package httppeeridauth

go-libp2p – github.com/libp2p/go-libp2p/p2p/http/auth Index | Files | Directories

import "github.com/libp2p/go-libp2p/p2p/http/auth"

Index ¶

Constants
func HasAuthHeader(r *http.Request) bool
type ClientPeerIDAuth

func (a *ClientPeerIDAuth) AuthenticateWithRoundTripper(rt http.RoundTripper, req *http.Request) (peer.ID, *http.Response, error)
func (a *ClientPeerIDAuth) AuthenticatedDo(client *http.Client, req *http.Request) (peer.ID, *http.Response, error)
func (a *ClientPeerIDAuth) HasToken(hostname string) bool

type ServerPeerIDAuth

func (a *ServerPeerIDAuth) ServeHTTP(w http.ResponseWriter, r *http.Request)
func (a *ServerPeerIDAuth) ServeHTTPWithNextHandler(w http.ResponseWriter, r *http.Request, next func(peer.ID, http.ResponseWriter, *http.Request))

Constants ¶

const PeerIDAuthScheme = handshake.PeerIDAuthScheme

const ProtocolID = "/http-peer-id-auth/1.0.0"

Functions ¶

func HasAuthHeader ¶

func HasAuthHeader(r *http.Request) bool

HasAuthHeader checks if the HTTP request contains an Authorization header that starts with the PeerIDAuthScheme prefix.

Types ¶

type ClientPeerIDAuth ¶

type ClientPeerIDAuth struct {
	PrivKey  crypto.PrivKey
	TokenTTL time.Duration
	// contains filtered or unexported fields
}

func (*ClientPeerIDAuth) AuthenticateWithRoundTripper ¶

func (a *ClientPeerIDAuth) AuthenticateWithRoundTripper(rt http.RoundTripper, req *http.Request) (peer.ID, *http.Response, error)

func (*ClientPeerIDAuth) AuthenticatedDo ¶

func (a *ClientPeerIDAuth) AuthenticatedDo(client *http.Client, req *http.Request) (peer.ID, *http.Response, error)

AuthenticatedDo is like http.Client.Do, but it does the libp2p peer ID auth handshake if needed.

It is recommended to pass in an http.Request with `GetBody` set, so that this method can retry sending the request in case a previously used token has expired.

func (*ClientPeerIDAuth) HasToken ¶

func (a *ClientPeerIDAuth) HasToken(hostname string) bool

type ServerPeerIDAuth ¶

type ServerPeerIDAuth struct {
	PrivKey  crypto.PrivKey
	TokenTTL time.Duration
	Next     func(peer peer.ID, w http.ResponseWriter, r *http.Request)
	// NoTLS is a flag that allows the server to accept requests without a TLS
	// ServerName. Used when something else is terminating the TLS connection.
	NoTLS bool
	// Required when NoTLS is true. The server will only accept requests for
	// which the Host header returns true.
	ValidHostnameFn func(hostname string) bool

	HmacKey []byte
	// contains filtered or unexported fields
}

func (*ServerPeerIDAuth) ServeHTTP ¶

func (a *ServerPeerIDAuth) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements the http.Handler interface for PeerIDAuth. It will attempt to authenticate the request using using the libp2p peer ID auth scheme. If a Next handler is set, it will be called on authenticated requests.

func (*ServerPeerIDAuth) ServeHTTPWithNextHandler ¶

func (a *ServerPeerIDAuth) ServeHTTPWithNextHandler(w http.ResponseWriter, r *http.Request, next func(peer.ID, http.ResponseWriter, *http.Request))

Source Files ¶

auth.go client.go server.go

Directories ¶

Path	Synopsis
p2p/http/auth/internal

Version: v0.42.0 (latest)
Published: Jun 18, 2025
Platform: linux/amd64
Imports: 15 packages
Last checked: 4 weeks ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples