Merge pull request #10 from nostrband/develop

Start OAuth-flow support by sending authUrl replies
2024-02-06 09:55:49 +03:00 · 2024-02-06 09:55:49 +03:00 · d3ab9174e1
commit d3ab9174e1
parent 8faccc383b fa4c5d3532
6 changed files with 32 additions and 10 deletions
--- a/.env
+++ b/.env
@ -4,4 +4,5 @@ REACT_APP_WEB_PUSH_PUBKEY=BNW_39YcKbV4KunFxFhvMW5JUs8AljfFnGUeZpaerO-gwCoWyQat5o
 #REACT_APP_NOAUTHD_URL=http://localhost:8000
 REACT_APP_NOAUTHD_URL=https://noauthd.nsec.app
 REACT_APP_DOMAIN=nsec.app
+REACT_APP_APP_DOMAIN=use.nsec.app
 REACT_APP_RELAY=wss://relay.nsec.app
--- a/package-lock.json
+++ b/package-lock.json
@ -13,7 +13,7 @@
 				"@hookform/resolvers": "^3.3.4",
 				"@mui/icons-material": "^5.14.19",
 				"@mui/material": "^5.14.20",
-				"@nostr-dev-kit/ndk": "^2.0.5",
+				"@nostr-dev-kit/ndk": "^2.4.0",
 				"@reduxjs/toolkit": "^2.0.1",
 				"@testing-library/jest-dom": "^5.17.0",
 				"@testing-library/react": "^13.4.0",
@ -3552,9 +3552,9 @@
 			}
 		},
 		"node_modules/@nostr-dev-kit/ndk": {
-			"version": "2.1.1",
-			"resolved": "https://registry.npmjs.org/@nostr-dev-kit/ndk/-/ndk-2.1.1.tgz",
-			"integrity": "sha512-sMD4re3QVpSVMzoyvJAFiftPxJBXkhjRInrK5DcjhSkkPTlJhI+oiVXCpcvCJ3PHT5PilhDgKkg3LyOvv135UQ==",
+			"version": "2.4.0",
+			"resolved": "https://registry.npmjs.org/@nostr-dev-kit/ndk/-/ndk-2.4.0.tgz",
+			"integrity": "sha512-IdL6F/o0p1oVmII6om5ErJ+LarO2hjbRoqYfz8DlSBWVNT/uAx/GdtlJG0qlAdg5PPzDyf3Unrk0Pi/WermVjw==",
 			"dependencies": {
 				"@noble/hashes": "^1.3.1",
 				"@noble/secp256k1": "^2.0.0",
@ -20689,9 +20689,9 @@
 			}
 		},
 		"@nostr-dev-kit/ndk": {
-			"version": "2.1.1",
-			"resolved": "https://registry.npmjs.org/@nostr-dev-kit/ndk/-/ndk-2.1.1.tgz",
-			"integrity": "sha512-sMD4re3QVpSVMzoyvJAFiftPxJBXkhjRInrK5DcjhSkkPTlJhI+oiVXCpcvCJ3PHT5PilhDgKkg3LyOvv135UQ==",
+			"version": "2.4.0",
+			"resolved": "https://registry.npmjs.org/@nostr-dev-kit/ndk/-/ndk-2.4.0.tgz",
+			"integrity": "sha512-IdL6F/o0p1oVmII6om5ErJ+LarO2hjbRoqYfz8DlSBWVNT/uAx/GdtlJG0qlAdg5PPzDyf3Unrk0Pi/WermVjw==",
 			"requires": {
 				"@noble/hashes": "^1.3.1",
 				"@noble/secp256k1": "^2.0.0",
--- a/package.json
+++ b/package.json
@ -8,7 +8,7 @@
 		"@hookform/resolvers": "^3.3.4",
 		"@mui/icons-material": "^5.14.19",
 		"@mui/material": "^5.14.20",
-		"@nostr-dev-kit/ndk": "^2.0.5",
+		"@nostr-dev-kit/ndk": "^2.4.0",
 		"@reduxjs/toolkit": "^2.0.1",
 		"@testing-library/jest-dom": "^5.17.0",
 		"@testing-library/react": "^13.4.0",
--- a/src/modules/backend.ts
+++ b/src/modules/backend.ts
@ -8,7 +8,7 @@ import NDK, {
 	NDKPrivateKeySigner,
 	NDKSigner,
 } from '@nostr-dev-kit/ndk'
-import { NOAUTHD_URL, WEB_PUSH_PUBKEY, NIP46_RELAYS, MIN_POW, MAX_POW } from '../utils/consts'
+import { NOAUTHD_URL, WEB_PUSH_PUBKEY, NIP46_RELAYS, MIN_POW, MAX_POW, KIND_RPC, APP_DOMAIN } from '../utils/consts'
 import { Nip04 } from './nip04'
 import { getReqPerm, getShortenNpub, isPackagePerm } from '@/utils/helpers/helpers'
 import { NostrPowEvent, minePow } from './pow'
@ -37,6 +37,7 @@ interface Pending {
 }

 interface IAllowCallbackParams {
+	backend: NDKNip46Backend
 	npub: string
 	id: string
 	method: string
@ -89,17 +90,20 @@ class Nip04KeyHandlingStrategy implements IEventHandlingStrategy {
 }

 class EventHandlingStrategyWrapper implements IEventHandlingStrategy {
+	readonly backend: NDKNip46Backend
 	readonly npub: string
 	readonly method: string
 	private body: IEventHandlingStrategy
 	private allowCb: (params: IAllowCallbackParams) => Promise<boolean>

 	constructor(
+		backend: NDKNip46Backend,
 		npub: string,
 		method: string,
 		body: IEventHandlingStrategy,
 		allowCb: (params: IAllowCallbackParams) => Promise<boolean>,
 	) {
+		this.backend = backend
 		this.npub = npub
 		this.method = method
 		this.body = body
@ -119,6 +123,7 @@ class EventHandlingStrategyWrapper implements IEventHandlingStrategy {
 			params,
 		})
 		const allow = await this.allowCb({
+			backend: this.backend,
 			npub: this.npub,
 			id,
 			method: this.method,
@ -579,6 +584,7 @@ export class NoauthBackend {
 	}

 	private async allowPermitCallback({
+		backend,
 		npub,
 		id,
 		method,
@ -720,6 +726,11 @@ export class NoauthBackend {
 						onAllow(true, allow, remember, options),
 				})

+				// OAuth flow
+				const confirmMethod = method === 'connect' ? 'confirm-connect' : 'confirm-event'
+				const authUrl = `https://${APP_DOMAIN}/key/${npub}?${confirmMethod}=true&appNpub=${appNpub}&reqId=${id}`
+				backend.rpc.sendResponse(id, remotePubkey, 'auth_url', KIND_RPC, authUrl)
+
 				// show notifs
 				this.notify()

@ -758,6 +769,7 @@ export class NoauthBackend {
 		// assign our own permission callback
 		for (const method in backend.handlers) {
 			backend.handlers[method] = new EventHandlingStrategyWrapper(
+				backend,
 				npub,
 				method,
 				backend.handlers[method],
--- a/src/pages/KeyPage/Key.Page.tsx
+++ b/src/pages/KeyPage/Key.Page.tsx
@ -32,7 +32,13 @@ const KeyPage = () => {
 		useBackgroundSigning()

 	const key = keys.find(k => k.npub === npub)
-	const username = key?.name ? `${key?.name}@${DOMAIN}` : ''
+	let username = ''
+	if (key?.name) {
+		if (key.name.includes('@'))
+			username = key.name
+		else
+			username = `${key?.name}@${DOMAIN}`
+	} 

 	const filteredApps = apps.filter((a) => a.npub === npub)
 	const { prepareEventPendings } = useTriggerConfirmModal(
--- a/src/utils/consts.ts
+++ b/src/utils/consts.ts
@ -1,12 +1,15 @@
 export const NOAUTHD_URL = process.env.REACT_APP_NOAUTHD_URL
 export const WEB_PUSH_PUBKEY = process.env.REACT_APP_WEB_PUSH_PUBKEY
 export const DOMAIN = process.env.REACT_APP_DOMAIN
+export const APP_DOMAIN = process.env.REACT_APP_APP_DOMAIN
 export const RELAY = process.env.REACT_APP_RELAY || 'wss://relay.nsec.app'
 export const NIP46_RELAYS = [RELAY]

 export const MIN_POW = 14
 export const MAX_POW = 19

+export const KIND_RPC = 24133
+
 export enum ACTION_TYPE {
 	BASIC = 'basic',
 	ADVANCED = 'advanced',