From 0daac33915f827494feb4a5d6bb9ba5d49e6b904 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A2u=20Cao?= <raucao@kosmos.org>
Date: Wed, 19 Jun 2024 15:43:56 +0200
Subject: [PATCH] Allow non-members to publish zap receipts for members

---
 extras/strfry/deno.json      |  5 +++++
 extras/strfry/ldap-policy.ts | 35 ++++++++++++++++++++++++++++-------
 2 files changed, 33 insertions(+), 7 deletions(-)
 create mode 100644 extras/strfry/deno.json

diff --git a/extras/strfry/deno.json b/extras/strfry/deno.json
new file mode 100644
index 0000000..1630812
--- /dev/null
+++ b/extras/strfry/deno.json
@@ -0,0 +1,5 @@
+{
+  "imports": {
+    "@nostr/tools": "jsr:@nostr/tools@^2.3.1"
+  }
+}
diff --git a/extras/strfry/ldap-policy.ts b/extras/strfry/ldap-policy.ts
index a200639..1798ef6 100644
--- a/extras/strfry/ldap-policy.ts
+++ b/extras/strfry/ldap-policy.ts
@@ -1,5 +1,6 @@
 import type { Policy } from 'https://gitlab.com/soapbox-pub/strfry-policies/-/raw/develop/mod.ts';
 import { Client } from 'npm:ldapts';
+import { nip57 } from '@nostr/tools';
 
 interface LdapConfig {
   url: string;
@@ -10,9 +11,34 @@ interface LdapConfig {
 
 const ldapPolicy: Policy<LdapConfig> = async (msg, opts) => {
   const client = new Client({ url: opts.url });
-  const { pubkey, kind, tags } = msg.event;
+  const { kind, tags } = msg.event;
+  let { pubkey } = msg.event;
   let out = { id: msg.event.id }
 
+  // Zap receipt
+  if (kind === 9735) {
+    let invalidRequest = false;
+    const descriptionTag = tags.find(([t, v]) => t === 'description' && v);
+    const invalidZapRequestMsg = 'Zap receipts must contain a valid zap request from a relay member';
+
+    if (typeof descriptionTag === 'undefined') {
+      out['action'] = 'reject';
+      out['msg'] = invalidZapRequestMsg;
+      return out;
+    }
+
+    const zapRequestJSON = descriptionTag[1];
+    const validationResult = nip57.validateZapRequest(zapRequestJSON);
+
+    if (validationResult === null) {
+      pubkey = JSON.parse(zapRequestJSON).pubkey;
+    } else {
+      out['action'] = 'reject';
+      out['msg'] = invalidZapRequestMsg;
+      return out;
+    }
+  }
+
   try {
     await client.bind(opts.bindDN, opts.password);
 
@@ -20,14 +46,9 @@ const ldapPolicy: Policy<LdapConfig> = async (msg, opts) => {
       filter: `(nostrKey=${pubkey})`,
       attributes: ['nostrKey']
     });
-
     const memberKey = searchEntries[0]?.nostrKey;
 
-    const accepted = (memberKey === pubkey);
-    // TODO  if kind is 9735, check that "description" tag contains valid 9734 event,
-    // signed by memberKey and with "p" tag being the same as pubkey (receipt sender)
-
-    if (accepted) {
+    if (memberKey === pubkey) {
       out['action'] = 'accept';
       out['msg'] = '';
     } else {