Skip to content

Commit 675bde3

Browse files
achingbrainachingbrain
authored
docs: adds an expires field to the bearer token response (#676)
* docs: adds an expires field to the bearer token response Where a bearer token is returned to the client for future use, optionally include an `expires` field which indicates the latest time that it will be treated as valid. The server is free to expire tokens at any time so this field is purely advisory. Fixes #674 * chore: switch to RFC3339
1 parent f201689 commit 675bde3

1 file changed

Lines changed: 23 additions & 1 deletion

File tree

http/peer-id-auth.md

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
| Lifecycle Stage | Maturity | Status | Latest Revision |
44
| --------------- | ------------- | ------ | --------------- |
5-
| 1A | Working Draft | Active | r0, 2023-01-23 |
5+
| 1A | Working Draft | Active | r1, 2025-05-28 |
66

77
Authors: [@MarcoPolo]
88

@@ -172,6 +172,17 @@ protocol operates as follows:
172172
Authentication-Info: libp2p-PeerID sig="<base64-signature-bytes>" bearer="<base64-encoded-opaque-blob>"
173173
```
174174

175+
The server MAY include an `expires` field which contains the expiry time of
176+
the bearer token in [RFC 3339](https://www.rfc-editor.org/rfc/rfc3339)
177+
format:
178+
179+
```
180+
Authentication-Info: libp2p-PeerID sig="<base64-signature-bytes>" bearer="<base64-encoded-opaque-blob>" expires="<RFC-3339-formatted-date-string>"
181+
```
182+
183+
Note that the `expires` field is only advisory, the server may expire the
184+
token at any time.
185+
175186
The `sig` param represents a signature over the parameters:
176187

177188
- `challenge-server`
@@ -255,6 +266,17 @@ The client initiated handshake is as follows
255266
- The `hostname` parameter.
256267
- The token creation date (to allow tokens to expire).
257268

269+
The server MAY include an `expires` field which contains the expiry time of
270+
the bearer token in [RFC 3339](https://www.rfc-editor.org/rfc/rfc3339)
271+
format:
272+
273+
```
274+
Authentication-Info: libp2p-PeerID bearer="<base64-encoded-opaque-blob>" expires="<RFC-3339-formatted-date-string>"
275+
```
276+
277+
Note that the `expires` field is only advisory, the server may expire the
278+
token at any time.
279+
258280
5. The client SHOULD send the `bearer` token for future Peer ID authenticated
259281
requests.
260282

0 commit comments

Comments
 (0)