I think nip42 is FINALLY working.

tests/mirror_test_bud04.sh

@@ -1,17 +1,34 @@
 #!/bin/bash
 
 # Mirror Test Script for BUD-04
-# Tests the PUT /mirror endpoint with a sample PNG file
+# Tests the PUT /mirror endpoint with a sample PNG file and NIP-42 authentication
 
 # Test URL - PNG file with known SHA-256 hash
 TEST_URL="https://laantungir.github.io/img_repo/24308d48eb498b593e55a87b6300ccffdea8432babc0bb898b1eff21ebbb72de.png"
 EXPECTED_HASH="24308d48eb498b593e55a87b6300ccffdea8432babc0bb898b1eff21ebbb72de"
 
-echo "=== BUD-04 Mirror Endpoint Test ==="
+echo "=== BUD-04 Mirror Endpoint Test with Authentication ==="
 echo "Target URL: $TEST_URL"
 echo "Expected Hash: $EXPECTED_HASH"
 echo ""
 
+# Get a fresh challenge from the server
+echo "=== Getting Authentication Challenge ==="
+challenge=$(curl -s "http://localhost:9001/auth" | jq -r '.challenge')
+if [ "$challenge" = "null" ] || [ -z "$challenge" ]; then
+    echo "❌ Failed to get challenge from server"
+    exit 1
+fi
+echo "Challenge: $challenge"
+
+# Create NIP-42 auth event (kind 22242) with challenge using hex private key
+TEST_USER_PRIVKEY="0000000000000000000000000000000000000000000000000000000000000001"
+expiration=$(date -d "+3600 seconds" +%s)
+event=$(nak event -k 22242 --tag "relay=ginxsom" --tag "challenge=$challenge" --tag "expiration=$expiration" --sec "$TEST_USER_PRIVKEY")
+auth_header="Nostr $(echo "$event" | base64 -w 0)"
+echo "Created NIP-42 auth event"
+echo ""
+
 # Create JSON request body
 JSON_BODY=$(cat <<EOF
 {
@@ -24,10 +41,11 @@ echo "Request Body:"
 echo "$JSON_BODY"
 echo ""
 
-# Make the mirror request
-echo "=== Making Mirror Request ==="
+# Make the mirror request with authentication
+echo "=== Making Authenticated Mirror Request ==="
 RESPONSE=$(curl -s -w "\nHTTP_CODE:%{http_code}\n" \
   -X PUT \
+  -H "Authorization: $auth_header" \
   -H "Content-Type: application/json" \
   -d "$JSON_BODY" \
   http://localhost:9001/mirror)