delphi.market/server/auth/lnauth.go

82 lines
1.9 KiB
Go
Raw Normal View History

package auth
import (
"crypto/ecdsa"
"crypto/rand"
"encoding/hex"
"fmt"
"github.com/btcsuite/btcd/btcec/v2"
"github.com/btcsuite/btcutil/bech32"
2024-07-12 11:26:27 +00:00
"github.com/decred/dcrd/dcrec/secp256k1/v4"
"git.ekzyis.com/ekzyis/delphi.market/env"
)
2024-07-12 11:26:27 +00:00
type LnAuth struct {
K1 string
LNURL string
}
2024-07-12 11:26:27 +00:00
type LnAuthCallback struct {
K1 string `query:"k1"`
Sig string `query:"sig"`
Key string `query:"key"`
Action string `query:"action"`
}
2024-07-12 11:26:27 +00:00
func NewLnAuth(action string) (*LnAuth, error) {
var (
k1 = make([]byte, 32)
k1hex string
url []byte
bech32Url []byte
lnurl string
err error
)
if _, err := rand.Read(k1); err != nil {
return nil, fmt.Errorf("rand.Read error: %w", err)
}
2024-07-12 11:26:27 +00:00
k1hex = hex.EncodeToString(k1)
url = []byte(fmt.Sprintf("https://%s/api/lnauth/callback?tag=login&k1=%s&action=%s", env.PublicURL, k1hex, action))
if bech32Url, err = bech32.ConvertBits(url, 8, 5, true); err != nil {
return nil, fmt.Errorf("bech32.ConvertBits error: %w", err)
}
2024-07-12 11:26:27 +00:00
if lnurl, err = bech32.Encode("lnurl", bech32Url); err != nil {
return nil, fmt.Errorf("bech32.Encode error: %w", err)
}
2024-07-12 11:26:27 +00:00
return &LnAuth{k1hex, lnurl}, nil
}
2024-07-12 11:26:27 +00:00
func VerifyLNAuth(r *LnAuthCallback) (bool, error) {
var (
k1Bytes, sigBytes, keyBytes []byte
key *secp256k1.PublicKey
err error
)
if k1Bytes, err = hex.DecodeString(r.K1); err != nil {
return false, fmt.Errorf("k1 decode error: %w", err)
}
2024-07-12 11:26:27 +00:00
if sigBytes, err = hex.DecodeString(r.Sig); err != nil {
return false, fmt.Errorf("sig decode error: %w", err)
}
2024-07-12 11:26:27 +00:00
if keyBytes, err = hex.DecodeString(r.Key); err != nil {
return false, fmt.Errorf("key decode error: %w", err)
}
2024-07-12 11:26:27 +00:00
if key, err = btcec.ParsePubKey(keyBytes); err != nil {
return false, fmt.Errorf("key parse error: %w", err)
}
2024-07-12 11:26:27 +00:00
ecdsaKey := ecdsa.PublicKey{Curve: btcec.S256(), X: key.X(), Y: key.Y()}
return ecdsa.VerifyASN1(&ecdsaKey, k1Bytes, sigBytes), nil
}