aljaz/aperture
1
1
Fork 0
mirror of https://github.com/lightninglabs/aperture.git synced 2026-01-06 10:54:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
82 Commits 2 Branches 38 Tags
52124e59f3b75a0ddcb49aa434aa4601c1e02b7b
Commit Graph

82 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Oliver Gugger
52124e59f3 Merge pull request #30 from lispmeister/dockerize-all-the-things 
add Dockerfile
 2020-04-23 21:00:49 +02:00
lispmeister
0e68ea2499 add Dockerfile 
This Dockerfile enables the build of a Docker image for the Aperture
binary.

updated to golang:1.13 base image

add entrypoint

fix EXPOSE port number
 2020-04-23 22:58:34 +04:00
Oliver Gugger
7107124dc8 Merge pull request #33 from guggero/demo-link 
readme: fix link to demo
 2020-04-17 13:11:06 +02:00
Oliver Gugger
4043e29ddd readme: fix link to demo 2020-04-14 10:00:01 +02:00
Olaoluwa Osuntokun
86cc245072 Merge pull request #31 from lightninglabs/sample-conf-docs 
docs: add documentation to sample conf options
 2020-03-30 10:40:56 -07:00
Wilmer Paulino
8d67d5d342 docs: add documentation to sample conf options 2020-03-30 10:33:30 -07:00
Olaoluwa Osuntokun
2c1a5d6b7b Merge pull request #29 from guggero/lsat-move 
lsat: copy LSAT related code from loop repository
 2020-03-19 11:25:56 -07:00
Oliver Gugger
59268f8f59 auth+lsat: move LSAT specific code 2020-03-19 16:16:34 +01:00
Oliver Gugger
c2e191af14 multi: use moved lsat code 2020-03-19 16:12:33 +01:00
Oliver Gugger
36d004afb8 lsat: rename Interceptor to ClientInterceptor 2020-03-19 16:09:55 +01:00
Oliver Gugger
31e5169aec lsat: copy code from loop repo 2020-03-19 16:09:09 +01:00
Olaoluwa Osuntokun
f8257dda52 Merge pull request #28 from Roasbeef/aperture 
aperture: propagate rename
 2020-03-18 16:57:36 -07:00
Olaoluwa Osuntokun
0c14706fa4 aperture: propagate rename 2020-03-18 13:57:18 -07:00
Olaoluwa Osuntokun
e30cc0f060 Merge pull request #27 from wpaulino/listen-tor-onion-services 
kirin: allow handling client requests over Tor onion services
 2020-03-13 16:55:57 -07:00
Wilmer Paulino
494fdcc0a3 kirin: allow handling client requests over Tor onion services 
In this commit, we integrate Tor onion services into the proxy. Clients
can now make their requests through Tor's encrypted network. To make
this possible, there were a few quirks, the most important being that
clients were unable to establish encrypted HTTP/2 connections due to
TLS certificates not being able to verify onion services. To work around
this, we now spin up an additional HTTP/2 server _without TLS_ that's
not exposed to the outside world and can only be accessed through the
onion services, which already provide encryption.

Once the onion services are created, we store their private keys within
etcd to ensure we can recover them later on as the proxy is intended to
be long-lived.
 2020-03-13 12:54:33 -07:00
Olaoluwa Osuntokun
34b4e1f6a5 Merge pull request #26 from guggero/stream-interceptor 
lsat: server stream interceptor
 2020-02-17 15:50:49 -08:00
Oliver Gugger
1e20b175cd auth: add stream server interceptor 2020-02-03 17:10:59 +01:00
Oliver Gugger
0fffe01dcc auth: refactor interceptor token extraction 2020-02-03 17:10:58 +01:00
Olaoluwa Osuntokun
64393335db Merge pull request #25 from Roasbeef/auto-cert-bugfix 
kirin: fix bug when using pure autocert
 2020-01-22 18:10:14 -08:00
Olaoluwa Osuntokun
b18e4baed1 kirin: fix bug when using pure autocert 
When using the `autocert` route, we actually don't need to pass anything
into `ListenAndServeTLS`, instead we can pass blank strings.
 2020-01-22 17:35:31 -08:00
Olaoluwa Osuntokun
4b60be65ee challenger: rename macaroon name 2020-01-22 17:03:46 -08:00
Olaoluwa Osuntokun
de6be5daff Merge pull request #24 from Roasbeef/invoiceonly-mac 
challenger: modify to only use invoice macaroon
 2020-01-22 17:02:14 -08:00
Olaoluwa Osuntokun
e86965f6f9 challenger: modify to only use invoice macaroon 2020-01-22 16:56:03 -08:00
Olaoluwa Osuntokun
1d57c19fd1 Merge pull request #23 from guggero/update-readme 
readme: clarify install instructions
 2020-01-22 14:45:00 -08:00
Oliver Gugger
d1096b1df8 readme: clarify install instructions 2020-01-22 11:30:02 +01:00
Oliver Gugger
b002512fc3 Merge pull request #21 from guggero/install-doc 
doc: update installation instructions
 2020-01-16 13:06:14 +01:00
Olaoluwa Osuntokun
3b3af0a719 Merge pull request #22 from guggero/autocert 
Add autocert functionality to get certificate through Let's Encrypt
 2020-01-15 19:36:09 -08:00
Oliver Gugger
712168f38d doc: update installation instructions 2020-01-15 22:42:57 +01:00
Oliver Gugger
5276c1b850 kirin: add autocert functionality 2020-01-14 09:41:00 +01:00
Oliver Gugger
e539e6306f mod: add autocert library 2020-01-10 14:16:41 +01:00
Oliver Gugger
9af8647028 config: add autocert options 2020-01-10 14:00:36 +01:00
Oliver Gugger
156ca9589a Merge pull request #20 from guggero/lsat-header-rfc 
multi: change WWW-Authenticate header format
 2020-01-09 09:46:11 +01:00
Oliver Gugger
76a5ed5f2a multi: change WWW-Authenticate header format 
To be compliant with RFC 7235 section 4.1 we change the format of the
WWW-Authenticate header field to double quoted and comma separated
fields.
 2020-01-07 15:38:22 +01:00
Oliver Gugger
8b731e87e4 Merge pull request #19 from guggero/server-interceptor 
auth: add server interceptor
 2020-01-07 14:37:48 +01:00
Oliver Gugger
a402e403bc auth+log: add log subsystem name as constant 2020-01-07 14:37:07 +01:00
Oliver Gugger
45e4bb49d5 auth: add server interceptor 2020-01-07 14:37:07 +01:00
Oliver Gugger
02584d1f38 mod: update to latest loop and lnd versions 2020-01-03 16:44:08 +01:00
Oliver Gugger
f4d62e0a7f Merge pull request #17 from guggero/makefile 
make: add Makefile and linter configuration
 2019-12-04 11:00:21 +01:00
Oliver Gugger
c6c62b9472 multi: fix all linter errors 2019-12-04 10:58:04 +01:00
Oliver Gugger
41cd93c319 make: add Makefile and linter configuration 2019-12-04 10:47:59 +01:00
Oliver Gugger
a6a5a0e302 Merge pull request #16 from guggero/auth-whitelist 
proxy: add authentication whitelist
 2019-12-04 10:46:39 +01:00
Oliver Gugger
b60460feee proxy: add test for auth whitelist 2019-12-04 10:45:08 +01:00
Oliver Gugger
51c7deac05 proxy: replace certificate generation with cert package 2019-12-04 10:45:07 +01:00
Oliver Gugger
c2e9d540ba proxy: add auth whitelist for paths 2019-12-04 10:45:07 +01:00
Oliver Gugger
3e2d486f75 auth: add auth level constant 2019-11-29 17:12:53 +01:00
Oliver Gugger
d58c70588d auth: remove unused constant 2019-11-29 16:15:40 +01:00
Oliver Gugger
8928e68bf2 Merge pull request #12 from wpaulino/lsat-mint 
multi: introduce proper LSAT creation and verification
 2019-11-28 14:25:46 +01:00
Wilmer Paulino
831a41b33e macaroons: remove temporary macaroon creation and verification logic 2019-11-26 11:14:11 -08:00
Wilmer Paulino
530894a5ed auth: remove unused Challenger interface 2019-11-26 11:13:45 -08:00
Wilmer Paulino
38cd0e7847 auth: integrate proper macaroon creation and verification 
We move the proxy from using its placeholder macaroon creation and
verification to instead use the agreed upon macaroon design. Much of
this is solely a refactor, but some new functionality has also been
introduced as part of integrating the LSAT mint:

1. A request's target service is now verified to ensure its attached
   LSAT is authorized.

2. The preimage is now checked against the token's committed payment
   hash to ensure it has been paid for.
 2019-11-26 11:13:19 -08:00