Add CheckMacaroonPermissions command to client

Author: orbitalturtle

lightning_client.go

@@ -181,6 +181,11 @@ type LightningClient interface {
 	// vertices.
 	QueryRoutes(ctx context.Context, req QueryRoutesRequest) (
 		*QueryRoutesResponse, error)
+
+	// CheckMacaroonPermissions allows a client to check the validity of a
+	// macaroon.
+	CheckMacaroonPermissions(ctx context.Context, macaroon []byte,
+		permissions []MacaroonPermission) (bool, error)
 }
 
 // Info contains info about the connected lnd node.
@@ -3469,3 +3474,30 @@ func (s *lightningClient) QueryRoutes(ctx context.Context,
 		TotalAmtMsat:  lnwire.MilliSatoshi(route.TotalAmtMsat),
 	}, nil
 }
+
+func (s *lightningClient) CheckMacaroonPermissions(ctx context.Context,
+	macaroon []byte, permissions []MacaroonPermission) (bool, error) {
+
+	rpcPermissions := make([]*lnrpc.MacaroonPermission, 0)
+	for _, perm := range permissions {
+		permission := &lnrpc.MacaroonPermission{
+			Entity: perm.Entity,
+			Action: perm.Action,
+		}
+
+		rpcPermissions = append(rpcPermissions, permission)
+	}
+
+	rpcCtx := s.adminMac.WithMacaroonAuth(ctx)
+	res, err := s.client.CheckMacaroonPermissions(
+		rpcCtx, &lnrpc.CheckMacPermRequest{
+			Macaroon:    macaroon,
+			Permissions: rpcPermissions,
+		},
+	)
+	if err != nil {
+		return false, err
+	}
+
+	return res.Valid, nil
+}

macaroon_recipes_test.go

@@ -12,7 +12,7 @@ import (
 
 var (
 	expectedPermissions = map[string]int{
-		"lnrpc":       9,
+		"lnrpc":       10,
 		"chainrpc":    1,
 		"invoicesrpc": 2,
 		"routerrpc":   2,

testdata/permissions.json

@@ -140,6 +140,14 @@
                 }
             ]
         },
+	"/lnrpc.Lightning/CheckMacaroonPermissions": {
+	    "permissions": [
+		{
+		    "entity": "macaroon",
+		    "action": "read"
+		}
+	    ]
+	},
         "/lnrpc.Lightning/CloseChannel": {
             "permissions": [
                 {