+nip98.unpackEventFromToken +nip98.validateEvent

nip98.test.ts

@@ -1,7 +1,5 @@
-import {base64} from '@scure/base'
+import {getToken, unpackEventFromToken, validateEvent, validateToken} from './nip98.ts'
-import {getToken, validateToken} from './nip98.ts'
 import {Event, Kind, finishEvent} from './event.ts'
-import {utf8Decoder} from './utils.ts'
 import {generatePrivateKey, getPublicKey} from './keys.ts'
 
 const sk = generatePrivateKey()
@@ -12,9 +10,7 @@ describe('getToken', () => {
       finishEvent(e, sk)
     )
 
-    const decodedResult: Event = JSON.parse(
+    const decodedResult: Event = await unpackEventFromToken(result)
-      utf8Decoder.decode(base64.decode(result))
-    )
 
     expect(decodedResult.created_at).toBeGreaterThan(0)
     expect(decodedResult.content).toBe('')
@@ -31,9 +27,7 @@ describe('getToken', () => {
       finishEvent(e, sk)
     )
 
-    const decodedResult: Event = JSON.parse(
+    const decodedResult: Event = await unpackEventFromToken(result)
-      utf8Decoder.decode(base64.decode(result))
-    )
 
     expect(decodedResult.created_at).toBeGreaterThan(0)
     expect(decodedResult.content).toBe('')
@@ -57,9 +51,7 @@ describe('getToken', () => {
 
     expect(result.startsWith(authorizationScheme)).toBe(true)
 
-    const decodedResult: Event = JSON.parse(
+    const decodedResult: Event = await unpackEventFromToken(result)
-      utf8Decoder.decode(base64.decode(result.replace(authorizationScheme, '')))
-    )
 
     expect(decodedResult.created_at).toBeGreaterThan(0)
     expect(decodedResult.content).toBe('')
@@ -136,4 +128,43 @@ describe('validateToken', () => {
     const result = validateToken(validToken, 'http://test.com', 'post')
     await expect(result).rejects.toThrow(Error)
   })
+
+  test('validateEvent returns true for valid decoded token with authorization scheme', async () => {
+    const validToken = await getToken(
+      'http://test.com',
+      'get',
+      e => finishEvent(e, sk),
+      true
+    )
+    const decodedResult: Event = await unpackEventFromToken(validToken)
+
+    const result = await validateEvent(decodedResult, 'http://test.com', 'get')
+    expect(result).toBe(true)
+  })
+
+  test('validateEvent throws an error for a wrong url', async () => {
+    const validToken = await getToken(
+      'http://test.com',
+      'get',
+      e => finishEvent(e, sk),
+      true
+    )
+    const decodedResult: Event = await unpackEventFromToken(validToken)
+
+    const result = validateEvent(decodedResult, 'http://wrong-test.com', 'get')
+    await expect(result).rejects.toThrow(Error)
+  })
+
+  test('validateEvent throws an error for a wrong method', async () => {
+    const validToken = await getToken(
+      'http://test.com',
+      'get',
+      e => finishEvent(e, sk),
+      true
+    )
+    const decodedResult: Event = await unpackEventFromToken(validToken)
+
+    const result = validateEvent(decodedResult, 'http://test.com', 'post')
+    await expect(result).rejects.toThrow(Error)
+  })
 })

nip98.ts

@@ -65,6 +65,13 @@ export async function validateToken(
   url: string,
   method: string
 ): Promise<boolean> {
+  const event = await unpackEventFromToken(token).catch((error) => { throw(error) })
+  const valid = await validateEvent(event, url, method).catch((error) => { throw(error) })
+
+  return valid
+}
+
+export async function unpackEventFromToken(token: string): Promise<Event> {
   if (!token) {
     throw new Error('Missing token')
   }
@@ -76,6 +83,15 @@ export async function validateToken(
   }
 
   const event = JSON.parse(eventB64) as Event
+
+  return event
+}
+
+export async function validateEvent(
+  event: Event,
+  url: string,
+  method: string
+): Promise<boolean> {
   if (!event) {
     throw new Error('Invalid nostr event')
   }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "nostr-tools",
-  "version": "1.14.0",
+  "version": "1.14.1",
   "description": "Tools for making a Nostr client.",
   "repository": {
     "type": "git",