AddFirstPartyCaveats adds a set of caveats as first-party caveats to a macaroon.

AddToContext adds the given value to the context for easy retrieval later on.

DecodeCaveat decodes a caveat from its string representation.

DecodeIdentifier decodes an L402's identifier according to its version.

EncodeCaveat encodes a caveat into its string representation.

EncodeIdentifier encodes an L402's identifier according to its version.

FromContext tries to extract a value from the given context.

FromHeader tries to extract authentication information from HTTP headers.

HasCaveat checks whether the given macaroon has a caveat with the given condition, and if so, returns its value.

IsPaymentRequired inspects an error to find out if it's the specific gRPC error returned by the server to indicate a payment is required to access the service.

MakeIDFromString parses the hex encoded string and parses it into a token ID.

NewCapabilitiesCaveat creates a new capabilities caveat for the given service.

NewCapabilitiesSatisfier implements a satisfier to determine whether the target capability for a service is authorized for a given L402.

NewCaveat construct a new caveat with the given condition and value.

NewFileStore creates a new file based token store, creating its file in the provided directory.

NewInterceptor creates a new gRPC client interceptor that uses the provided lnd connection to automatically acquire and pay for L402 tokens, unless the indicated store already contains a usable token.

NewMacaroonCredential returns a copy of the passed macaroon wrapped in a MacaroonCredential struct which implements PerRPCCredentials.

NewServicesCaveat creates a new services caveat with the provided caveats.

NewServicesSatisfier implements a satisfier to determine whether the target service is authorized for a given L402.

NewTimeoutCaveat creates a new caveat that will result in a macaroon being valid for numSeconds after the current time.

NewTimeoutSatisfier checks if an L402 is expired or not.

SetHeader sets the provided authentication elements as the default/standard HTTP header for the L402 protocol.

UseLogger uses a specified Logger to output package logging info.

VerifyCaveats determines whether every relevant caveat of an L402 holds true.

AuthHeader is is the HTTP response header that contains the payment challenge.

BaseTier is the base tier of an L402-enabled service.

CondCapabilitiesSuffix is the condition suffix used for a service's capabilities caveat.

CondServices is the condition used for a services caveat.

CondTimeoutSuffix is the condition suffix used for a service's timeout caveat.

DefaultMaxCostSats is the default maximum amount in satoshis that we are going to pay for an L402 automatically.

DefaultMaxRoutingFeeSats is the default maximum routing fee in satoshis that we are going to pay to acquire an L402 token.

GRPCErrCode is the error code we receive from a gRPC call if the server expects a payment.

GRPCErrCodeNew is the new error code we received for a "402 payment required" error with version google.golang.org/grpc v1.41.0.

GRPCErrMessage is the error message we receive from a gRPC call in conjunction with the GRPCErrCode to signal the client that a payment is required to access the service.

HeaderAuthorization is the HTTP header field name that is used to send the L402 by REST clients.

HeaderMacaroon is the HTTP header field name that is used to send the L402 by our own gRPC clients.

HeaderMacaroonMD is the HTTP header field name that is used to send the L402 by certain REST and gRPC clients.

LatestVersion is the latest version used for minting new L402s.

PaymentTimeout is the maximum time we allow a payment to take before we stop waiting for it.

PreimageKey is the key used for a payment preimage caveat.

SecretSize is the size in bytes of a L402's secret, also known as the root key of the macaroon.

Subsystem defines the sub system name of this package.

TokenIDSize is the size in bytes of an L402's ID encoded in its macaroon identifier.

ErrInvalidCaveat is an error returned when we attempt to decode a caveat with an invalid format.

ErrInvalidService is an error returned when we attempt to decode a service with an invalid format.

ErrNoServices is an error returned when we attempt to decode the services included in a caveat.

ErrNoToken is the error returned when the store doesn't contain a token yet.

ErrUnknownVersion is an error returned when attempting to decode an L402 identifier with an unknown version.

KeyTokenID is the key under which we store the client's token ID in the request context.

Caveat is a predicate that can be applied to an L402 in order to restrict its use in some form.

ClientInterceptor is a gRPC client interceptor that can handle L402 authentication challenges with embedded payment requests.

ContextKey is the type that we use to identify L402 specific values in the request context.

FileStore is an implementation of the Store interface that files to save the serialized tokens.

Identifier contains the static identifying details of an L402.

MacaroonCredential wraps a macaroon to implement the credentials.PerRPCCredentials interface.

Satisfier provides a generic interface to satisfy a caveat based on its condition.

ServerInterceptor is a gRPC server interceptor that extracts the token ID from the request context if an L402 is present.

Service contains the details of an L402-enabled service.

Token is the main type to store an L402 token in.

Store is an interface that allows users to store and retrieve an L402 token.

ServiceTier represents the different possible tiers of an L402-enabled service.

TokenID is the type that stores the token identifier of an L402 token.