Allow non-members to publish zap receipts for members

Improve strfry extras usage
2024-06-19 15:43:56 +02:00 · 2024-06-19 15:43:24 +02:00
4 changed files with 35 additions and 11 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -111,9 +111,7 @@ services:
    image: gitea.kosmos.org/kosmos/strfry-deno:1.1.1
    volumes:
      - ./docker/strfry/strfry.conf:/etc/strfry.conf
-      - ./extras/strfry/ldap-policy.ts:/opt/ldap-policy.ts
-      - ./extras/strfry/strfry-policy.ts:/opt/strfry-policy.ts
-      - ./extras/strfry/strfry-sync.ts:/opt/strfry-sync.ts
+      - ./extras/strfry:/opt/strfry
      - strfry-data:/var/lib/strfry
    networks:
      - external_network
--- a/docker/strfry/strfry.conf
+++ b/docker/strfry/strfry.conf
@ -86,7 +86,7 @@ relay {

    writePolicy {
        # If non-empty, path to an executable script that implements the writePolicy plugin logic
-        plugin = "/opt/strfry-policy.ts"
+        plugin = "/opt/strfry/strfry-policy.ts"
    }

    compression {
--- a/extras/strfry/deno.json
+++ b/extras/strfry/deno.json
@ -0,0 +1,5 @@
+{
+  "imports": {
+    "@nostr/tools": "jsr:@nostr/tools@^2.3.1"
+  }
+}
--- a/extras/strfry/ldap-policy.ts
+++ b/extras/strfry/ldap-policy.ts
@ -1,5 +1,6 @@
 import type { Policy } from 'https://gitlab.com/soapbox-pub/strfry-policies/-/raw/develop/mod.ts';
 import { Client } from 'npm:ldapts';
+import { nip57 } from '@nostr/tools';

 interface LdapConfig {
  url: string;
@ -10,9 +11,34 @@ interface LdapConfig {

 const ldapPolicy: Policy<LdapConfig> = async (msg, opts) => {
  const client = new Client({ url: opts.url });
-  const { pubkey, kind, tags } = msg.event;
+  const { kind, tags } = msg.event;
+  let { pubkey } = msg.event;
  let out = { id: msg.event.id }

+  // Zap receipt
+  if (kind === 9735) {
+    let invalidRequest = false;
+    const descriptionTag = tags.find(([t, v]) => t === 'description' && v);
+    const invalidZapRequestMsg = 'Zap receipts must contain a valid zap request from a relay member';
+
+    if (typeof descriptionTag === 'undefined') {
+      out['action'] = 'reject';
+      out['msg'] = invalidZapRequestMsg;
+      return out;
+    }
+
+    const zapRequestJSON = descriptionTag[1];
+    const validationResult = nip57.validateZapRequest(zapRequestJSON);
+
+    if (validationResult === null) {
+      pubkey = JSON.parse(zapRequestJSON).pubkey;
+    } else {
+      out['action'] = 'reject';
+      out['msg'] = invalidZapRequestMsg;
+      return out;
+    }
+  }
+
  try {
    await client.bind(opts.bindDN, opts.password);

@ -20,14 +46,9 @@ const ldapPolicy: Policy<LdapConfig> = async (msg, opts) => {
      filter: `(nostrKey=${pubkey})`,
      attributes: ['nostrKey']
    });
-
    const memberKey = searchEntries[0]?.nostrKey;

-    const accepted = (memberKey === pubkey);
-    // TODO  if kind is 9735, check that "description" tag contains valid 9734 event,
-    // signed by memberKey and with "p" tag being the same as pubkey (receipt sender)
-
-    if (accepted) {
+    if (memberKey === pubkey) {
      out['action'] = 'accept';
      out['msg'] = '';
    } else {
Author	SHA1	Message	Date
Râu Cao	0daac33915	Allow non-members to publish zap receipts for members All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/pr Build is passing Details	2024-06-19 15:43:56 +02:00
Râu Cao	0e472bc311	Improve strfry extras usage	2024-06-19 15:43:24 +02:00