implement auth, closed and close envelopes

pkg/encoders/envelopes/authenvelope/authenvelope.go

@@ -0,0 +1,227 @@
+// Package authenvelope defines the auth challenge (relay message) and response
+// (client message) of the NIP-42 authentication protocol.
+package authenvelope
+
+import (
+	"io"
+
+	"lol.mleku.dev/chk"
+	"lol.mleku.dev/errorf"
+	"lol.mleku.dev/log"
+	envs "next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/encoders/event"
+	text2 "next.orly.dev/pkg/encoders/text"
+	"next.orly.dev/pkg/interfaces/codec"
+)
+
+// L is the label associated with this type of codec.Envelope.
+const L = "AUTH"
+
+// Challenge is the relay-sent message containing a relay-chosen random string
+// to prevent replay attacks on NIP-42 authentication.
+type Challenge struct {
+	Challenge []byte
+}
+
+var _ codec.Envelope = (*Challenge)(nil)
+
+// NewChallenge creates a new empty authenvelope.Challenge.
+func NewChallenge() *Challenge { return &Challenge{} }
+
+// NewChallengeWith creates a new authenvelope.Challenge with provided bytes.
+func NewChallengeWith[V string | []byte](challenge V) *Challenge {
+	return &Challenge{[]byte(challenge)}
+}
+
+// Label returns the label of a authenvelope.Challenge.
+func (en *Challenge) Label() string { return L }
+
+// Write encodes and writes the Challenge instance to the provided writer.
+//
+// # Parameters
+//
+// - w (io.Writer): The destination where the encoded data will be written.
+//
+// # Return Values
+//
+// - err (error): An error if writing to the writer fails.
+//
+// # Expected behaviour
+//
+// Encodes the Challenge instance into a byte slice using Marshal, logs the
+// encoded challenge, and writes it to the provided io.Writer.
+func (en *Challenge) Write(w io.Writer) (err error) {
+	var b []byte
+	b = en.Marshal(b)
+	log.T.F("writing out challenge envelope: '%s'", b)
+	_, err = w.Write(b)
+	return
+}
+
+// Marshal encodes the Challenge instance into a byte slice, formatting it as
+// a JSON-like structure with a specific label and escaping rules applied to
+// its content.
+//
+// # Parameters
+//
+// - dst ([]byte): The destination buffer where the encoded data will be written.
+//
+// # Return Values
+//
+// - b ([]byte): The byte slice containing the encoded Challenge data.
+//
+// # Expected behaviour
+//
+// - Prepares the destination buffer and applies a label to it.
+//
+// - Escapes the challenge content according to Nostr-specific rules before
+// appending it to the output.
+//
+// - Returns the resulting byte slice with the complete encoded structure.
+func (en *Challenge) Marshal(dst []byte) (b []byte) {
+	b = dst
+	var err error
+	b = envs.Marshal(
+		b, L,
+		func(bst []byte) (o []byte) {
+			o = bst
+			o = append(o, '"')
+			o = text2.NostrEscape(o, en.Challenge)
+			o = append(o, '"')
+			return
+		},
+	)
+	_ = err
+	return
+}
+
+// Unmarshal parses the provided byte slice and extracts the challenge value,
+// leaving any remaining bytes after parsing.
+//
+// # Parameters
+//
+// - b ([]byte): The byte slice containing the encoded challenge data.
+//
+// # Return Values
+//
+// - r ([]byte): Any remaining bytes after parsing the challenge.
+//
+// - err (error): An error if parsing fails.
+//
+// # Expected behaviour
+//
+// - Extracts the quoted challenge string from the input byte slice.
+//
+// - Trims any trailing characters following the closing quote.
+func (en *Challenge) Unmarshal(b []byte) (r []byte, err error) {
+	r = b
+	if en.Challenge, r, err = text2.UnmarshalQuoted(r); chk.E(err) {
+		return
+	}
+	for ; len(r) >= 0; r = r[1:] {
+		if r[0] == ']' {
+			r = r[:0]
+			return
+		}
+	}
+	return
+}
+
+// ParseChallenge parses the provided byte slice into a new Challenge instance,
+// extracting the challenge value and returning any remaining bytes after parsing.
+//
+// # Parameters
+//
+// - b ([]byte): The byte slice containing the encoded challenge data.
+//
+// # Return Values
+//
+//   - t (*Challenge): A pointer to the newly created and populated Challenge
+//     instance.
+//
+// - rem ([]byte): Any remaining bytes in the input slice after parsing.
+//
+// - err (error): An error if parsing fails.
+//
+// # Expected behaviour
+//
+// Parses the byte slice into a new Challenge instance using Unmarshal,
+// returning any remaining bytes and an error if parsing fails.
+func ParseChallenge(b []byte) (t *Challenge, rem []byte, err error) {
+	t = NewChallenge()
+	if rem, err = t.Unmarshal(b); chk.E(err) {
+		return
+	}
+	return
+}
+
+// Response is a client-side envelope containing the signed event bearing the
+// relay's URL and Challenge string.
+type Response struct {
+	Event *event.E
+}
+
+var _ codec.Envelope = (*Response)(nil)
+
+// NewResponse creates a new empty Response.
+func NewResponse() *Response { return &Response{} }
+
+// NewResponseWith creates a new Response with a provided event.E.
+func NewResponseWith(event *event.E) *Response { return &Response{Event: event} }
+
+// Label returns the label of a auth Response envelope.
+func (en *Response) Label() string { return L }
+
+func (en *Response) Id() []byte { return en.Event.ID }
+
+// Write the Response to a provided io.Writer.
+func (en *Response) Write(w io.Writer) (err error) {
+	var b []byte
+	b = en.Marshal(b)
+	_, err = w.Write(b)
+	return
+}
+
+// Marshal a Response to minified JSON, appending to a provided destination
+// slice. Note that this ensures correct string escaping on the challenge field.
+func (en *Response) Marshal(dst []byte) (b []byte) {
+	var err error
+	if en == nil {
+		err = errorf.E("nil response")
+		return
+	}
+	if en.Event == nil {
+		err = errorf.E("nil event in response")
+		return
+	}
+	b = dst
+	b = envs.Marshal(b, L, en.Event.Marshal)
+	_ = err
+	return
+}
+
+// Unmarshal a Response from minified JSON, returning the remainder after the en
+// of the envelope. Note that this ensures the challenge string was correctly
+// escaped by NIP-01 escaping rules.
+func (en *Response) Unmarshal(b []byte) (r []byte, err error) {
+	r = b
+	// literally just unmarshal the event
+	en.Event = event.New()
+	if r, err = en.Event.Unmarshal(r); chk.E(err) {
+		return
+	}
+	if r, err = envs.SkipToTheEnd(r); chk.E(err) {
+		return
+	}
+	return
+}
+
+// ParseResponse reads a Response encoded in minified JSON and unpacks it to
+// the runtime format.
+func ParseResponse(b []byte) (t *Response, rem []byte, err error) {
+	t = NewResponse()
+	if rem, err = t.Unmarshal(b); chk.E(err) {
+		return
+	}
+	return
+}

pkg/encoders/envelopes/authenvelope/authenvelope_test.go

@@ -0,0 +1,86 @@
+package authenvelope
+
+import (
+	"testing"
+
+	"lol.mleku.dev/chk"
+	"next.orly.dev/pkg/crypto/p256k"
+	"next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/protocol/auth"
+	"next.orly.dev/pkg/utils"
+	"next.orly.dev/pkg/utils/bufpool"
+)
+
+const relayURL = "wss://example.com"
+
+func TestAuth(t *testing.T) {
+	var err error
+	signer := new(p256k.Signer)
+	if err = signer.Generate(); chk.E(err) {
+		t.Fatal(err)
+	}
+	for _ = range 1000 {
+		b1, b2, b3, b4 := bufpool.Get(), bufpool.Get(), bufpool.Get(), bufpool.Get()
+		ch := auth.GenerateChallenge()
+		chal := Challenge{Challenge: ch}
+		b1 = chal.Marshal(b1)
+		oChal := make([]byte, len(b1))
+		copy(oChal, b1)
+		var rem []byte
+		var l string
+		if l, b1, err = envelopes.Identify(b1); chk.E(err) {
+			t.Fatal(err)
+		}
+		if l != L {
+			t.Fatalf("invalid sentinel %s, expect %s", l, L)
+		}
+		c2 := NewChallenge()
+		if rem, err = c2.Unmarshal(b1); chk.E(err) {
+			t.Fatal(err)
+		}
+		if len(rem) != 0 {
+			t.Fatalf("remainder should be empty\n%s", rem)
+		}
+		if !utils.FastEqual(chal.Challenge, c2.Challenge) {
+			t.Fatalf(
+				"challenge mismatch\n%s\n%s",
+				chal.Challenge, c2.Challenge,
+			)
+		}
+		b2 = c2.Marshal(b2)
+		if !utils.FastEqual(oChal, b2) {
+			t.Fatalf("challenge mismatch\n%s\n%s", oChal, b2)
+		}
+		resp := Response{
+			Event: auth.CreateUnsigned(
+				signer.Pub(), ch,
+				relayURL,
+			),
+		}
+		if err = resp.Event.Sign(signer); chk.E(err) {
+			t.Fatal(err)
+		}
+		b3 = resp.Marshal(b3)
+		oResp := make([]byte, len(b3))
+		copy(oResp, b3)
+		if l, b3, err = envelopes.Identify(b3); chk.E(err) {
+			t.Fatal(err)
+		}
+		if l != L {
+			t.Fatalf("invalid sentinel %s, expect %s", l, L)
+		}
+		r2 := NewResponse()
+		if _, err = r2.Unmarshal(b3); chk.E(err) {
+			t.Fatal(err)
+		}
+		b4 = r2.Marshal(b4)
+		if !utils.FastEqual(oResp, b4) {
+			t.Fatalf("challenge mismatch\n%s\n%s", oResp, b4)
+		}
+		bufpool.Put(b1)
+		bufpool.Put(b2)
+		bufpool.Put(b3)
+		bufpool.Put(b4)
+		oChal, oResp = oChal[:0], oResp[:0]
+	}
+}

pkg/encoders/envelopes/closedenvelope/closedenvelope.go

@@ -0,0 +1,100 @@
+// Package closedenvelope defines the nostr message type CLOSED which is sent
+// from a relay to indicate the relay-side termination of a subscription or the
+// demand for authentication associated with a subscription.
+package closedenvelope
+
+import (
+	"io"
+
+	"lol.mleku.dev/chk"
+	"next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/encoders/text"
+	"next.orly.dev/pkg/interfaces/codec"
+)
+
+// L is the label associated with this type of codec.Envelope.
+const L = "CLOSED"
+
+// T is a CLOSED envelope, which is a signal that a subscription has been
+// stopped on the relay side for some reason. Primarily this is for auth and can
+// be for other things like rate limiting.
+type T struct {
+	Subscription []byte
+	Reason       []byte
+}
+
+var _ codec.Envelope = (*T)(nil)
+
+// New creates an empty new T.
+func New() *T {
+	return new(T)
+}
+
+// NewFrom creates a new closedenvelope.T populated with subscription ID and Reason.
+func NewFrom(id, msg []byte) *T {
+	return &T{
+		Subscription: id, Reason: msg,
+	}
+}
+
+// Label returns the label of a closedenvelope.T.
+func (en *T) Label() string { return L }
+
+// ReasonString returns the Reason in the form of a string.
+func (en *T) ReasonString() string { return string(en.Reason) }
+
+// Write the closedenvelope.T to a provided io.Writer.
+func (en *T) Write(w io.Writer) (err error) {
+	var b []byte
+	b = en.Marshal(b)
+	_, err = w.Write(b)
+	return
+}
+
+// Marshal a closedenvelope.T envelope in minified JSON, appending to a provided
+// destination slice. Note that this ensures correct string escaping on the
+// Reason field.
+func (en *T) Marshal(dst []byte) (b []byte) {
+	b = dst
+	b = envelopes.Marshal(
+		b, L,
+		func(bst []byte) (o []byte) {
+			o = bst
+			o = append(o, '"')
+			o = append(o, en.Subscription...)
+			o = append(o, '"')
+			o = append(o, ',')
+			o = append(o, '"')
+			o = text.NostrEscape(o, en.Reason)
+			o = append(o, '"')
+			return
+		},
+	)
+	return
+}
+
+// Unmarshal a closedenvelope.T from minified JSON, returning the remainder after the end
+// of the envelope. Note that this ensures the Reason string is correctly
+// unescaped by NIP-01 escaping rules.
+func (en *T) Unmarshal(b []byte) (r []byte, err error) {
+	r = b
+	if en.Subscription, r, err = text.UnmarshalQuoted(r); chk.E(err) {
+		return
+	}
+	if en.Reason, r, err = text.UnmarshalQuoted(r); chk.E(err) {
+		return
+	}
+	if r, err = envelopes.SkipToTheEnd(r); chk.E(err) {
+		return
+	}
+	return
+}
+
+// Parse reads a closedenvelope.T from minified JSON into a newly allocated closedenvelope.T.
+func Parse(b []byte) (t *T, rem []byte, err error) {
+	t = New()
+	if rem, err = t.Unmarshal(b); chk.E(err) {
+		return
+	}
+	return
+}

pkg/encoders/envelopes/closedenvelope/closedenvelope_test.go

@@ -0,0 +1,85 @@
+package closedenvelope
+
+import (
+	"fmt"
+	"math"
+	"testing"
+
+	"lol.mleku.dev/chk"
+	"next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/utils"
+	"next.orly.dev/pkg/utils/bufpool"
+
+	"lukechampine.com/frand"
+)
+
+var messages = [][]byte{
+	[]byte(""),
+	[]byte("pow: difficulty 25>=24"),
+	[]byte("duplicate: already have this event"),
+	[]byte("blocked: you are banned from posting here"),
+	[]byte("blocked: please register your pubkey at https://my-expensive-realy.example.com"),
+	[]byte("rate-limited: slow down there chief"),
+	[]byte("invalid: event creation date is too far off from the current time"),
+	[]byte("pow: difficulty 26 is less than 30"),
+	[]byte("error: could not connect to the database"),
+}
+
+func RandomMessage() []byte {
+	return messages[frand.Intn(len(messages)-1)]
+}
+
+func TestMarshalUnmarshal(t *testing.T) {
+	var err error
+	for _ = range 1000 {
+		rb, rb1, rb2 := bufpool.Get(), bufpool.Get(), bufpool.Get()
+		s := []byte(fmt.Sprintf("sub:%d", frand.Intn(math.MaxInt64)))
+		req := NewFrom(s, RandomMessage())
+		rb = req.Marshal(rb)
+		rb1 = append(rb1, rb...)
+		var rem []byte
+		var l string
+		if l, rb, err = envelopes.Identify(rb); chk.E(err) {
+			t.Fatal(err)
+		}
+		if l != L {
+			t.Fatalf("invalid sentinel %s, expect %s", l, L)
+		}
+		req2 := New()
+		if rem, err = req2.Unmarshal(rb); chk.E(err) {
+			t.Fatal(err)
+		}
+		// log.I.Ln(req2.ID)
+		if len(rem) > 0 {
+			t.Fatalf(
+				"unmarshal failed, remainder\n%d %s",
+				len(rem), rem,
+			)
+		}
+		rb2 = req2.Marshal(rb2)
+		if !utils.FastEqual(rb1, rb2) {
+			if len(rb1) != len(rb2) {
+				t.Fatalf(
+					"unmarshal failed, different lengths\n%d %s\n%d %s\n",
+					len(rb1), rb1, len(rb2), rb2,
+				)
+			}
+			for i := range rb1 {
+				if rb1[i] != rb2[i] {
+					t.Fatalf(
+						"unmarshal failed, difference at position %d\n%d %s\n%s\n%d %s\n%s\n",
+						i, len(rb1), rb1[:i], rb1[i:], len(rb2), rb2[:i],
+						rb2[i:],
+					)
+				}
+			}
+			t.Fatalf(
+				"unmarshal failed\n%d %s\n%d %s\n",
+				len(rb1), rb1, len(rb2), rb2,
+			)
+		}
+		bufpool.Put(rb1)
+		bufpool.Put(rb2)
+		bufpool.Put(rb)
+	}
+}

pkg/encoders/envelopes/closeenvelope/closeenvelope.go

@@ -0,0 +1,78 @@
+// Package closeenvelope provides the encoder for the client message CLOSE which
+// is a request to terminate a subscription.
+package closeenvelope
+
+import (
+	"io"
+
+	"lol.mleku.dev/chk"
+	"next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/encoders/text"
+	"next.orly.dev/pkg/interfaces/codec"
+)
+
+// L is the label associated with this type of codec.Envelope.
+const L = "CLOSE"
+
+// T is a CLOSE envelope, which is a signal from client to relay to stop a
+// specified subscription.
+type T struct {
+	ID []byte
+}
+
+var _ codec.Envelope = (*T)(nil)
+
+// New creates an empty new standard formatted closeenvelope.T.
+func New() *T { return new(T) }
+
+// NewFrom creates a new closeenvelope.T populated with subscription ID.
+func NewFrom(id []byte) *T { return &T{ID: id} }
+
+// Label returns the label of a closeenvelope.T.
+func (en *T) Label() string { return L }
+
+// Write the closeenvelope.T to a provided io.Writer.
+func (en *T) Write(w io.Writer) (err error) {
+	_, err = w.Write(en.Marshal(nil))
+	return
+}
+
+// Marshal a closeenvelope.T envelope in minified JSON, appending to a provided
+// destination slice.
+func (en *T) Marshal(dst []byte) (b []byte) {
+	b = dst
+	b = envelopes.Marshal(
+		b, L,
+		func(bst []byte) (o []byte) {
+			o = bst
+			o = append(o, '"')
+			o = append(o, en.ID...)
+			o = append(o, '"')
+			return
+		},
+	)
+	return
+}
+
+// Unmarshal a closeenvelope.T from minified JSON, returning the remainder after
+// the end of the envelope.
+func (en *T) Unmarshal(b []byte) (r []byte, err error) {
+	r = b
+	if en.ID, r, err = text.UnmarshalQuoted(r); chk.E(err) {
+		return
+	}
+	if r, err = envelopes.SkipToTheEnd(r); chk.E(err) {
+		return
+	}
+	return
+}
+
+// Parse reads a CLOSE envelope from minified JSON into a newly allocated
+// closeenvelope.T.
+func Parse(b []byte) (t *T, rem []byte, err error) {
+	t = New()
+	if rem, err = t.Unmarshal(b); chk.E(err) {
+		return
+	}
+	return
+}

pkg/encoders/envelopes/closeenvelope/closeenvelope_test.go

@@ -0,0 +1,68 @@
+package closeenvelope
+
+import (
+	"fmt"
+	"math"
+	"testing"
+
+	"lol.mleku.dev/chk"
+	"lukechampine.com/frand"
+	"next.orly.dev/pkg/encoders/envelopes"
+	"next.orly.dev/pkg/utils"
+	"next.orly.dev/pkg/utils/bufpool"
+)
+
+func TestMarshalUnmarshal(t *testing.T) {
+	var err error
+	for _ = range 1000 {
+		rb, rb1, rb2 := bufpool.Get(), bufpool.Get(), bufpool.Get()
+		s := []byte(fmt.Sprintf("sub:%d", frand.Intn(math.MaxInt64)))
+		req := NewFrom(s)
+		rb = req.Marshal(rb)
+		rb1 = append(rb1, rb...)
+		var rem []byte
+		var l string
+		if l, rb, err = envelopes.Identify(rb); chk.E(err) {
+			t.Fatal(err)
+		}
+		if l != L {
+			t.Fatalf("invalid sentinel %s, expect %s", l, L)
+		}
+		req2 := New()
+		if rem, err = req2.Unmarshal(rb); chk.E(err) {
+			t.Fatal(err)
+		}
+		// log.I.Ln(req2.ID)
+		if len(rem) > 0 {
+			t.Fatalf(
+				"unmarshal failed, remainder\n%d %s",
+				len(rem), rem,
+			)
+		}
+		rb2 = req2.Marshal(rb2)
+		if !utils.FastEqual(rb1, rb2) {
+			if len(rb1) != len(rb2) {
+				t.Fatalf(
+					"unmarshal failed, different lengths\n%d %s\n%d %s\n",
+					len(rb1), rb1, len(rb2), rb2,
+				)
+			}
+			for i := range rb1 {
+				if rb1[i] != rb2[i] {
+					t.Fatalf(
+						"unmarshal failed, difference at position %d\n%d %s\n%s\n%d %s\n%s\n",
+						i, len(rb1), rb1[:i], rb1[i:], len(rb2), rb2[:i],
+						rb2[i:],
+					)
+				}
+			}
+			t.Fatalf(
+				"unmarshal failed\n%d %s\n%d %s\n",
+				len(rb1), rb1, len(rb2), rb2,
+			)
+			bufpool.Put(rb1)
+			bufpool.Put(rb2)
+			bufpool.Put(rb)
+		}
+	}
+}

pkg/encoders/envelopes/doc.go

@@ -0,0 +1,3 @@
+// Package envelopes provides common functions for marshaling and identifying
+// nostr envelopes (JSON arrays containing protocol messages).
+package envelopes

pkg/encoders/envelopes/identify.go

@@ -0,0 +1,38 @@
+package envelopes
+
+// Identify handles determining what kind of codec.Envelope is, by the Label,
+// the first step in identifying the structure of the message. This first step
+// is not sufficient because the same labels are used on several codec.Envelope
+// types in the nostr specification. The rest of the context is in whether this
+// is a client or a relay receiving it.
+func Identify(b []byte) (t string, rem []byte, err error) {
+	var openBrackets, openQuotes, afterQuotes bool
+	var label []byte
+	rem = b
+	for ; len(rem) > 0; rem = rem[1:] {
+		if !openBrackets && rem[0] == '[' {
+			openBrackets = true
+		} else if openBrackets {
+			if !openQuotes && rem[0] == '"' {
+				openQuotes = true
+			} else if afterQuotes {
+				// return the remainder after the comma
+				if rem[0] == ',' {
+					rem = rem[1:]
+					return
+				}
+			} else if openQuotes {
+				for i := range rem {
+					if rem[i] == '"' {
+						label = rem[:i]
+						rem = rem[i:]
+						t = string(label)
+						afterQuotes = true
+						break
+					}
+				}
+			}
+		}
+	}
+	return
+}

pkg/encoders/envelopes/process.go

@@ -0,0 +1,41 @@
+package envelopes
+
+import (
+	"io"
+)
+
+// Marshaller is a function signature the same as the codec.JSON Marshal but
+// without the requirement of there being a full implementation or declared
+// receiver variable of this interface. Used here to encapsulate one or more
+// other data structures into an envelope.
+type Marshaller func(dst []byte) (b []byte)
+
+// Marshal is a parser for dynamic typed arrays like nosttr codec.Envelope
+// types.
+func Marshal(dst []byte, label string, m Marshaller) (b []byte) {
+	b = dst
+	b = append(b, '[', '"')
+	b = append(b, label...)
+	b = append(b, '"', ',')
+	b = m(b)
+	b = append(b, ']')
+	return
+}
+
+// SkipToTheEnd scans forward after all fields in an envelope have been read to
+// find the closing bracket.
+func SkipToTheEnd(dst []byte) (rem []byte, err error) {
+	if len(dst) == 0 {
+		return
+	}
+	rem = dst
+	// we have everything, just need to snip the end
+	for ; len(rem) > 0; rem = rem[1:] {
+		if rem[0] == ']' {
+			rem = rem[:0]
+			return
+		}
+	}
+	err = io.EOF
+	return
+}