I think nip42 is FINALLY working.

2025-09-10 07:58:57 -04:00
parent a3c8918491
commit 30473100b8
20 changed files with 2846 additions and 2194 deletions
--- a/src/bud04.c
+++ b/src/bud04.c
@@ -373,53 +373,15 @@ void handle_mirror_request(void) {
    const char* auth_header = getenv("HTTP_AUTHORIZATION");
    const char* expected_hash = NULL;
    const char* uploader_pubkey = NULL;
-    static char pubkey_buffer[256];
-    
+
    if (auth_header) {
-        // Use unified request validation system
-        nostr_request_t request = {
-            .operation = "upload",
-            .auth_header = auth_header,
-            .event = NULL,
-            .resource_hash = NULL,
-            .mime_type = NULL,
-            .file_size = 0,
-            .client_ip = getenv("REMOTE_ADDR"),
-            .app_context = NULL
-        };
-        
-        nostr_request_result_t result;
-        int auth_result = nostr_validate_request(&request, &result);
-        
-        if (auth_result != NOSTR_SUCCESS || !result.valid) {
-            const char* error_type = "authentication_failed";
-            const char* message = "Invalid authentication";
-            const char* details = result.reason[0] ? result.reason : "The provided authorization is invalid";
-            
-            // Provide more specific error messages based on the reason
-            if (strstr(result.reason, "whitelist")) {
-                error_type = "pubkey_not_whitelisted";
-                message = "Public key not authorized";
-            } else if (strstr(result.reason, "blacklist")) {
-                error_type = "access_denied";
-                message = "Access denied by policy";
-            }
-            
-            send_error_response(401, error_type, message, details);
-            log_request("PUT", "/mirror", "auth_failed", 401);
-            return;
-        }
-        
-        // Extract uploader pubkey from validation result
-        if (result.pubkey[0]) {
-            strncpy(pubkey_buffer, result.pubkey, sizeof(pubkey_buffer)-1);
-            pubkey_buffer[sizeof(pubkey_buffer)-1] = '\0';
-            uploader_pubkey = pubkey_buffer;
-        }
-        
-        // For mirror operations, we don't need to extract the expected hash here
-        // The unified validation system handles hash validation internally
-        // We just need the pubkey for metadata storage
+        // NOTE: Authorization validation now handled by centralized validation system in main.c
+        // This handler receives pre-validated requests, so if we reach here with auth_header,
+        // the authentication was already successful
+
+        // TODO: Extract uploader pubkey from centralized validation results
+        // For now, set a placeholder until integration is complete
+        uploader_pubkey = "authenticated_user";
    }
    
    // Download the blob