => t[0] === "payload");
if (!payloadTag) {
return false;
}
const payloadHash = hashPayload(payload);
return payloadTag.length > 0 && payloadTag[1] === payloadHash;
}
async function validateEvent2(event, url, method, body) {
if (!verifyEvent(event)) {
throw new Error("Invalid nostr event, signature invalid");
}
if (!validateEventKind(event)) {
throw new Error("Invalid nostr event, kind invalid");
}
if (!validateEventTimestamp(event)) {
throw new Error("Invalid nostr event, created_at timestamp invalid");
}
if (!validateEventUrlTag(event, url)) {
throw new Error("Invalid nostr event, url tag invalid");
}
if (!validateEventMethodTag(event, method)) {
throw new Error("Invalid nostr event, method tag invalid");
}
if (Boolean(body) && typeof body === "object" && Object.keys(body).length > 0) {
if (!validateEventPayloadTag(event, body)) {
throw new Error("Invalid nostr event, payload tag does not match request body hash");
}
}
return true;
}