Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrSecretNotFound is an error returned when we attempt to retrieve a // secret by its key but it is not found. ErrSecretNotFound = errors.New("secret not found") )
Functions ¶
This section is empty.
Types ¶
type Challenger ¶
type Challenger interface {
// NewChallenge returns a new challenge in the form of a Lightning
// payment request. The payment hash is also returned as a convenience
// to avoid having to decode the payment request in order to retrieve
// its payment hash.
NewChallenge(price int64) (string, lntypes.Hash, error)
// Stop shuts down the challenger.
Stop()
}
Challenger is an interface used to present requesters of L402s with a challenge that must be satisfied before an L402 can be validated. This challenge takes the form of a Lightning payment request.
type Config ¶
type Config struct {
// Secrets is our source for L402 secrets which will be used for
// verification purposes.
Secrets SecretStore
// Challenger is our source of new challenges to present requesters of
// an L402 with.
Challenger Challenger
// ServiceLimiter provides us with how we should limit a new L402 based
// on its target services.
ServiceLimiter ServiceLimiter
// Now returns the current time.
Now func() time.Time
}
Config packages all of the required dependencies to instantiate a new L402 mint.
type Mint ¶
type Mint struct {
// contains filtered or unexported fields
}
Mint is an entity that is able to mint and verify L402s for a set of services.
func (*Mint) MintL402 ¶
func (m *Mint) MintL402(ctx context.Context, services ...l402.Service) (*macaroon.Macaroon, string, error)
MintL402 mints a new L402 for the target services.
func (*Mint) VerifyL402 ¶
func (m *Mint) VerifyL402(ctx context.Context, params *VerificationParams) error
VerifyL402 attempts to verify an L402 with the given parameters.
type SecretStore ¶
type SecretStore interface {
// NewSecret creates a new cryptographically random secret which is
// keyed by the given hash.
NewSecret(context.Context, [sha256.Size]byte) ([l402.SecretSize]byte,
error)
// GetSecret returns the cryptographically random secret that
// corresponds to the given hash. If there is no secret, then
// ErrSecretNotFound is returned.
GetSecret(context.Context, [sha256.Size]byte) ([l402.SecretSize]byte,
error)
// RevokeSecret removes the cryptographically random secret that
// corresponds to the given hash. This acts as a NOP if the secret does
// not exist.
RevokeSecret(context.Context, [sha256.Size]byte) error
}
SecretStore is the store responsible for storing L402 secrets. These secrets are required for proper verification of each minted L402.
type ServiceLimiter ¶
type ServiceLimiter interface {
// ServiceCapabilities returns the capabilities caveats for each
// service. This determines which capabilities of each service can be
// accessed.
ServiceCapabilities(context.Context, ...l402.Service) ([]l402.Caveat,
error)
// ServiceConstraints returns the constraints for each service. This
// enforces additional constraints on a particular service/service
// capability.
ServiceConstraints(context.Context, ...l402.Service) ([]l402.Caveat,
error)
// ServiceTimeouts returns the timeout caveat for each service. This
// will determine if and when service access can expire.
ServiceTimeouts(context.Context, ...l402.Service) ([]l402.Caveat,
error)
}
ServiceLimiter abstracts the source of caveats that should be applied to an L402 for a particular service.
type VerificationParams ¶
type VerificationParams struct {
// Macaroon is the macaroon as part of the L402 we'll attempt to verify.
Macaroon *macaroon.Macaroon
// Preimage is the preimage that should correspond to the L402's payment
// hash.
Preimage lntypes.Preimage
// TargetService is the target service a user of an L402 is attempting
// to access.
TargetService string
}
VerificationParams holds all of the requirements to properly verify an L402.
Source Files