Merge pull request #5 from 398ja/develop

develop

Author: tcheeric

nsecbunker-account/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-account</artifactId>

nsecbunker-admin/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-admin</artifactId>

nsecbunker-admin/src/main/java/xyz/tcheeric/nsecbunker/admin/key/DefaultKeyManager.java

@@ -58,20 +58,22 @@ public DefaultKeyManager(NsecBunkerAdminClient adminClient, ObjectMapper objectM
     @Override
     public CompletableFuture<BunkerKey> createKey(String name, String nsec, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
         if (nsec == null || nsec.isBlank()) {
             throw new IllegalArgumentException("nsec must not be null or blank");
         }
 
-        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, passphrase, nsec), name);
+        // Empty passphrase is allowed - nsecbunkerd will store the key unencrypted
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, normalizedPassphrase, nsec), name);
     }
 
     @Override
     public CompletableFuture<BunkerKey> createKey(String name, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
 
-        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, passphrase), name);
+        // Empty passphrase is allowed - nsecbunkerd will store the key unencrypted
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_CREATE_NEW_KEY, List.of(name, normalizedPassphrase), name);
     }
 
     @Override
@@ -83,9 +85,10 @@ public CompletableFuture<List<BunkerKey>> listKeys() {
     @Override
     public CompletableFuture<Boolean> unlockKey(String name, String passphrase) {
         validateName(name);
-        requirePassphrase(passphrase);
 
-        return sendForResult(METHOD_UNLOCK_KEY, List.of(name, passphrase), "unlock key " + name)
+        // Empty passphrase is allowed - for keys stored without encryption
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForResult(METHOD_UNLOCK_KEY, List.of(name, normalizedPassphrase), "unlock key " + name)
                 .thenApply(ignored -> Boolean.TRUE);
     }
 
@@ -108,9 +111,9 @@ public CompletableFuture<BunkerKey> getKeyDetails(String name) {
     public CompletableFuture<BunkerKey> rotateKey(String oldName, String newName, String passphrase) {
         validateName(oldName);
         validateName(newName);
-        requirePassphrase(passphrase);
 
-        return sendForKey(METHOD_ROTATE_KEY, List.of(oldName, newName, passphrase), newName);
+        String normalizedPassphrase = normalizePassphrase(passphrase);
+        return sendForKey(METHOD_ROTATE_KEY, List.of(oldName, newName, normalizedPassphrase), newName);
     }
 
     private CompletableFuture<String> sendForResult(String method, List<String> params, String description) {
@@ -185,9 +188,14 @@ private void validateName(String name) {
         }
     }
 
-    private void requirePassphrase(String passphrase) {
-        if (passphrase == null || passphrase.isBlank()) {
-            throw new IllegalArgumentException("Passphrase must not be null or blank");
-        }
+    /**
+     * Normalizes a passphrase to an empty string if null or blank.
+     * This allows creating/unlocking keys without encryption.
+     *
+     * @param passphrase the passphrase to normalize
+     * @return the passphrase or empty string if null/blank
+     */
+    private String normalizePassphrase(String passphrase) {
+        return passphrase != null && !passphrase.isBlank() ? passphrase : "";
     }
 }

nsecbunker-admin/src/test/java/xyz/tcheeric/nsecbunker/admin/key/DefaultKeyManagerTest.java

@@ -213,6 +213,45 @@ void shouldRotateKey() throws Exception {
         assertThat(request.getParams()).containsExactlyElementsOf(List.of("cashu-old", "cashu-rotated", TEST_PASSPHRASE));
     }
 
+    /**
+     * Ensures creating a key with null passphrase normalizes it to empty string.
+     */
+    @Test
+    void shouldCreateKeyWithNullPassphraseNormalizedToEmpty() {
+        // Arrange
+        String npub = "npub1nopwd";
+        ArgumentCaptor<Nip46Request> requestCaptor = ArgumentCaptor.forClass(Nip46Request.class);
+        when(adminClient.sendRequest(requestCaptor.capture()))
+                .thenReturn(CompletableFuture.completedFuture(Nip46Response.success("1", npub)));
+
+        // Act
+        BunkerKey result = keyManager.createKey("key-no-passphrase", null).join();
+
+        // Assert
+        assertThat(result.getName()).isEqualTo("key-no-passphrase");
+        Nip46Request request = requestCaptor.getValue();
+        assertThat(request.getParams()).containsExactlyElementsOf(List.of("key-no-passphrase", ""));
+    }
+
+    /**
+     * Ensures unlocking a key with null passphrase normalizes it to empty string.
+     */
+    @Test
+    void shouldUnlockKeyWithNullPassphraseNormalizedToEmpty() {
+        // Arrange
+        ArgumentCaptor<Nip46Request> requestCaptor = ArgumentCaptor.forClass(Nip46Request.class);
+        when(adminClient.sendRequest(requestCaptor.capture()))
+                .thenReturn(CompletableFuture.completedFuture(Nip46Response.success("1", "ok")));
+
+        // Act
+        boolean result = keyManager.unlockKey("key-unencrypted", null).join();
+
+        // Assert
+        assertThat(result).isTrue();
+        Nip46Request request = requestCaptor.getValue();
+        assertThat(request.getParams()).containsExactlyElementsOf(List.of("key-unencrypted", ""));
+    }
+
     /**
      * Ensures NIP-46 errors are surfaced as AdminException through the future.
      */

nsecbunker-client/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-client</artifactId>

nsecbunker-connection/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-connection</artifactId>

nsecbunker-core/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-core</artifactId>

nsecbunker-monitoring/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-monitoring</artifactId>

nsecbunker-protocol/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-protocol</artifactId>

nsecbunker-spring-boot-starter/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>xyz.tcheeric</groupId>
         <artifactId>nsecbunker-java</artifactId>
-        <version>0.1.0</version>
+        <version>0.1.1</version>
     </parent>
 
     <artifactId>nsecbunker-spring-boot-starter</artifactId>