Refactor Nostr settings/connect

* Use NIP-42 auth event instead of short text note * Verify event ID and signature using the nostr gem instead of custom code
2024-04-01 18:22:32 +03:00
parent d4e67a830c
commit 22d362e1a0
9 changed files with 77 additions and 67 deletions
--- a/spec/requests/settings_spec.rb
+++ b/spec/requests/settings_spec.rb
@@ -25,7 +25,7 @@ RSpec.describe "Settings", type: :request do

  describe "POST /settings/set_nostr_pubkey" do
    before do
-      session_stub = { shared_secret: "rMjWEmvcvtTlQkMd" }
+      session_stub = { shared_secret: "YMeTyOxIEJcfe6vd" }
      allow_any_instance_of(SettingsController).to receive(:session).and_return(session_stub)
    end

@@ -38,12 +38,13 @@ RSpec.describe "Settings", type: :request do

        post set_nostr_pubkey_settings_path, params: {
          signed_event: {
-            id: "84f266bbd784551aaa9e35cb0aceb4ee59182a1dab9ab279d9e40dd56ecbbdd3",
+            id: "7cc165c4fe4c9ec3f2b859cb422f01b38beaf6bbd228fea928ea1400ec254a89",
            pubkey: "07e188a1ff87ce171d517b8ed2bb7a31b1d3453a0db3b15379ec07b724d232f3",
-            created_at: 1678254161,
-            kind: 1,
-            content: "Connect my public key to mark@kosmos.org (confirmation rMjWEmvcvtTlQkMd)",
-            sig: "96796d420547d6e2c7be5de82a2ce7a48be99aac6415464a6081859ac1a9017305accc0228c630466a57d45ec1c3b456376eb538b76dfdaa2397e3258be02fdd"
+            created_at: 1711963922,
+            kind: 22242,
+            tags: [["site","accounts.kosmos.org"],["challenge","YMeTyOxIEJcfe6vd"]],
+            content: "",
+            sig: "b484a28cd9c92facca0eba80e8ef5303d25ed044c3815e3a068b9887f91d3546ad209a0dd674c59b48cf8057aecd75df5416973d17ed58f68195030af09c28d1"
          }
        }.to_json, headers: {
          "CONTENT_TYPE" => "application/json",
@@ -69,12 +70,13 @@ RSpec.describe "Settings", type: :request do

        post set_nostr_pubkey_settings_path, params: {
          signed_event: {
-            id: "84f266bbd784551aaa9e35cb0aceb4ee59182a1dab9ab279d9e40dd56ecbbdd3",
+            id: "7cc165c4fe4c9ec3f2b859cb422f01b38beaf6bbd228fea928ea1400ec254a89",
            pubkey: "07e188a1ff87ce171d517b8ed2bb7a31b1d3453a0db3b15379ec07b724d232f3",
-            created_at: 1678254161,
-            kind: 1,
-            content: "Connect my public key to mark@kosmos.org (confirmation rMjWEmvcvtTlQkMd)",
-            sig: "96796d420547d6e2c7be5de82a2ce7a48be99aac6415464a6081859ac1a9017305accc0228c630466a57d45ec1c3b456376eb538b76dfdaa2397e3258be02fdd"
+            created_at: 1711963922,
+            kind: 22242,
+            tags: [["site","accounts.kosmos.org"],["challenge","YMeTyOxIEJcfe6vd"]],
+            content: "",
+            sig: "b484a28cd9c92facca0eba80e8ef5303d25ed044c3815e3a068b9887f91d3546ad209a0dd674c59b48cf8057aecd75df5416973d17ed58f68195030af09c28d1"
          }
        }.to_json, headers: {
          "CONTENT_TYPE" => "application/json",
@@ -91,18 +93,20 @@ RSpec.describe "Settings", type: :request do
      end
    end

-    context "With wrong username" do
+    context "With wrong site tag" do
      before do
+        Setting.accounts_domain = "accounts.wikipedia.org"
        expect(LdapManager::UpdateNostrKey).not_to receive(:call)

        post set_nostr_pubkey_settings_path, params: {
          signed_event: {
-            id: "2e1e20ee762d6a5b5b30835eda9ca03146e4baf82490e53fd75794c08de08ac0",
+            id: "7cc165c4fe4c9ec3f2b859cb422f01b38beaf6bbd228fea928ea1400ec254a89",
            pubkey: "07e188a1ff87ce171d517b8ed2bb7a31b1d3453a0db3b15379ec07b724d232f3",
-            created_at: 1678255391,
-            kind: 1,
-            content: "Connect my public key to admin@kosmos.org (confirmation rMjWEmvcvtTlQkMd)",
-            sig: "2ace19c9db892ac6383848721a3e08b13d90d689fdeac60d9633a623d3f08eb7e0d468f1b3e928d1ea979477c2ec46ee6cdb2d053ef2e4ed3c0630a51d249029"
+            created_at: 1711963922,
+            kind: 22242,
+            tags: [["site","accounts.kosmos.org"],["challenge","YMeTyOxIEJcfe6vd"]],
+            content: "",
+            sig: "b484a28cd9c92facca0eba80e8ef5303d25ed044c3815e3a068b9887f91d3546ad209a0dd674c59b48cf8057aecd75df5416973d17ed58f68195030af09c28d1"
          }
        }.to_json, headers: {
          "CONTENT_TYPE" => "application/json",
@@ -110,6 +114,10 @@ RSpec.describe "Settings", type: :request do
        }
      end

+      after do
+        Setting.accounts_domain = "accounts.kosmos.org"
+      end
+
      it "returns a 422 status" do
        expect(response).to have_http_status(422)
      end
@@ -128,12 +136,13 @@ RSpec.describe "Settings", type: :request do

        post set_nostr_pubkey_settings_path, params: {
          signed_event: {
-            id: "84f266bbd784551aaa9e35cb0aceb4ee59182a1dab9ab279d9e40dd56ecbbdd3",
+            id: "7cc165c4fe4c9ec3f2b859cb422f01b38beaf6bbd228fea928ea1400ec254a89",
            pubkey: "07e188a1ff87ce171d517b8ed2bb7a31b1d3453a0db3b15379ec07b724d232f3",
-            created_at: 1678254161,
-            kind: 1,
-            content: "Connect my public key to mark@kosmos.org (confirmation rMjWEmvcvtTlQkMd)",
-            sig: "96796d420547d6e2c7be5de82a2ce7a48be99aac6415464a6081859ac1a9017305accc0228c630466a57d45ec1c3b456376eb538b76dfdaa2397e3258be02fdd"
+            created_at: 1711963922,
+            kind: 22242,
+            tags: [["site","accounts.kosmos.org"],["challenge","YMeTyOxIEJcfe6vd"]],
+            content: "",
+            sig: "b484a28cd9c92facca0eba80e8ef5303d25ed044c3815e3a068b9887f91d3546ad209a0dd674c59b48cf8057aecd75df5416973d17ed58f68195030af09c28d1"
          }
        }.to_json, headers: {
          "CONTENT_TYPE" => "application/json",