summaryrefslogtreecommitdiffstats
path: root/internal/auth
Commit message (Collapse)AuthorAgeFilesLines
* docs: clarify NIP-98 relationship to NIP-42 and write access controlbndw3 days1-4/+60
| | | | | | | | | Explain that the gRPC NIP-98 implementation is effectively NIP-42 for reads (same pattern: authenticate once, stream many events) and adds standardized relay access control for writes (beyond event.sig). Add comparison table showing functional equivalence for streaming reads and the additional benefits for write access control.
* feat: implement NIP-98 HTTP auth for gRPCbndw3 days5-0/+951
Add comprehensive NIP-98 authentication support following the standard gRPC credentials.PerRPCCredentials pattern. Client-side: - NostrCredentials implements PerRPCCredentials interface - Automatically signs each request with kind 27235 event - Drop-in replacement for OAuth2/JWT in gRPC clients Server-side: - Unary and stream interceptors for validation - Extracts and validates NIP-98 events from Authorization headers - Configurable options (timestamp window, whitelists, skip methods) - Adds authenticated pubkey to request context Security features: - Replay protection via timestamp validation - Optional payload hash verification - Signature verification using schnorr - TLS requirement option Includes comprehensive test coverage and detailed README with usage examples and security considerations.
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-17 17:56:06 +0000