Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrSecretNotFound is an error returned when we attempt to retrieve a // secret by its key but it is not found. ErrSecretNotFound = errors.New("secret not found") )
Functions ¶
This section is empty.
Types ¶
type Challenger ¶
type Challenger interface {
// NewChallenge returns a new challenge in the form of a Lightning
// payment request. The payment hash is also returned as a convenience
// to avoid having to decode the payment request in order to retrieve
// its payment hash.
NewChallenge(recipientLud16 string, price int64) (string, lntypes.Hash, error)
// Stop shuts down the challenger.
Stop()
}
Challenger is an interface used to present requesters of LSATs with a challenge that must be satisfied before an LSAT can be validated. This challenge takes the form of a Lightning payment request.
type Config ¶
type Config struct {
// Secrets is our source for LSAT secrets which will be used for
// verification purposes.
Secrets SecretStore
// Challenger is our source of new challenges to present requesters of
// an LSAT with.
Challenger Challenger
// ServiceLimiter provides us with how we should limit a new LSAT based
// on its target services.
ServiceLimiter ServiceLimiter
// Now returns the current time.
Now func() time.Time
}
Config packages all of the required dependencies to instantiate a new LSAT mint.
type Mint ¶
type Mint struct {
// contains filtered or unexported fields
}
Mint is an entity that is able to mint and verify LSATs for a set of services.
func (*Mint) MintLSAT ¶
func (m *Mint) MintLSAT(ctx context.Context, services ...lsat.Service) (*macaroon.Macaroon, string, error)
MintLSAT mints a new LSAT for the target services.
func (*Mint) VerifyLSAT ¶
func (m *Mint) VerifyLSAT(ctx context.Context, params *VerificationParams) error
VerifyLSAT attempts to verify an LSAT with the given parameters.
type SecretStore ¶
type SecretStore interface {
// NewSecret creates a new cryptographically random secret which is
// keyed by the given hash.
NewSecret(context.Context, [sha256.Size]byte) ([lsat.SecretSize]byte,
error)
// GetSecret returns the cryptographically random secret that
// corresponds to the given hash. If there is no secret, then
// ErrSecretNotFound is returned.
GetSecret(context.Context, [sha256.Size]byte) ([lsat.SecretSize]byte,
error)
// RevokeSecret removes the cryptographically random secret that
// corresponds to the given hash. This acts as a NOP if the secret does
// not exist.
RevokeSecret(context.Context, [sha256.Size]byte) error
}
SecretStore is the store responsible for storing LSAT secrets. These secrets are required for proper verification of each minted LSAT.
type ServiceLimiter ¶
type ServiceLimiter interface {
// ServiceCapabilities returns the capabilities caveats for each
// service. This determines which capabilities of each service can be
// accessed.
ServiceCapabilities(context.Context, ...lsat.Service) ([]lsat.Caveat,
error)
// ServiceConstraints returns the constraints for each service. This
// enforces additional constraints on a particular service/service
// capability.
ServiceConstraints(context.Context, ...lsat.Service) ([]lsat.Caveat,
error)
// ServiceTimeouts returns the timeout caveat for each service. This
// will determine if and when service access can expire.
ServiceTimeouts(context.Context, ...lsat.Service) ([]lsat.Caveat,
error)
}
ServiceLimiter abstracts the source of caveats that should be applied to an LSAT for a particular service.
type VerificationParams ¶
type VerificationParams struct {
// Macaroon is the macaroon as part of the LSAT we'll attempt to verify.
Macaroon *macaroon.Macaroon
// Preimage is the preimage that should correspond to the LSAT's payment
// hash.
Preimage lntypes.Preimage
// TargetService is the target service a user of an LSAT is attempting
// to access.
TargetService string
}
VerificationParams holds all of the requirements to properly verify an LSAT.
Source Files