main: integrate macaroons into config, startup, and RPC server
This commit is contained in:
parent
662731e719
commit
922b065de5
31
config.go
31
config.go
@ -24,6 +24,8 @@ const (
|
|||||||
defaultDataDirname = "data"
|
defaultDataDirname = "data"
|
||||||
defaultTLSCertFilename = "tls.cert"
|
defaultTLSCertFilename = "tls.cert"
|
||||||
defaultTLSKeyFilename = "tls.key"
|
defaultTLSKeyFilename = "tls.key"
|
||||||
|
defaultAdminMacFilename = "admin.macaroon"
|
||||||
|
defaultReadMacFilename = "readonly.macaroon"
|
||||||
defaultLogLevel = "info"
|
defaultLogLevel = "info"
|
||||||
defaultLogDirname = "logs"
|
defaultLogDirname = "logs"
|
||||||
defaultLogFilename = "lnd.log"
|
defaultLogFilename = "lnd.log"
|
||||||
@ -36,12 +38,14 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
lndHomeDir = btcutil.AppDataDir("lnd", false)
|
lndHomeDir = btcutil.AppDataDir("lnd", false)
|
||||||
defaultConfigFile = filepath.Join(lndHomeDir, defaultConfigFilename)
|
defaultConfigFile = filepath.Join(lndHomeDir, defaultConfigFilename)
|
||||||
defaultDataDir = filepath.Join(lndHomeDir, defaultDataDirname)
|
defaultDataDir = filepath.Join(lndHomeDir, defaultDataDirname)
|
||||||
defaultTLSCertPath = filepath.Join(lndHomeDir, defaultTLSCertFilename)
|
defaultTLSCertPath = filepath.Join(lndHomeDir, defaultTLSCertFilename)
|
||||||
defaultTLSKeyPath = filepath.Join(lndHomeDir, defaultTLSKeyFilename)
|
defaultTLSKeyPath = filepath.Join(lndHomeDir, defaultTLSKeyFilename)
|
||||||
defaultLogDir = filepath.Join(lndHomeDir, defaultLogDirname)
|
defaultAdminMacPath = filepath.Join(lndHomeDir, defaultAdminMacFilename)
|
||||||
|
defaultReadMacPath = filepath.Join(lndHomeDir, defaultReadMacFilename)
|
||||||
|
defaultLogDir = filepath.Join(lndHomeDir, defaultLogDirname)
|
||||||
|
|
||||||
btcdHomeDir = btcutil.AppDataDir("btcd", false)
|
btcdHomeDir = btcutil.AppDataDir("btcd", false)
|
||||||
defaultBtcdRPCCertFile = filepath.Join(btcdHomeDir, "rpc.cert")
|
defaultBtcdRPCCertFile = filepath.Join(btcdHomeDir, "rpc.cert")
|
||||||
@ -88,11 +92,14 @@ type autoPilotConfig struct {
|
|||||||
type config struct {
|
type config struct {
|
||||||
ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"`
|
ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"`
|
||||||
|
|
||||||
ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"`
|
ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"`
|
||||||
DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"`
|
DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"`
|
||||||
TLSCertPath string `long:"tlscertpath" description:"Path to TLS certificate for lnd's RPC and REST services"`
|
TLSCertPath string `long:"tlscertpath" description:"Path to TLS certificate for lnd's RPC and REST services"`
|
||||||
TLSKeyPath string `long:"tlskeypath" description:"Path to TLS private key for lnd's RPC and REST services"`
|
TLSKeyPath string `long:"tlskeypath" description:"Path to TLS private key for lnd's RPC and REST services"`
|
||||||
LogDir string `long:"logdir" description:"Directory to log output."`
|
NoMacaroons bool `long:"no-macaroons" description:"Disable macaroon authentication"`
|
||||||
|
AdminMacPath string `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"`
|
||||||
|
ReadMacPath string `long:"readonlymacaroonpath" description:"Path to write the read-only macaroon for lnd's RPC and REST services if it doesn't exist"`
|
||||||
|
LogDir string `long:"logdir" description:"Directory to log output."`
|
||||||
|
|
||||||
Listeners []string `long:"listen" description:"Add an interface/port to listen for connections (default all interfaces port: 5656)"`
|
Listeners []string `long:"listen" description:"Add an interface/port to listen for connections (default all interfaces port: 5656)"`
|
||||||
ExternalIPs []string `long:"externalip" description:"Add an ip to the list of local addresses we claim to listen on to peers"`
|
ExternalIPs []string `long:"externalip" description:"Add an ip to the list of local addresses we claim to listen on to peers"`
|
||||||
@ -132,6 +139,8 @@ func loadConfig() (*config, error) {
|
|||||||
DebugLevel: defaultLogLevel,
|
DebugLevel: defaultLogLevel,
|
||||||
TLSCertPath: defaultTLSCertPath,
|
TLSCertPath: defaultTLSCertPath,
|
||||||
TLSKeyPath: defaultTLSKeyPath,
|
TLSKeyPath: defaultTLSKeyPath,
|
||||||
|
AdminMacPath: defaultAdminMacPath,
|
||||||
|
ReadMacPath: defaultReadMacPath,
|
||||||
LogDir: defaultLogDir,
|
LogDir: defaultLogDir,
|
||||||
PeerPort: defaultPeerPort,
|
PeerPort: defaultPeerPort,
|
||||||
RPCPort: defaultRPCPort,
|
RPCPort: defaultRPCPort,
|
||||||
|
64
lnd.go
64
lnd.go
@ -12,6 +12,9 @@ import (
|
|||||||
"strconv"
|
"strconv"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"gopkg.in/macaroon-bakery.v1/bakery"
|
||||||
|
"gopkg.in/macaroon-bakery.v1/bakery/checkers"
|
||||||
|
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
|
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
@ -24,6 +27,7 @@ import (
|
|||||||
"github.com/lightningnetwork/lnd/lnrpc"
|
"github.com/lightningnetwork/lnd/lnrpc"
|
||||||
"github.com/lightningnetwork/lnd/lnwallet"
|
"github.com/lightningnetwork/lnd/lnwallet"
|
||||||
"github.com/lightningnetwork/lnd/lnwire"
|
"github.com/lightningnetwork/lnd/lnwire"
|
||||||
|
"github.com/lightningnetwork/lnd/macaroons"
|
||||||
"github.com/roasbeef/btcd/btcec"
|
"github.com/roasbeef/btcd/btcec"
|
||||||
"github.com/roasbeef/btcutil"
|
"github.com/roasbeef/btcutil"
|
||||||
)
|
)
|
||||||
@ -78,6 +82,30 @@ func lndMain() error {
|
|||||||
}
|
}
|
||||||
defer chanDB.Close()
|
defer chanDB.Close()
|
||||||
|
|
||||||
|
// Only process macaroons if --no-macaroons isn't set.
|
||||||
|
var macaroonService *bakery.Service
|
||||||
|
if !cfg.NoMacaroons {
|
||||||
|
// Create the macaroon authentication/authorization service.
|
||||||
|
macaroonService, err = macaroons.NewService(cfg.DataDir)
|
||||||
|
if err != nil {
|
||||||
|
srvrLog.Errorf("unable to create macaroon service: %v",
|
||||||
|
err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create macaroon files for lncli to use if they don't exist.
|
||||||
|
if !fileExists(cfg.AdminMacPath) &&
|
||||||
|
!fileExists(cfg.ReadMacPath) {
|
||||||
|
err = genMacaroons(macaroonService, cfg.AdminMacPath,
|
||||||
|
cfg.ReadMacPath)
|
||||||
|
if err != nil {
|
||||||
|
ltndLog.Errorf("unable to create macaroon "+
|
||||||
|
"files: %v", err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// With the information parsed from the configuration, create valid
|
// With the information parsed from the configuration, create valid
|
||||||
// instances of the paertinent interfaces required to operate the
|
// instances of the paertinent interfaces required to operate the
|
||||||
// Lightning Network Daemon.
|
// Lightning Network Daemon.
|
||||||
@ -197,7 +225,7 @@ func lndMain() error {
|
|||||||
|
|
||||||
// Initialize, and register our implementation of the gRPC interface
|
// Initialize, and register our implementation of the gRPC interface
|
||||||
// exported by the rpcServer.
|
// exported by the rpcServer.
|
||||||
rpcServer := newRPCServer(server)
|
rpcServer := newRPCServer(server, macaroonService)
|
||||||
if err := rpcServer.Start(); err != nil {
|
if err := rpcServer.Start(); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -375,3 +403,37 @@ func genCertPair(certFile, keyFile string) error {
|
|||||||
rpcsLog.Infof("Done generating TLS certificates")
|
rpcsLog.Infof("Done generating TLS certificates")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// genMacaroons generates a pair of macaroon files; one admin-level and one
|
||||||
|
// read-only. These can also be used to generate more granular macaroons.
|
||||||
|
func genMacaroons(svc *bakery.Service, admFile, roFile string) error {
|
||||||
|
// Generate the admin macaroon and write it to a file.
|
||||||
|
admMacaroon, err := svc.NewMacaroon("", nil, nil)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
admBytes, err := admMacaroon.MarshalBinary()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err = ioutil.WriteFile(admFile, admBytes, 0600); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Generate the read-only macaroon and write it to a file.
|
||||||
|
caveat := checkers.AllowCaveat(roPermissions...)
|
||||||
|
roMacaroon := admMacaroon.Clone()
|
||||||
|
if err = svc.AddCaveat(roMacaroon, caveat); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
roBytes, err := roMacaroon.MarshalBinary()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err = ioutil.WriteFile(roFile, roBytes, 0644); err != nil {
|
||||||
|
os.Remove(admFile)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
@ -15,6 +15,8 @@ import (
|
|||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
macaroon "gopkg.in/macaroon.v1"
|
||||||
|
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
|
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
@ -25,6 +27,7 @@ import (
|
|||||||
|
|
||||||
"github.com/go-errors/errors"
|
"github.com/go-errors/errors"
|
||||||
"github.com/lightningnetwork/lnd/lnrpc"
|
"github.com/lightningnetwork/lnd/lnrpc"
|
||||||
|
"github.com/lightningnetwork/lnd/macaroons"
|
||||||
"github.com/roasbeef/btcd/chaincfg"
|
"github.com/roasbeef/btcd/chaincfg"
|
||||||
"github.com/roasbeef/btcd/chaincfg/chainhash"
|
"github.com/roasbeef/btcd/chaincfg/chainhash"
|
||||||
"github.com/roasbeef/btcd/rpctest"
|
"github.com/roasbeef/btcd/rpctest"
|
||||||
@ -137,6 +140,8 @@ func newLightningNode(btcrpcConfig *btcrpcclient.ConnConfig, lndArgs []string) (
|
|||||||
}
|
}
|
||||||
cfg.TLSCertPath = filepath.Join(cfg.DataDir, "tls.cert")
|
cfg.TLSCertPath = filepath.Join(cfg.DataDir, "tls.cert")
|
||||||
cfg.TLSKeyPath = filepath.Join(cfg.DataDir, "tls.key")
|
cfg.TLSKeyPath = filepath.Join(cfg.DataDir, "tls.key")
|
||||||
|
cfg.AdminMacPath = filepath.Join(cfg.DataDir, "admin.macaroon")
|
||||||
|
cfg.ReadMacPath = filepath.Join(cfg.DataDir, "readonly.macaroon")
|
||||||
|
|
||||||
cfg.PeerPort, cfg.RPCPort = generateListeningPorts()
|
cfg.PeerPort, cfg.RPCPort = generateListeningPorts()
|
||||||
|
|
||||||
@ -177,6 +182,8 @@ func (l *lightningNode) genArgs() []string {
|
|||||||
args = append(args, fmt.Sprintf("--tlscertpath=%v", l.cfg.TLSCertPath))
|
args = append(args, fmt.Sprintf("--tlscertpath=%v", l.cfg.TLSCertPath))
|
||||||
args = append(args, fmt.Sprintf("--tlskeypath=%v", l.cfg.TLSKeyPath))
|
args = append(args, fmt.Sprintf("--tlskeypath=%v", l.cfg.TLSKeyPath))
|
||||||
args = append(args, fmt.Sprintf("--configfile=%v", l.cfg.DataDir))
|
args = append(args, fmt.Sprintf("--configfile=%v", l.cfg.DataDir))
|
||||||
|
args = append(args, fmt.Sprintf("--adminmacaroonpath=%v", l.cfg.AdminMacPath))
|
||||||
|
args = append(args, fmt.Sprintf("--readonlymacaroonpath=%v", l.cfg.ReadMacPath))
|
||||||
|
|
||||||
if l.extraArgs != nil {
|
if l.extraArgs != nil {
|
||||||
args = append(args, l.extraArgs...)
|
args = append(args, l.extraArgs...)
|
||||||
@ -247,23 +254,34 @@ func (l *lightningNode) Start(lndError chan error) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Wait until TLS certificate is created before using it, up to 20 sec.
|
// Wait until TLS certificate and admin macaroon are created before
|
||||||
|
// using them, up to 20 sec.
|
||||||
tlsTimeout := time.After(20 * time.Second)
|
tlsTimeout := time.After(20 * time.Second)
|
||||||
for !fileExists(l.cfg.TLSCertPath) {
|
for !fileExists(l.cfg.TLSCertPath) || !fileExists(l.cfg.AdminMacPath) {
|
||||||
time.Sleep(100 * time.Millisecond)
|
time.Sleep(100 * time.Millisecond)
|
||||||
select {
|
select {
|
||||||
case <-tlsTimeout:
|
case <-tlsTimeout:
|
||||||
panic(fmt.Errorf("timeout waiting for TLS cert file " +
|
panic(fmt.Errorf("timeout waiting for TLS cert file " +
|
||||||
"to be created after 20 seconds"))
|
"and admin macaroon file to be created after " +
|
||||||
|
"20 seconds"))
|
||||||
default:
|
default:
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
creds, err := credentials.NewClientTLSFromFile(l.cfg.TLSCertPath, "")
|
tlsCreds, err := credentials.NewClientTLSFromFile(l.cfg.TLSCertPath, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
macBytes, err := ioutil.ReadFile(l.cfg.AdminMacPath)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
mac := &macaroon.Macaroon{}
|
||||||
|
if err = mac.UnmarshalBinary(macBytes); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
opts := []grpc.DialOption{
|
opts := []grpc.DialOption{
|
||||||
grpc.WithTransportCredentials(creds),
|
grpc.WithTransportCredentials(tlsCreds),
|
||||||
|
grpc.WithPerRPCCredentials(macaroons.NewMacaroonCredential(mac)),
|
||||||
grpc.WithBlock(),
|
grpc.WithBlock(),
|
||||||
grpc.WithTimeout(time.Second * 20),
|
grpc.WithTimeout(time.Second * 20),
|
||||||
}
|
}
|
||||||
|
324
rpcserver.go
324
rpcserver.go
@ -13,6 +13,8 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"gopkg.in/macaroon-bakery.v1/bakery"
|
||||||
|
|
||||||
"sync"
|
"sync"
|
||||||
"sync/atomic"
|
"sync/atomic"
|
||||||
|
|
||||||
@ -23,6 +25,7 @@ import (
|
|||||||
"github.com/lightningnetwork/lnd/lnrpc"
|
"github.com/lightningnetwork/lnd/lnrpc"
|
||||||
"github.com/lightningnetwork/lnd/lnwallet"
|
"github.com/lightningnetwork/lnd/lnwallet"
|
||||||
"github.com/lightningnetwork/lnd/lnwire"
|
"github.com/lightningnetwork/lnd/lnwire"
|
||||||
|
"github.com/lightningnetwork/lnd/macaroons"
|
||||||
"github.com/lightningnetwork/lnd/routing"
|
"github.com/lightningnetwork/lnd/routing"
|
||||||
"github.com/lightningnetwork/lnd/zpay32"
|
"github.com/lightningnetwork/lnd/zpay32"
|
||||||
"github.com/roasbeef/btcd/blockchain"
|
"github.com/roasbeef/btcd/blockchain"
|
||||||
@ -39,6 +42,26 @@ import (
|
|||||||
|
|
||||||
var (
|
var (
|
||||||
defaultAccount uint32 = waddrmgr.DefaultAccountNum
|
defaultAccount uint32 = waddrmgr.DefaultAccountNum
|
||||||
|
|
||||||
|
// roPermissions is a slice of method names that are considered "read-only"
|
||||||
|
// for authorization purposes, all lowercase.
|
||||||
|
roPermissions = []string{
|
||||||
|
"verifymessage",
|
||||||
|
"getinfo",
|
||||||
|
"listpeers",
|
||||||
|
"walletbalance",
|
||||||
|
"channelbalance",
|
||||||
|
"listchannels",
|
||||||
|
"readinvoices",
|
||||||
|
"gettransactions",
|
||||||
|
"describegraph",
|
||||||
|
"getchaninfo",
|
||||||
|
"getnodeinfo",
|
||||||
|
"queryroutes",
|
||||||
|
"getnetworkinfo",
|
||||||
|
"listpayments",
|
||||||
|
"decodepayreq",
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
// rpcServer is a gRPC, RPC front end to the lnd daemon.
|
// rpcServer is a gRPC, RPC front end to the lnd daemon.
|
||||||
@ -49,6 +72,10 @@ type rpcServer struct {
|
|||||||
|
|
||||||
server *server
|
server *server
|
||||||
|
|
||||||
|
// authSvc is the authentication/authorization service backed by
|
||||||
|
// macaroons.
|
||||||
|
authSvc *bakery.Service
|
||||||
|
|
||||||
wg sync.WaitGroup
|
wg sync.WaitGroup
|
||||||
|
|
||||||
quit chan struct{}
|
quit chan struct{}
|
||||||
@ -59,8 +86,12 @@ type rpcServer struct {
|
|||||||
var _ lnrpc.LightningServer = (*rpcServer)(nil)
|
var _ lnrpc.LightningServer = (*rpcServer)(nil)
|
||||||
|
|
||||||
// newRPCServer creates and returns a new instance of the rpcServer.
|
// newRPCServer creates and returns a new instance of the rpcServer.
|
||||||
func newRPCServer(s *server) *rpcServer {
|
func newRPCServer(s *server, authSvc *bakery.Service) *rpcServer {
|
||||||
return &rpcServer{server: s, quit: make(chan struct{}, 1)}
|
return &rpcServer{
|
||||||
|
server: s,
|
||||||
|
authSvc: authSvc,
|
||||||
|
quit: make(chan struct{}, 1),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Start launches any helper goroutines required for the rpcServer
|
// Start launches any helper goroutines required for the rpcServer
|
||||||
@ -123,6 +154,13 @@ func (r *rpcServer) sendCoinsOnChain(paymentMap map[string]int64) (*chainhash.Ha
|
|||||||
// SendMany, this RPC call only allows creating a single output at a time.
|
// SendMany, this RPC call only allows creating a single output at a time.
|
||||||
func (r *rpcServer) SendCoins(ctx context.Context,
|
func (r *rpcServer) SendCoins(ctx context.Context,
|
||||||
in *lnrpc.SendCoinsRequest) (*lnrpc.SendCoinsResponse, error) {
|
in *lnrpc.SendCoinsRequest) (*lnrpc.SendCoinsResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "sendcoins",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Infof("[sendcoins] addr=%v, amt=%v", in.Addr, btcutil.Amount(in.Amount))
|
rpcsLog.Infof("[sendcoins] addr=%v, amt=%v", in.Addr, btcutil.Amount(in.Amount))
|
||||||
|
|
||||||
@ -141,6 +179,13 @@ func (r *rpcServer) SendCoins(ctx context.Context,
|
|||||||
// outputs in parallel.
|
// outputs in parallel.
|
||||||
func (r *rpcServer) SendMany(ctx context.Context,
|
func (r *rpcServer) SendMany(ctx context.Context,
|
||||||
in *lnrpc.SendManyRequest) (*lnrpc.SendManyResponse, error) {
|
in *lnrpc.SendManyRequest) (*lnrpc.SendManyResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "sendcoins",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
txid, err := r.sendCoinsOnChain(in.AddrToAmount)
|
txid, err := r.sendCoinsOnChain(in.AddrToAmount)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -155,6 +200,13 @@ func (r *rpcServer) SendMany(ctx context.Context,
|
|||||||
// NewAddress creates a new address under control of the local wallet.
|
// NewAddress creates a new address under control of the local wallet.
|
||||||
func (r *rpcServer) NewAddress(ctx context.Context,
|
func (r *rpcServer) NewAddress(ctx context.Context,
|
||||||
in *lnrpc.NewAddressRequest) (*lnrpc.NewAddressResponse, error) {
|
in *lnrpc.NewAddressRequest) (*lnrpc.NewAddressResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "newaddress",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Translate the gRPC proto address type to the wallet controller's
|
// Translate the gRPC proto address type to the wallet controller's
|
||||||
// available address types.
|
// available address types.
|
||||||
@ -181,6 +233,13 @@ func (r *rpcServer) NewAddress(ctx context.Context,
|
|||||||
// the local wallet.
|
// the local wallet.
|
||||||
func (r *rpcServer) NewWitnessAddress(ctx context.Context,
|
func (r *rpcServer) NewWitnessAddress(ctx context.Context,
|
||||||
in *lnrpc.NewWitnessAddressRequest) (*lnrpc.NewAddressResponse, error) {
|
in *lnrpc.NewWitnessAddressRequest) (*lnrpc.NewAddressResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "newaddress",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
addr, err := r.server.cc.wallet.NewAddress(lnwallet.WitnessPubKey, false)
|
addr, err := r.server.cc.wallet.NewAddress(lnwallet.WitnessPubKey, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -197,6 +256,13 @@ func (r *rpcServer) NewWitnessAddress(ctx context.Context,
|
|||||||
// verification.
|
// verification.
|
||||||
func (r *rpcServer) SignMessage(ctx context.Context,
|
func (r *rpcServer) SignMessage(ctx context.Context,
|
||||||
in *lnrpc.SignMessageRequest) (*lnrpc.SignMessageResponse, error) {
|
in *lnrpc.SignMessageRequest) (*lnrpc.SignMessageResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "signmessage",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if in.Msg == nil {
|
if in.Msg == nil {
|
||||||
return nil, fmt.Errorf("need a message to sign")
|
return nil, fmt.Errorf("need a message to sign")
|
||||||
@ -217,6 +283,13 @@ func (r *rpcServer) SignMessage(ctx context.Context,
|
|||||||
// VerifyMessage also returns the recovered pubkey from the signature.
|
// VerifyMessage also returns the recovered pubkey from the signature.
|
||||||
func (r *rpcServer) VerifyMessage(ctx context.Context,
|
func (r *rpcServer) VerifyMessage(ctx context.Context,
|
||||||
in *lnrpc.VerifyMessageRequest) (*lnrpc.VerifyMessageResponse, error) {
|
in *lnrpc.VerifyMessageRequest) (*lnrpc.VerifyMessageResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "verifymessage",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if in.Msg == nil {
|
if in.Msg == nil {
|
||||||
return nil, fmt.Errorf("need a message to verify")
|
return nil, fmt.Errorf("need a message to verify")
|
||||||
@ -256,6 +329,13 @@ func (r *rpcServer) VerifyMessage(ctx context.Context,
|
|||||||
// ConnectPeer attempts to establish a connection to a remote peer.
|
// ConnectPeer attempts to establish a connection to a remote peer.
|
||||||
func (r *rpcServer) ConnectPeer(ctx context.Context,
|
func (r *rpcServer) ConnectPeer(ctx context.Context,
|
||||||
in *lnrpc.ConnectPeerRequest) (*lnrpc.ConnectPeerResponse, error) {
|
in *lnrpc.ConnectPeerRequest) (*lnrpc.ConnectPeerResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "connectpeer",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// The server hasn't yet started, so it won't be able to service any of
|
// The server hasn't yet started, so it won't be able to service any of
|
||||||
// our requests, so we'll bail early here.
|
// our requests, so we'll bail early here.
|
||||||
@ -317,6 +397,13 @@ func (r *rpcServer) ConnectPeer(ctx context.Context,
|
|||||||
// with the target peer, this action will be disallowed.
|
// with the target peer, this action will be disallowed.
|
||||||
func (r *rpcServer) DisconnectPeer(ctx context.Context,
|
func (r *rpcServer) DisconnectPeer(ctx context.Context,
|
||||||
in *lnrpc.DisconnectPeerRequest) (*lnrpc.DisconnectPeerResponse, error) {
|
in *lnrpc.DisconnectPeerRequest) (*lnrpc.DisconnectPeerResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "disconnectpeer",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Debugf("[disconnectpeer] from peer(%s)", in.PubKey)
|
rpcsLog.Debugf("[disconnectpeer] from peer(%s)", in.PubKey)
|
||||||
|
|
||||||
@ -366,6 +453,13 @@ func (r *rpcServer) DisconnectPeer(ctx context.Context,
|
|||||||
// request to a remote peer.
|
// request to a remote peer.
|
||||||
func (r *rpcServer) OpenChannel(in *lnrpc.OpenChannelRequest,
|
func (r *rpcServer) OpenChannel(in *lnrpc.OpenChannelRequest,
|
||||||
updateStream lnrpc.Lightning_OpenChannelServer) error {
|
updateStream lnrpc.Lightning_OpenChannelServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(updateStream.Context(),
|
||||||
|
"openchannel", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Tracef("[openchannel] request to peerid(%v) "+
|
rpcsLog.Tracef("[openchannel] request to peerid(%v) "+
|
||||||
"allocation(us=%v, them=%v)", in.TargetPeerId,
|
"allocation(us=%v, them=%v)", in.TargetPeerId,
|
||||||
@ -486,6 +580,13 @@ out:
|
|||||||
// strings.
|
// strings.
|
||||||
func (r *rpcServer) OpenChannelSync(ctx context.Context,
|
func (r *rpcServer) OpenChannelSync(ctx context.Context,
|
||||||
in *lnrpc.OpenChannelRequest) (*lnrpc.ChannelPoint, error) {
|
in *lnrpc.OpenChannelRequest) (*lnrpc.ChannelPoint, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "openchannel",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Tracef("[openchannel] request to peerid(%v) "+
|
rpcsLog.Tracef("[openchannel] request to peerid(%v) "+
|
||||||
"allocation(us=%v, them=%v)", in.TargetPeerId,
|
"allocation(us=%v, them=%v)", in.TargetPeerId,
|
||||||
@ -569,6 +670,13 @@ func (r *rpcServer) OpenChannelSync(ctx context.Context,
|
|||||||
// a force close after a timeout period in the case of an inactive peer.
|
// a force close after a timeout period in the case of an inactive peer.
|
||||||
func (r *rpcServer) CloseChannel(in *lnrpc.CloseChannelRequest,
|
func (r *rpcServer) CloseChannel(in *lnrpc.CloseChannelRequest,
|
||||||
updateStream lnrpc.Lightning_CloseChannelServer) error {
|
updateStream lnrpc.Lightning_CloseChannelServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(updateStream.Context(),
|
||||||
|
"closechannel", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
force := in.Force
|
force := in.Force
|
||||||
index := in.ChannelPoint.OutputIndex
|
index := in.ChannelPoint.OutputIndex
|
||||||
@ -815,6 +923,13 @@ func (r *rpcServer) forceCloseChan(channel *lnwallet.LightningChannel) (*chainha
|
|||||||
// concerning the number of open+pending channels.
|
// concerning the number of open+pending channels.
|
||||||
func (r *rpcServer) GetInfo(ctx context.Context,
|
func (r *rpcServer) GetInfo(ctx context.Context,
|
||||||
in *lnrpc.GetInfoRequest) (*lnrpc.GetInfoResponse, error) {
|
in *lnrpc.GetInfoRequest) (*lnrpc.GetInfoResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "getinfo",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var activeChannels uint32
|
var activeChannels uint32
|
||||||
serverPeers := r.server.Peers()
|
serverPeers := r.server.Peers()
|
||||||
@ -864,6 +979,13 @@ func (r *rpcServer) GetInfo(ctx context.Context,
|
|||||||
// ListPeers returns a verbose listing of all currently active peers.
|
// ListPeers returns a verbose listing of all currently active peers.
|
||||||
func (r *rpcServer) ListPeers(ctx context.Context,
|
func (r *rpcServer) ListPeers(ctx context.Context,
|
||||||
in *lnrpc.ListPeersRequest) (*lnrpc.ListPeersResponse, error) {
|
in *lnrpc.ListPeersRequest) (*lnrpc.ListPeersResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "listpeers",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Tracef("[listpeers] request")
|
rpcsLog.Tracef("[listpeers] request")
|
||||||
|
|
||||||
@ -919,6 +1041,13 @@ func (r *rpcServer) ListPeers(ctx context.Context,
|
|||||||
// TODO(roasbeef): add async hooks into wallet balance changes
|
// TODO(roasbeef): add async hooks into wallet balance changes
|
||||||
func (r *rpcServer) WalletBalance(ctx context.Context,
|
func (r *rpcServer) WalletBalance(ctx context.Context,
|
||||||
in *lnrpc.WalletBalanceRequest) (*lnrpc.WalletBalanceResponse, error) {
|
in *lnrpc.WalletBalanceRequest) (*lnrpc.WalletBalanceResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "walletbalance",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
balance, err := r.server.cc.wallet.ConfirmedBalance(1, in.WitnessOnly)
|
balance, err := r.server.cc.wallet.ConfirmedBalance(1, in.WitnessOnly)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -936,6 +1065,13 @@ func (r *rpcServer) WalletBalance(ctx context.Context,
|
|||||||
// channels in satoshis.
|
// channels in satoshis.
|
||||||
func (r *rpcServer) ChannelBalance(ctx context.Context,
|
func (r *rpcServer) ChannelBalance(ctx context.Context,
|
||||||
in *lnrpc.ChannelBalanceRequest) (*lnrpc.ChannelBalanceResponse, error) {
|
in *lnrpc.ChannelBalanceRequest) (*lnrpc.ChannelBalanceResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "channelbalance",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
channels, err := r.server.chanDB.FetchAllChannels()
|
channels, err := r.server.chanDB.FetchAllChannels()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -958,6 +1094,13 @@ func (r *rpcServer) ChannelBalance(ctx context.Context,
|
|||||||
// process of closure, either initiated cooperatively or non-cooperatively.
|
// process of closure, either initiated cooperatively or non-cooperatively.
|
||||||
func (r *rpcServer) PendingChannels(ctx context.Context,
|
func (r *rpcServer) PendingChannels(ctx context.Context,
|
||||||
in *lnrpc.PendingChannelRequest) (*lnrpc.PendingChannelResponse, error) {
|
in *lnrpc.PendingChannelRequest) (*lnrpc.PendingChannelResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "listchannels",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Debugf("[pendingchannels]")
|
rpcsLog.Debugf("[pendingchannels]")
|
||||||
|
|
||||||
@ -1091,6 +1234,13 @@ func (r *rpcServer) PendingChannels(ctx context.Context,
|
|||||||
// is a participant in.
|
// is a participant in.
|
||||||
func (r *rpcServer) ListChannels(ctx context.Context,
|
func (r *rpcServer) ListChannels(ctx context.Context,
|
||||||
in *lnrpc.ListChannelsRequest) (*lnrpc.ListChannelsResponse, error) {
|
in *lnrpc.ListChannelsRequest) (*lnrpc.ListChannelsResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "listchannels",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resp := &lnrpc.ListChannelsResponse{}
|
resp := &lnrpc.ListChannelsResponse{}
|
||||||
|
|
||||||
@ -1196,6 +1346,14 @@ func (r *rpcServer) savePayment(route *routing.Route, amount btcutil.Amount,
|
|||||||
// bi-directional stream allowing clients to rapidly send payments through the
|
// bi-directional stream allowing clients to rapidly send payments through the
|
||||||
// Lightning Network with a single persistent connection.
|
// Lightning Network with a single persistent connection.
|
||||||
func (r *rpcServer) SendPayment(paymentStream lnrpc.Lightning_SendPaymentServer) error {
|
func (r *rpcServer) SendPayment(paymentStream lnrpc.Lightning_SendPaymentServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(paymentStream.Context(),
|
||||||
|
"sendpayment", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
errChan := make(chan error, 1)
|
errChan := make(chan error, 1)
|
||||||
payChan := make(chan *lnrpc.SendRequest)
|
payChan := make(chan *lnrpc.SendRequest)
|
||||||
|
|
||||||
@ -1355,6 +1513,13 @@ func (r *rpcServer) SendPayment(paymentStream lnrpc.Lightning_SendPaymentServer)
|
|||||||
// hash (if any) to be encoded as hex strings.
|
// hash (if any) to be encoded as hex strings.
|
||||||
func (r *rpcServer) SendPaymentSync(ctx context.Context,
|
func (r *rpcServer) SendPaymentSync(ctx context.Context,
|
||||||
nextPayment *lnrpc.SendRequest) (*lnrpc.SendResponse, error) {
|
nextPayment *lnrpc.SendRequest) (*lnrpc.SendResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "sendpayment",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// We don't allow payments to be sent while the daemon itself is still
|
// We don't allow payments to be sent while the daemon itself is still
|
||||||
// syncing as we may be trying to sent a payment over a "stale"
|
// syncing as we may be trying to sent a payment over a "stale"
|
||||||
@ -1439,6 +1604,13 @@ func (r *rpcServer) SendPaymentSync(ctx context.Context,
|
|||||||
// unique payment preimage.
|
// unique payment preimage.
|
||||||
func (r *rpcServer) AddInvoice(ctx context.Context,
|
func (r *rpcServer) AddInvoice(ctx context.Context,
|
||||||
invoice *lnrpc.Invoice) (*lnrpc.AddInvoiceResponse, error) {
|
invoice *lnrpc.Invoice) (*lnrpc.AddInvoiceResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "addinvoice",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var paymentPreimage [32]byte
|
var paymentPreimage [32]byte
|
||||||
|
|
||||||
@ -1521,6 +1693,13 @@ func (r *rpcServer) AddInvoice(ctx context.Context,
|
|||||||
// returned.
|
// returned.
|
||||||
func (r *rpcServer) LookupInvoice(ctx context.Context,
|
func (r *rpcServer) LookupInvoice(ctx context.Context,
|
||||||
req *lnrpc.PaymentHash) (*lnrpc.Invoice, error) {
|
req *lnrpc.PaymentHash) (*lnrpc.Invoice, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "readinvoices",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
payHash [32]byte
|
payHash [32]byte
|
||||||
@ -1579,6 +1758,13 @@ func (r *rpcServer) LookupInvoice(ctx context.Context,
|
|||||||
// database. Any active debug invoices are ignored.
|
// database. Any active debug invoices are ignored.
|
||||||
func (r *rpcServer) ListInvoices(ctx context.Context,
|
func (r *rpcServer) ListInvoices(ctx context.Context,
|
||||||
req *lnrpc.ListInvoiceRequest) (*lnrpc.ListInvoiceResponse, error) {
|
req *lnrpc.ListInvoiceRequest) (*lnrpc.ListInvoiceResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "readinvoices",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
dbInvoices, err := r.server.chanDB.FetchAllInvoices(req.PendingOnly)
|
dbInvoices, err := r.server.chanDB.FetchAllInvoices(req.PendingOnly)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -1618,6 +1804,13 @@ func (r *rpcServer) ListInvoices(ctx context.Context,
|
|||||||
// notifying the client of newly added/settled invoices.
|
// notifying the client of newly added/settled invoices.
|
||||||
func (r *rpcServer) SubscribeInvoices(req *lnrpc.InvoiceSubscription,
|
func (r *rpcServer) SubscribeInvoices(req *lnrpc.InvoiceSubscription,
|
||||||
updateStream lnrpc.Lightning_SubscribeInvoicesServer) error {
|
updateStream lnrpc.Lightning_SubscribeInvoicesServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(updateStream.Context(),
|
||||||
|
"readinvoices", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
invoiceClient := r.server.invoices.SubscribeNotifications()
|
invoiceClient := r.server.invoices.SubscribeNotifications()
|
||||||
defer invoiceClient.Cancel()
|
defer invoiceClient.Cancel()
|
||||||
@ -1650,6 +1843,13 @@ func (r *rpcServer) SubscribeInvoices(req *lnrpc.InvoiceSubscription,
|
|||||||
// over.
|
// over.
|
||||||
func (r *rpcServer) SubscribeTransactions(req *lnrpc.GetTransactionsRequest,
|
func (r *rpcServer) SubscribeTransactions(req *lnrpc.GetTransactionsRequest,
|
||||||
updateStream lnrpc.Lightning_SubscribeTransactionsServer) error {
|
updateStream lnrpc.Lightning_SubscribeTransactionsServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(updateStream.Context(),
|
||||||
|
"gettransactions", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
txClient, err := r.server.cc.wallet.SubscribeTransactions()
|
txClient, err := r.server.cc.wallet.SubscribeTransactions()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -1689,8 +1889,15 @@ func (r *rpcServer) SubscribeTransactions(req *lnrpc.GetTransactionsRequest,
|
|||||||
|
|
||||||
// GetTransactions returns a list of describing all the known transactions
|
// GetTransactions returns a list of describing all the known transactions
|
||||||
// relevant to the wallet.
|
// relevant to the wallet.
|
||||||
func (r *rpcServer) GetTransactions(context.Context,
|
func (r *rpcServer) GetTransactions(ctx context.Context,
|
||||||
*lnrpc.GetTransactionsRequest) (*lnrpc.TransactionDetails, error) {
|
_ *lnrpc.GetTransactionsRequest) (*lnrpc.TransactionDetails, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "gettransactions",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO(btcsuite): add pagination support
|
// TODO(btcsuite): add pagination support
|
||||||
transactions, err := r.server.cc.wallet.ListTransactionDetails()
|
transactions, err := r.server.cc.wallet.ListTransactionDetails()
|
||||||
@ -1722,8 +1929,15 @@ func (r *rpcServer) GetTransactions(context.Context,
|
|||||||
// As this is a directed graph, the edges also contain the node directional
|
// As this is a directed graph, the edges also contain the node directional
|
||||||
// specific routing policy which includes: the time lock delta, fee
|
// specific routing policy which includes: the time lock delta, fee
|
||||||
// information, etc.
|
// information, etc.
|
||||||
func (r *rpcServer) DescribeGraph(context.Context,
|
func (r *rpcServer) DescribeGraph(ctx context.Context,
|
||||||
*lnrpc.ChannelGraphRequest) (*lnrpc.ChannelGraph, error) {
|
_ *lnrpc.ChannelGraphRequest) (*lnrpc.ChannelGraph, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "describegraph",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resp := &lnrpc.ChannelGraph{}
|
resp := &lnrpc.ChannelGraph{}
|
||||||
|
|
||||||
@ -1823,8 +2037,15 @@ func marshalDbEdge(edgeInfo *channeldb.ChannelEdgeInfo,
|
|||||||
// given channel identified by its channel ID: an 8-byte integer which uniquely
|
// given channel identified by its channel ID: an 8-byte integer which uniquely
|
||||||
// identifies the location of transaction's funding output within the block
|
// identifies the location of transaction's funding output within the block
|
||||||
// chain.
|
// chain.
|
||||||
func (r *rpcServer) GetChanInfo(_ context.Context, in *lnrpc.ChanInfoRequest) (*lnrpc.ChannelEdge, error) {
|
func (r *rpcServer) GetChanInfo(ctx context.Context, in *lnrpc.ChanInfoRequest) (*lnrpc.ChannelEdge, error) {
|
||||||
graph := r.server.chanDB.ChannelGraph()
|
graph := r.server.chanDB.ChannelGraph()
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "getchaninfo",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
edgeInfo, edge1, edge2, err := graph.FetchChannelEdgesByID(in.ChanId)
|
edgeInfo, edge1, edge2, err := graph.FetchChannelEdgesByID(in.ChanId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -1841,7 +2062,14 @@ func (r *rpcServer) GetChanInfo(_ context.Context, in *lnrpc.ChanInfoRequest) (*
|
|||||||
|
|
||||||
// GetNodeInfo returns the latest advertised and aggregate authenticated
|
// GetNodeInfo returns the latest advertised and aggregate authenticated
|
||||||
// channel information for the specified node identified by its public key.
|
// channel information for the specified node identified by its public key.
|
||||||
func (r *rpcServer) GetNodeInfo(_ context.Context, in *lnrpc.NodeInfoRequest) (*lnrpc.NodeInfo, error) {
|
func (r *rpcServer) GetNodeInfo(ctx context.Context, in *lnrpc.NodeInfoRequest) (*lnrpc.NodeInfo, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "getnodeinfo",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
graph := r.server.chanDB.ChannelGraph()
|
graph := r.server.chanDB.ChannelGraph()
|
||||||
|
|
||||||
@ -1910,8 +2138,15 @@ func (r *rpcServer) GetNodeInfo(_ context.Context, in *lnrpc.NodeInfoRequest) (*
|
|||||||
//
|
//
|
||||||
// TODO(roasbeef): should return a slice of routes in reality
|
// TODO(roasbeef): should return a slice of routes in reality
|
||||||
// * create separate PR to send based on well formatted route
|
// * create separate PR to send based on well formatted route
|
||||||
func (r *rpcServer) QueryRoutes(_ context.Context,
|
func (r *rpcServer) QueryRoutes(ctx context.Context,
|
||||||
in *lnrpc.QueryRoutesRequest) (*lnrpc.QueryRoutesResponse, error) {
|
in *lnrpc.QueryRoutesRequest) (*lnrpc.QueryRoutesResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "queryroutes",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// First parse the hex-encdoed public key into a full public key objet
|
// First parse the hex-encdoed public key into a full public key objet
|
||||||
// we can properly manipulate.
|
// we can properly manipulate.
|
||||||
@ -1967,7 +2202,14 @@ func marshalRoute(route *routing.Route) *lnrpc.Route {
|
|||||||
|
|
||||||
// GetNetworkInfo returns some basic stats about the known channel graph from
|
// GetNetworkInfo returns some basic stats about the known channel graph from
|
||||||
// the PoV of the node.
|
// the PoV of the node.
|
||||||
func (r *rpcServer) GetNetworkInfo(context.Context, *lnrpc.NetworkInfoRequest) (*lnrpc.NetworkInfo, error) {
|
func (r *rpcServer) GetNetworkInfo(ctx context.Context, _ *lnrpc.NetworkInfoRequest) (*lnrpc.NetworkInfo, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "getnetworkinfo",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
graph := r.server.chanDB.ChannelGraph()
|
graph := r.server.chanDB.ChannelGraph()
|
||||||
|
|
||||||
@ -2081,7 +2323,14 @@ func (r *rpcServer) GetNetworkInfo(context.Context, *lnrpc.NetworkInfoRequest) (
|
|||||||
|
|
||||||
// StopDaemon will send a shutdown request to the interrupt handler, triggering
|
// StopDaemon will send a shutdown request to the interrupt handler, triggering
|
||||||
// a graceful shutdown of the daemon.
|
// a graceful shutdown of the daemon.
|
||||||
func (r *rpcServer) StopDaemon(context.Context, *lnrpc.StopRequest) (*lnrpc.StopResponse, error) {
|
func (r *rpcServer) StopDaemon(ctx context.Context, _ *lnrpc.StopRequest) (*lnrpc.StopResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "stopdaemon",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
shutdownRequestChannel <- struct{}{}
|
shutdownRequestChannel <- struct{}{}
|
||||||
return &lnrpc.StopResponse{}, nil
|
return &lnrpc.StopResponse{}, nil
|
||||||
@ -2095,6 +2344,13 @@ func (r *rpcServer) StopDaemon(context.Context, *lnrpc.StopRequest) (*lnrpc.Stop
|
|||||||
// and finally when prior channels are closed on-chain.
|
// and finally when prior channels are closed on-chain.
|
||||||
func (r *rpcServer) SubscribeChannelGraph(req *lnrpc.GraphTopologySubscription,
|
func (r *rpcServer) SubscribeChannelGraph(req *lnrpc.GraphTopologySubscription,
|
||||||
updateStream lnrpc.Lightning_SubscribeChannelGraphServer) error {
|
updateStream lnrpc.Lightning_SubscribeChannelGraphServer) error {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(updateStream.Context(),
|
||||||
|
"describegraph", r.authSvc); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// First, we start by subscribing to a new intent to receive
|
// First, we start by subscribing to a new intent to receive
|
||||||
// notifications from the channel router.
|
// notifications from the channel router.
|
||||||
@ -2206,8 +2462,15 @@ func marshallTopologyChange(topChange *routing.TopologyChange) *lnrpc.GraphTopol
|
|||||||
}
|
}
|
||||||
|
|
||||||
// ListPayments returns a list of all outgoing payments.
|
// ListPayments returns a list of all outgoing payments.
|
||||||
func (r *rpcServer) ListPayments(context.Context,
|
func (r *rpcServer) ListPayments(ctx context.Context,
|
||||||
*lnrpc.ListPaymentsRequest) (*lnrpc.ListPaymentsResponse, error) {
|
_ *lnrpc.ListPaymentsRequest) (*lnrpc.ListPaymentsResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "listpayments",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Debugf("[ListPayments]")
|
rpcsLog.Debugf("[ListPayments]")
|
||||||
|
|
||||||
@ -2237,8 +2500,15 @@ func (r *rpcServer) ListPayments(context.Context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// DeleteAllPayments deletes all outgoing payments from DB.
|
// DeleteAllPayments deletes all outgoing payments from DB.
|
||||||
func (r *rpcServer) DeleteAllPayments(context.Context,
|
func (r *rpcServer) DeleteAllPayments(ctx context.Context,
|
||||||
*lnrpc.DeleteAllPaymentsRequest) (*lnrpc.DeleteAllPaymentsResponse, error) {
|
_ *lnrpc.DeleteAllPaymentsRequest) (*lnrpc.DeleteAllPaymentsResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "deleteallpayments",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rpcsLog.Debugf("[DeleteAllPayments]")
|
rpcsLog.Debugf("[DeleteAllPayments]")
|
||||||
|
|
||||||
@ -2250,7 +2520,15 @@ func (r *rpcServer) DeleteAllPayments(context.Context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// SetAlias...
|
// SetAlias...
|
||||||
func (r *rpcServer) SetAlias(context.Context, *lnrpc.SetAliasRequest) (*lnrpc.SetAliasResponse, error) {
|
func (r *rpcServer) SetAlias(ctx context.Context, _ *lnrpc.SetAliasRequest) (*lnrpc.SetAliasResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "setalias",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2260,6 +2538,13 @@ func (r *rpcServer) SetAlias(context.Context, *lnrpc.SetAliasRequest) (*lnrpc.Se
|
|||||||
// sub-system.
|
// sub-system.
|
||||||
func (r *rpcServer) DebugLevel(ctx context.Context,
|
func (r *rpcServer) DebugLevel(ctx context.Context,
|
||||||
req *lnrpc.DebugLevelRequest) (*lnrpc.DebugLevelResponse, error) {
|
req *lnrpc.DebugLevelRequest) (*lnrpc.DebugLevelResponse, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "debuglevel",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// If show is set, then we simply print out the list of available
|
// If show is set, then we simply print out the list of available
|
||||||
// sub-systems.
|
// sub-systems.
|
||||||
@ -2285,6 +2570,13 @@ func (r *rpcServer) DebugLevel(ctx context.Context,
|
|||||||
// payment request.
|
// payment request.
|
||||||
func (r *rpcServer) DecodePayReq(ctx context.Context,
|
func (r *rpcServer) DecodePayReq(ctx context.Context,
|
||||||
req *lnrpc.PayReqString) (*lnrpc.PayReq, error) {
|
req *lnrpc.PayReqString) (*lnrpc.PayReq, error) {
|
||||||
|
// Check macaroon to see if this is allowed.
|
||||||
|
if r.authSvc != nil {
|
||||||
|
if err := macaroons.ValidateMacaroon(ctx, "decodepayreq",
|
||||||
|
r.authSvc); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Fist we'll attempt to decode the payment request string, if the
|
// Fist we'll attempt to decode the payment request string, if the
|
||||||
// request is invalid or the checksum doesn't match, then we'll exit
|
// request is invalid or the checksum doesn't match, then we'll exit
|
||||||
|
Loading…
Reference in New Issue
Block a user