From 3ccef5eec40ba342424b7ddad7d42fb80cff31e1 Mon Sep 17 00:00:00 2001 From: barkyq <122579762+barkyq@users.noreply.github.com> Date: Thu, 9 Feb 2023 09:28:31 -0500 Subject: [PATCH] Tweaked the NIP 42 Validation (#58) --- nip42/nip42.go | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/nip42/nip42.go b/nip42/nip42.go index 793e421..a00b390 100644 --- a/nip42/nip42.go +++ b/nip42/nip42.go @@ -23,33 +23,26 @@ func CreateUnsignedAuthEvent(challenge, pubkey, relayURL string) nostr.Event { } } +// helper function for ValidateAuthEvent +func parseUrl(input string) (*url.URL, error) { + return url.Parse( + strings.ToLower( + strings.TrimSuffix(input, "/"), + ), + ) +} + // ValidateAuthEvent checks whether event is a valid NIP-42 event for given challenge and relayURL. // The result of the validation is encoded in the ok bool. func ValidateAuthEvent(event *nostr.Event, challenge string, relayURL string) (pubkey string, ok bool) { - if ok, _ := event.CheckSignature(); !ok { - return "", false - } if event.Kind != 22242 { return "", false } - now := time.Now() - if event.CreatedAt.After(now.Add(10*time.Minute)) || event.CreatedAt.Before(now.Add(-10*time.Minute)) { - return "", false - } - if event.Tags.GetFirst([]string{"challenge", challenge}) == nil { return "", false } - parseUrl := func(input string) (*url.URL, error) { - return url.Parse( - strings.ToLower( - strings.TrimSuffix(input, "/"), - ), - ) - } - expected, err := parseUrl(relayURL) if err != nil { return "", false @@ -66,5 +59,16 @@ func ValidateAuthEvent(event *nostr.Event, challenge string, relayURL string) (p return "", false } + now := time.Now() + if event.CreatedAt.After(now.Add(10*time.Minute)) || event.CreatedAt.Before(now.Add(-10*time.Minute)) { + return "", false + } + + // save for last, as it is most expensive operation + // no need to check returned error, since ok == true implies err == nil. + if ok, _ := event.CheckSignature(); !ok { + return "", false + } + return event.PubKey, true }