Skip to main content

src/barrel_p2p_dist_auth_callback.erl

%%% -*- erlang -*-
%%%
%%% Barrel P2P Distribution Auth Callback
%%%
%%% Adapter that plugs barrel_p2p's Ed25519 identity protocol into the
%%% upstream `quic_dist_auth' behaviour. The actual handshake lives in
%%% `barrel_p2p_dist_auth_stream'; this module exists only to expose the
%%% `(Conn, Side, Timeout) -> {ok, _} | {error, _}' contract that
%%% `quic_dist' calls between QUIC handshake and Erlang dist handshake.
%%%
%%% Wire it up via sys.config:
%%%
%%% ```
%%% {quic, [{dist, [
%%%     {auth_callback, {barrel_p2p_dist_auth_callback, authenticate}},
%%%     {auth_handshake_timeout, 10000}
%%% ]}]}.
%%% '''
%%%
%%% Copyright (c) 2026 Benoit Chesneau
%%% Apache License 2.0
%%%

-module(barrel_p2p_dist_auth_callback).

-behaviour(quic_dist_auth).

-export([authenticate/3]).

-spec authenticate(
    Conn :: pid(),
    Side :: client | server,
    Timeout :: timeout()
) ->
    {ok, node() | undefined} | {error, term()}.
authenticate(Conn, server, Timeout) ->
    barrel_p2p_dist_auth_stream:authenticate_incoming(Conn, Timeout);
authenticate(Conn, client, Timeout) ->
    %% barrel_p2p_dist:setup/5 stashes the dialed node in the process
    %% dictionary so the client side can verify cookie_only_nodes
    %% before accepting an AUTH_OK short-circuit.
    TargetNode = erlang:get(barrel_p2p_dial_target),
    barrel_p2p_dist_auth_stream:authenticate_outgoing(Conn, TargetNode, Timeout).