github.com/decred/dcrlnd@v0.7.6/macaroons/auth.go

github.com/decred/dcrlnd@v0.7.6/macaroons/auth.go (about)

     1  package macaroons
     2  
     3  import (
     4  	"context"
     5  	"encoding/hex"
     6  
     7  	macaroon "gopkg.in/macaroon.v2"
     8  )
     9  
    10  // MacaroonCredential wraps a macaroon to implement the
    11  // credentials.PerRPCCredentials interface.
    12  type MacaroonCredential struct {
    13  	*macaroon.Macaroon
    14  }
    15  
    16  // RequireTransportSecurity implements the PerRPCCredentials interface.
    17  func (m MacaroonCredential) RequireTransportSecurity() bool {
    18  	return true
    19  }
    20  
    21  // GetRequestMetadata implements the PerRPCCredentials interface. This method
    22  // is required in order to pass the wrapped macaroon into the gRPC context.
    23  // With this, the macaroon will be available within the request handling scope
    24  // of the ultimate gRPC server implementation.
    25  func (m MacaroonCredential) GetRequestMetadata(ctx context.Context,
    26  	uri ...string) (map[string]string, error) {
    27  
    28  	macBytes, err := m.MarshalBinary()
    29  	if err != nil {
    30  		return nil, err
    31  	}
    32  
    33  	md := make(map[string]string)
    34  	md["macaroon"] = hex.EncodeToString(macBytes)
    35  	return md, nil
    36  }
    37  
    38  // NewMacaroonCredential returns a copy of the passed macaroon wrapped in a
    39  // MacaroonCredential struct which implements PerRPCCredentials.
    40  func NewMacaroonCredential(m *macaroon.Macaroon) (MacaroonCredential, error) {
    41  	ms := MacaroonCredential{}
    42  
    43  	// The macaroon library's Clone() method has a subtle bug that doesn't
    44  	// correctly clone all caveats. We need to use our own, safe clone
    45  	// function instead.
    46  	var err error
    47  	ms.Macaroon, err = SafeCopyMacaroon(m)
    48  	if err != nil {
    49  		return ms, err
    50  	}
    51  
    52  	return ms, nil
    53  }