254 lines
7.7 KiB
JavaScript
254 lines
7.7 KiB
JavaScript
import Service, { inject as service } from '@ember/service';
|
|
import { tracked } from '@glimmer/tracking';
|
|
import {
|
|
ExtensionSigner,
|
|
NostrConnectSigner,
|
|
PrivateKeySigner,
|
|
} from 'applesauce-signers';
|
|
|
|
const STORAGE_KEY = 'marco:nostr_pubkey';
|
|
const STORAGE_KEY_TYPE = 'marco:nostr_signer_type'; // 'extension' | 'connect'
|
|
const STORAGE_KEY_CONNECT_LOCAL_KEY = 'marco:nostr_connect_local_key';
|
|
const STORAGE_KEY_CONNECT_REMOTE_PUBKEY = 'marco:nostr_connect_remote_pubkey';
|
|
const STORAGE_KEY_CONNECT_RELAY = 'marco:nostr_connect_relay';
|
|
|
|
export default class NostrAuthService extends Service {
|
|
@service nostrRelay;
|
|
|
|
@tracked pubkey = null;
|
|
@tracked signerType = null; // 'extension' or 'connect'
|
|
|
|
// Track NostrConnect state for the UI
|
|
@tracked connectStatus = null; // null | 'waiting' | 'connected'
|
|
@tracked connectUri = null; // For displaying a QR code if needed
|
|
|
|
_signerInstance = null;
|
|
|
|
constructor() {
|
|
super(...arguments);
|
|
const saved = localStorage.getItem(STORAGE_KEY);
|
|
const type = localStorage.getItem(STORAGE_KEY_TYPE);
|
|
if (saved) {
|
|
this.pubkey = saved;
|
|
this.signerType = type || 'extension';
|
|
this._verifyPubkey();
|
|
}
|
|
}
|
|
|
|
async _verifyPubkey() {
|
|
if (this.signerType === 'extension') {
|
|
if (typeof window.nostr === 'undefined') {
|
|
this.logout();
|
|
return;
|
|
}
|
|
try {
|
|
const signer = new ExtensionSigner();
|
|
const extensionPubkey = await signer.getPublicKey();
|
|
if (extensionPubkey !== this.pubkey) {
|
|
this.pubkey = extensionPubkey;
|
|
localStorage.setItem(STORAGE_KEY, this.pubkey);
|
|
}
|
|
} catch (e) {
|
|
console.warn('Failed to verify extension nostr pubkey, logging out', e);
|
|
this.logout();
|
|
}
|
|
} else if (this.signerType === 'connect') {
|
|
try {
|
|
await this._initConnectSigner();
|
|
} catch (e) {
|
|
console.warn('Failed to verify connect nostr pubkey, logging out', e);
|
|
this.logout();
|
|
}
|
|
}
|
|
}
|
|
|
|
get isConnected() {
|
|
return (
|
|
!!this.pubkey &&
|
|
(this.signerType === 'extension'
|
|
? typeof window.nostr !== 'undefined'
|
|
: true)
|
|
);
|
|
}
|
|
|
|
get signer() {
|
|
if (this._signerInstance) return this._signerInstance;
|
|
|
|
if (
|
|
this.signerType === 'extension' &&
|
|
typeof window.nostr !== 'undefined'
|
|
) {
|
|
return new ExtensionSigner();
|
|
}
|
|
|
|
if (this.signerType === 'connect') {
|
|
// Must be initialized async due to the connect handshakes
|
|
return null;
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
async login(type = 'extension') {
|
|
if (type === 'extension') {
|
|
if (typeof window.nostr === 'undefined') {
|
|
throw new Error('No NIP-07 Nostr extension found (e.g., Alby, nos2x).');
|
|
}
|
|
|
|
try {
|
|
this._signerInstance = new ExtensionSigner();
|
|
this.pubkey = await this._signerInstance.getPublicKey();
|
|
this.signerType = 'extension';
|
|
localStorage.setItem(STORAGE_KEY, this.pubkey);
|
|
localStorage.setItem(STORAGE_KEY_TYPE, 'extension');
|
|
return this.pubkey;
|
|
} catch (error) {
|
|
console.error('Failed to get public key from extension:', error);
|
|
throw error;
|
|
}
|
|
} else if (type === 'connect') {
|
|
this.connectStatus = 'waiting';
|
|
|
|
try {
|
|
// Generate or retrieve a local ephemeral keypair
|
|
let localKeyHex = localStorage.getItem(STORAGE_KEY_CONNECT_LOCAL_KEY);
|
|
let localSigner;
|
|
if (localKeyHex) {
|
|
localSigner = PrivateKeySigner.fromKey(localKeyHex);
|
|
} else {
|
|
localSigner = new PrivateKeySigner();
|
|
// Store the raw Uint8Array as hex string
|
|
localKeyHex = Array.from(localSigner.key)
|
|
.map((b) => b.toString(16).padStart(2, '0'))
|
|
.join('');
|
|
localStorage.setItem(STORAGE_KEY_CONNECT_LOCAL_KEY, localKeyHex);
|
|
}
|
|
|
|
// We use a specific relay for the connection handshake.
|
|
const relay = 'wss://relay.nsec.app';
|
|
localStorage.setItem(STORAGE_KEY_CONNECT_RELAY, relay);
|
|
|
|
this._signerInstance = new NostrConnectSigner({
|
|
pool: this.nostrRelay.pool,
|
|
relays: [relay],
|
|
signer: localSigner,
|
|
onAuth: async (url) => {
|
|
// NIP-46 auth callback. Normally the signer app does this natively via notification.
|
|
// But if it requires an explicit browser window:
|
|
if (
|
|
confirm(
|
|
`Your signer app requests authentication via a web page. Open it now?\n\nURL: ${url}`
|
|
)
|
|
) {
|
|
window.open(url, '_blank');
|
|
}
|
|
},
|
|
});
|
|
|
|
// Set the uri for display (e.g., to redirect via intent)
|
|
this.connectUri = this._signerInstance.getNostrConnectURI({
|
|
name: 'Marco',
|
|
url: window.location.origin,
|
|
description: 'A privacy-respecting maps application.',
|
|
icons: [],
|
|
});
|
|
|
|
// Trigger the deep link intent immediately for the user
|
|
window.location.href = this.connectUri;
|
|
|
|
// Start listening to the relay
|
|
await this._signerInstance.open();
|
|
|
|
// Wait for the remote signer to reply with their pubkey
|
|
await this._signerInstance.waitForSigner();
|
|
|
|
// Once connected, get the actual user pubkey
|
|
this.pubkey = await this._signerInstance.getPublicKey();
|
|
this.signerType = 'connect';
|
|
this.connectStatus = 'connected';
|
|
|
|
// Save connection state
|
|
localStorage.setItem(STORAGE_KEY, this.pubkey);
|
|
localStorage.setItem(STORAGE_KEY_TYPE, 'connect');
|
|
localStorage.setItem(
|
|
STORAGE_KEY_CONNECT_REMOTE_PUBKEY,
|
|
this._signerInstance.remote
|
|
);
|
|
|
|
return this.pubkey;
|
|
} catch (error) {
|
|
this.connectStatus = null;
|
|
console.error('Failed to connect via Nostr Connect:', error);
|
|
throw error;
|
|
}
|
|
}
|
|
}
|
|
|
|
async _initConnectSigner() {
|
|
const localKeyHex = localStorage.getItem(STORAGE_KEY_CONNECT_LOCAL_KEY);
|
|
const remotePubkey = localStorage.getItem(
|
|
STORAGE_KEY_CONNECT_REMOTE_PUBKEY
|
|
);
|
|
const relay =
|
|
localStorage.getItem(STORAGE_KEY_CONNECT_RELAY) || 'wss://relay.nsec.app';
|
|
|
|
if (!localKeyHex || !remotePubkey) {
|
|
throw new Error('Missing Nostr Connect local state.');
|
|
}
|
|
|
|
const localSigner = PrivateKeySigner.fromKey(localKeyHex);
|
|
|
|
this._signerInstance = new NostrConnectSigner({
|
|
pool: this.nostrRelay.pool,
|
|
relays: [relay],
|
|
signer: localSigner,
|
|
remote: remotePubkey,
|
|
onAuth: async (url) => {
|
|
if (
|
|
confirm(
|
|
`Your signer app requests authentication via a web page. Open it now?\n\nURL: ${url}`
|
|
)
|
|
) {
|
|
window.open(url, '_blank');
|
|
}
|
|
},
|
|
});
|
|
|
|
await this._signerInstance.open();
|
|
// Validate we can still get the pubkey from the remote signer
|
|
const pubkey = await this._signerInstance.getPublicKey();
|
|
if (pubkey !== this.pubkey) {
|
|
throw new Error('Remote signer pubkey mismatch');
|
|
}
|
|
}
|
|
|
|
async signEvent(event) {
|
|
if (!this.signer) {
|
|
throw new Error(
|
|
'Not connected or extension missing. Please connect Nostr again.'
|
|
);
|
|
}
|
|
return await this.signer.signEvent(event);
|
|
}
|
|
|
|
async logout() {
|
|
this.pubkey = null;
|
|
this.signerType = null;
|
|
this.connectStatus = null;
|
|
this.connectUri = null;
|
|
if (
|
|
this._signerInstance &&
|
|
typeof this._signerInstance.close === 'function'
|
|
) {
|
|
await this._signerInstance.close();
|
|
}
|
|
this._signerInstance = null;
|
|
|
|
localStorage.removeItem(STORAGE_KEY);
|
|
localStorage.removeItem(STORAGE_KEY_TYPE);
|
|
localStorage.removeItem(STORAGE_KEY_CONNECT_LOCAL_KEY);
|
|
localStorage.removeItem(STORAGE_KEY_CONNECT_REMOTE_PUBKEY);
|
|
localStorage.removeItem(STORAGE_KEY_CONNECT_RELAY);
|
|
}
|
|
}
|