From 443c7cf6332510446914a816a590ecaf699b2edc Mon Sep 17 00:00:00 2001 From: Liran Cohen Date: Wed, 18 Jan 2023 17:44:32 +0000 Subject: [PATCH 1/3] trim trailing slash from expected and found relay URL, clean up --- nip42/nip42.go | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/nip42/nip42.go b/nip42/nip42.go index 8cdae9f..58016fa 100644 --- a/nip42/nip42.go +++ b/nip42/nip42.go @@ -2,6 +2,7 @@ package nip42 import ( "net/url" + "strings" "time" "github.com/nbd-wtf/go-nostr" @@ -41,16 +42,20 @@ func ValidateAuthEvent(event *nostr.Event, challenge string, relayURL string) (p return "", false } - expected, err1 := url.Parse(relayURL) - found, err2 := url.Parse(event.Tags.GetFirst([]string{"relay", ""}).Value()) - if err1 != nil || err2 != nil { + expected, err := url.Parse(strings.TrimSuffix(relayURL, "/")) + if err != nil { + return "", false + } + + found, err := url.Parse(strings.TrimSuffix(event.Tags.GetFirst([]string{"relay", ""}).Value(), "/")) + if err != nil { + return "", false + } + + if expected.Scheme != found.Scheme || + expected.Host != found.Host || + expected.Path != found.Path { return "", false - } else { - if expected.Scheme != found.Scheme || - expected.Host != found.Host || - expected.Path != found.Path { - return "", false - } } return event.PubKey, true From 839154da5a1d8fe01ad261234a4dacc0b3d792e1 Mon Sep 17 00:00:00 2001 From: Liran Cohen Date: Wed, 18 Jan 2023 21:35:32 +0000 Subject: [PATCH 2/3] case insenstive for nip42 service url validation, some cleanup --- nip42/nip42.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/nip42/nip42.go b/nip42/nip42.go index 58016fa..767fe65 100644 --- a/nip42/nip42.go +++ b/nip42/nip42.go @@ -42,12 +42,20 @@ func ValidateAuthEvent(event *nostr.Event, challenge string, relayURL string) (p return "", false } - expected, err := url.Parse(strings.TrimSuffix(relayURL, "/")) + parseUrl := func(input string) (*url.URL, error) { + return url.Parse( + strings.ToLower( + strings.TrimSuffix(input, "/"), + ), + ) + } + + expected, err := parseUrl(relayURL) if err != nil { return "", false } - found, err := url.Parse(strings.TrimSuffix(event.Tags.GetFirst([]string{"relay", ""}).Value(), "/")) + found, err := parseUrl(event.Tags.GetFirst([]string{"relay", ""}).Value()) if err != nil { return "", false } From 455c7a23b6fa1c29e1d8fcdd6f68577132728032 Mon Sep 17 00:00:00 2001 From: Liran Cohen Date: Wed, 18 Jan 2023 21:38:46 +0000 Subject: [PATCH 3/3] nit - not necessary to be verbose --- nip42/nip42.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nip42/nip42.go b/nip42/nip42.go index 767fe65..793e421 100644 --- a/nip42/nip42.go +++ b/nip42/nip42.go @@ -26,7 +26,7 @@ func CreateUnsignedAuthEvent(challenge, pubkey, relayURL string) nostr.Event { // ValidateAuthEvent checks whether event is a valid NIP-42 event for given challenge and relayURL. // The result of the validation is encoded in the ok bool. func ValidateAuthEvent(event *nostr.Event, challenge string, relayURL string) (pubkey string, ok bool) { - if ok, _ := event.CheckSignature(); ok == false { + if ok, _ := event.CheckSignature(); !ok { return "", false } if event.Kind != 22242 {