lnd/macaroons/auth.go

54 lines
1.5 KiB
Go
Raw Normal View History

package macaroons
import (
2019-09-29 01:10:57 +02:00
"context"
"encoding/hex"
macaroon "gopkg.in/macaroon.v2"
)
// MacaroonCredential wraps a macaroon to implement the
// credentials.PerRPCCredentials interface.
type MacaroonCredential struct {
*macaroon.Macaroon
}
// RequireTransportSecurity implements the PerRPCCredentials interface.
func (m MacaroonCredential) RequireTransportSecurity() bool {
return true
}
// GetRequestMetadata implements the PerRPCCredentials interface. This method
// is required in order to pass the wrapped macaroon into the gRPC context.
// With this, the macaroon will be available within the request handling scope
// of the ultimate gRPC server implementation.
func (m MacaroonCredential) GetRequestMetadata(ctx context.Context,
uri ...string) (map[string]string, error) {
macBytes, err := m.MarshalBinary()
if err != nil {
return nil, err
}
md := make(map[string]string)
md["macaroon"] = hex.EncodeToString(macBytes)
return md, nil
}
// NewMacaroonCredential returns a copy of the passed macaroon wrapped in a
// MacaroonCredential struct which implements PerRPCCredentials.
func NewMacaroonCredential(m *macaroon.Macaroon) (MacaroonCredential, error) {
ms := MacaroonCredential{}
// The macaroon library's Clone() method has a subtle bug that doesn't
// correctly clone all caveats. We need to use our own, safe clone
// function instead.
var err error
ms.Macaroon, err = SafeCopyMacaroon(m)
if err != nil {
return ms, err
}
return ms, nil
}