From 00fab0266912644d857359619447c3bafd947302 Mon Sep 17 00:00:00 2001
From: Pierre Troger <pierre@narval.xyz>
Date: Thu, 28 Mar 2024 15:12:54 -0400
Subject: [PATCH] validate takes an object for clarity

---
 packages/signature/src/lib/utils.ts    |  6 +++++-
 packages/signature/src/lib/validate.ts | 12 +++++++++--
 packages/signature/src/lib/verify.ts   | 28 +++++++-------------------
 3 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/packages/signature/src/lib/utils.ts b/packages/signature/src/lib/utils.ts
index 907e1800f..81d56f77e 100644
--- a/packages/signature/src/lib/utils.ts
+++ b/packages/signature/src/lib/utils.ts
@@ -181,7 +181,11 @@ const generateRsaPrivateKey = async (
   }
   jwk.kid = opts.keyId || rsaKeyToKid(jwk)
 
-  const pk = validate<RsaPrivateKey>(rsaPrivateKeySchema, jwk, 'Invalid RSA Private Key JWK')
+  const pk = validate<RsaPrivateKey>({
+    schema: rsaPrivateKeySchema,
+    jwk,
+    errorMessage: 'Invalid RSA Private Key'
+  })
   return pk
 }
 
diff --git a/packages/signature/src/lib/validate.ts b/packages/signature/src/lib/validate.ts
index fb0735aa0..e7fa5df55 100644
--- a/packages/signature/src/lib/validate.ts
+++ b/packages/signature/src/lib/validate.ts
@@ -2,12 +2,20 @@ import { ZodSchema } from 'zod'
 import { JwtError } from './error'
 import { Jwk } from './types'
 
-export function validate<T>(schema: ZodSchema<T>, jwk: Jwk, errorMessage: string = 'Validation failed') {
+export function validate<T>({
+  schema,
+  jwk,
+  errorMessage,
+}: {
+  schema: ZodSchema<T>
+  jwk: Jwk
+  errorMessage?: string
+}) {
   return (function validate(input: Jwk): T {
     const result = schema.safeParse(input)
     if (!result.success) {
       throw new JwtError({
-        message: errorMessage,
+        message: errorMessage || 'Invalid JWK',
         context: { errors: result.error.flatten().fieldErrors }
       })
     }
diff --git a/packages/signature/src/lib/verify.ts b/packages/signature/src/lib/verify.ts
index 178d8ad10..b0ea4a2aa 100644
--- a/packages/signature/src/lib/verify.ts
+++ b/packages/signature/src/lib/verify.ts
@@ -1,12 +1,12 @@
 import { secp256k1 } from '@noble/curves/secp256k1'
 import { importJWK, jwtVerify } from 'jose'
 import { isAddressEqual, recoverAddress } from 'viem'
-import { decode, decodeJwsd } from './decode'
+import { decode } from './decode'
 import { JwtError } from './error'
 import { publicKeySchema } from './schemas'
 import { eip191Hash } from './sign'
 import { isSepc256k1PublicKeyJwk } from './typeguards'
-import { Alg, EoaPublicKey, Hex, Jwk, Jwsd, Jwt, Payload, PublicKey, Secp256k1PublicKey, SigningAlg } from './types'
+import { Alg, EoaPublicKey, Hex, Jwk, Jwt, Payload, PublicKey, Secp256k1PublicKey, SigningAlg } from './types'
 import { base64UrlToHex, secp256k1PublicKeyToHex } from './utils'
 import { validate } from './validate'
 
@@ -79,7 +79,11 @@ export const verifyEip191 = async (jwt: string, jwk: PublicKey): Promise<boolean
 
 export async function verifyJwt(jwt: string, jwk: Jwk): Promise<Jwt> {
   const { header, payload, signature } = decode(jwt)
-  const key = validate<PublicKey>(publicKeySchema, jwk, 'Invalid Public Key JWK')
+  const key = validate<PublicKey>({
+    schema: publicKeySchema,
+    jwk,
+    errorMessage: 'Invalid public key'
+  })
 
   if (header.alg === SigningAlg.EIP191) {
     await verifyEip191(jwt, key)
@@ -99,21 +103,3 @@ export async function verifyJwt(jwt: string, jwk: Jwk): Promise<Jwt> {
     signature
   }
 }
-
-export async function verifyJwsd(jws: string, jwk: PublicKey): Promise<Jwsd> {
-  const { header, payload, signature } = decodeJwsd(jws)
-
-  if (header.alg === SigningAlg.EIP191) {
-    await verifyEip191(jws, jwk)
-  } else {
-    // TODO: Implement other algs individually without jose
-    const joseJwk = await importJWK(jwk)
-    await jwtVerify(jws, joseJwk)
-  }
-
-  return {
-    header,
-    payload,
-    signature
-  }
-}