github.com/core-coin/go-core/v2@v2.1.9/node/jwt_auth.go (about)

     1  // Copyright 2024 by the Authors
     2  // This file is part of the go-core library.
     3  //
     4  // The go-core library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The go-core library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the go-core library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package node
    18  
    19  import (
    20  	"fmt"
    21  	"net/http"
    22  	"time"
    23  
    24  	"github.com/core-coin/go-core/v2/rpc"
    25  	"github.com/golang-jwt/jwt/v4"
    26  )
    27  
    28  // NewJWTAuth creates an rpc client authentication provider that uses JWT. The
    29  // secret MUST be 32 bytes (256 bits) as defined by the Engine-API authentication spec.
    30  //
    31  // See https://github.com/ethereum/execution-apis/blob/main/src/engine/authentication.md
    32  // for more details about this authentication scheme.
    33  func NewJWTAuth(jwtsecret [32]byte) rpc.HTTPAuth {
    34  	return func(h http.Header) error {
    35  		token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
    36  			"iat": &jwt.NumericDate{Time: time.Now()},
    37  		})
    38  		s, err := token.SignedString(jwtsecret[:])
    39  		if err != nil {
    40  			return fmt.Errorf("failed to create JWT token: %w", err)
    41  		}
    42  		h.Set("Authorization", "Bearer "+s)
    43  		return nil
    44  	}
    45  }