hd-auth-wallet/lib/commands/authenticate-challenge.js

const persistence = require("../core/persistence/persistence");
const cryptoUtil = require("../core/cryptoUtil");

module.exports.description = "Sign a challenge to authenticate papao"

module.exports.builder = (yargs) => {
    return yargs
        // .usage(`Usage: $0 add-lock [options]`)
        .help(false)
        .version(false)
        .option('challenge', {
            describe: 'challenge that needs to be signed',
            type: 'string'
        })
        .option('url', {
            describe: 'override url belong to the service making the challenge',
            type: 'string'
        })
        .option('user-identifier', {
            describe: 'override user identifier which will be used to sign this challenge',
            type: 'string'
        })
        .demandOption(['challenge'])
        .argv;
}

module.exports.handler = (argv) => {
    const challenge = JSON.parse(argv.challenge);
    // TODO get userIdentifier and domainUrl from challenge 
    const loginRequest = JSON.parse(challenge.message);
    const url = argv.url || loginRequest.url;
    const userIdentifier = argv.userIdentifier || loginRequest.userIdentifier;
    persistence().LoadDB()
        .then(db => {
            console.log("Looking for");
            console.log("url: ", url);
            console.log("userIdentifier: ", userIdentifier);

            return db.Lock.findOne({
                where: {
                    url: url,
                    userIdentifier: userIdentifier
                },
                include: [
                    {
                        association: db.Lock.ExtendedPublicKey, 
                        require: true,
                        include: [
                            {
                                association: db.ExtendedPublicKey.Key, // TODO rename key to wallet
                                required: true
                            }
                        ]
                    }
                ]
            })
            .then(lock => {
                if(lock) {
                    // Sign the message with the key that corresponds with this lock...
                    const encryptedKey = lock.extendedPublicKey.key.encryptedPrivateKey;
                    const iv = lock.extendedPublicKey.key.iv;
                    const password = "vanished";
                    const walletXpriv = cryptoUtil.decrypt(encryptedKey, password, iv);
    
                    var challengeDerivationPath = `${lock.extendedPublicKey.derivationPath}/${challenge.derivationPath.split("c/")[1]}`;
                    
                    const signature = cryptoUtil.signMessage(walletXpriv, challengeDerivationPath, challenge.message)
                    console.log("Signature: ", signature.toString('hex'));
                } else {
                    console.error("Failed to find a lock with these parameters");
                }
            })
        })
}