allow more restricted macroons fix #827
This commit is contained in:
parent
0c3be0cd08
commit
5c3c7fb185
|
@ -408,7 +408,12 @@ export default {
|
||||||
macaroon,
|
macaroon,
|
||||||
socket
|
socket
|
||||||
})
|
})
|
||||||
return await getIdentity({ lnd })
|
return await createInvoice({
|
||||||
|
description: 'SN connection test',
|
||||||
|
lnd,
|
||||||
|
tokens: 0,
|
||||||
|
expires_at: new Date()
|
||||||
|
})
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{ settings, data }, { me, models })
|
{ settings, data }, { me, models })
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
|
import React from 'react'
|
||||||
import InfoIcon from '../svgs/information-fill.svg'
|
import InfoIcon from '../svgs/information-fill.svg'
|
||||||
import { useShowModal } from './modal'
|
import { useShowModal } from './modal'
|
||||||
|
|
||||||
export default function Info ({ children, iconClassName = 'fill-theme-color' }) {
|
export default function Info ({ children, label, iconClassName = 'fill-theme-color' }) {
|
||||||
const showModal = useShowModal()
|
const showModal = useShowModal()
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<InfoIcon
|
<div
|
||||||
width={18} height={18} className={`${iconClassName} pointer ms-1`}
|
|
||||||
onClick={(e) => {
|
onClick={(e) => {
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
showModal(onClose => children)
|
showModal(onClose => children)
|
||||||
}}
|
}}
|
||||||
|
className='pointer'
|
||||||
|
>
|
||||||
|
<InfoIcon
|
||||||
|
width={18} height={18} className={`${iconClassName} mx-1`}
|
||||||
/>
|
/>
|
||||||
|
{label && <small className='text-muted'>{label}</small>}
|
||||||
|
</div>
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,6 +46,10 @@ function arrayCustomizer (value1, value2) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export function isInvoicableMacaroon (macaroon) {
|
||||||
|
return isEqualWith(macaroonOPs(macaroon), INVOICABLE_MACAROON_OPS, arrayCustomizer)
|
||||||
|
}
|
||||||
|
|
||||||
export function isInvoiceMacaroon (macaroon) {
|
export function isInvoiceMacaroon (macaroon) {
|
||||||
return isEqualWith(macaroonOPs(macaroon), INVOICE_MACAROON_OPS, arrayCustomizer)
|
return isEqualWith(macaroonOPs(macaroon), INVOICE_MACAROON_OPS, arrayCustomizer)
|
||||||
}
|
}
|
||||||
|
@ -58,6 +62,16 @@ export function isReadOnlyMacaroon (macaroon) {
|
||||||
return isEqualWith(macaroonOPs(macaroon), READ_ONLY_MACAROON_OPS, arrayCustomizer)
|
return isEqualWith(macaroonOPs(macaroon), READ_ONLY_MACAROON_OPS, arrayCustomizer)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const INVOICABLE_MACAROON_OPS = [
|
||||||
|
{
|
||||||
|
entity: 'invoices',
|
||||||
|
actions: [
|
||||||
|
'read',
|
||||||
|
'write'
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
const INVOICE_MACAROON_OPS = [
|
const INVOICE_MACAROON_OPS = [
|
||||||
{
|
{
|
||||||
entity: 'address',
|
entity: 'address',
|
||||||
|
|
|
@ -9,7 +9,7 @@ import { NOSTR_MAX_RELAY_NUM, NOSTR_PUBKEY_BECH32, NOSTR_PUBKEY_HEX } from './no
|
||||||
import { msatsToSats, numWithUnits, abbrNum } from './format'
|
import { msatsToSats, numWithUnits, abbrNum } from './format'
|
||||||
import * as usersFragments from '../fragments/users'
|
import * as usersFragments from '../fragments/users'
|
||||||
import * as subsFragments from '../fragments/subs'
|
import * as subsFragments from '../fragments/subs'
|
||||||
import { B64_REGEX, HEX_REGEX, isInvoiceMacaroon } from './macaroon'
|
import { B64_REGEX, HEX_REGEX, isInvoicableMacaroon, isInvoiceMacaroon } from './macaroon'
|
||||||
const { SUB } = subsFragments
|
const { SUB } = subsFragments
|
||||||
const { NAME_QUERY } = usersFragments
|
const { NAME_QUERY } = usersFragments
|
||||||
|
|
||||||
|
@ -296,7 +296,7 @@ export function LNDAutowithdrawSchema ({ me } = {}) {
|
||||||
socket: string().socket().required('required'),
|
socket: string().socket().required('required'),
|
||||||
macaroon: hexOrBase64Validator.required('required').test({
|
macaroon: hexOrBase64Validator.required('required').test({
|
||||||
name: 'macaroon',
|
name: 'macaroon',
|
||||||
test: isInvoiceMacaroon,
|
test: v => isInvoiceMacaroon(v) || isInvoicableMacaroon(v),
|
||||||
message: 'not an invoice macaroon'
|
message: 'not an invoice macaroon'
|
||||||
}),
|
}),
|
||||||
cert: hexOrBase64Validator,
|
cert: hexOrBase64Validator,
|
||||||
|
|
|
@ -9,6 +9,8 @@ import { LNDAutowithdrawSchema } from '../../../lib/validate'
|
||||||
import { useRouter } from 'next/router'
|
import { useRouter } from 'next/router'
|
||||||
import { AutowithdrawSettings, autowithdrawInitial } from '../../../components/autowithdraw-shared'
|
import { AutowithdrawSettings, autowithdrawInitial } from '../../../components/autowithdraw-shared'
|
||||||
import { REMOVE_WALLET, UPSERT_WALLET_LND, WALLET_BY_TYPE } from '../../../fragments/wallet'
|
import { REMOVE_WALLET, UPSERT_WALLET_LND, WALLET_BY_TYPE } from '../../../fragments/wallet'
|
||||||
|
import Info from '../../../components/info'
|
||||||
|
import Text from '../../../components/text'
|
||||||
|
|
||||||
const variables = { type: 'LND' }
|
const variables = { type: 'LND' }
|
||||||
export const getServerSideProps = getGetServerSideProps({ query: WALLET_BY_TYPE, variables, authRequired: true })
|
export const getServerSideProps = getGetServerSideProps({ query: WALLET_BY_TYPE, variables, authRequired: true })
|
||||||
|
@ -62,19 +64,30 @@ export default function LND ({ ssrData }) {
|
||||||
name='socket'
|
name='socket'
|
||||||
hint='tor or clearnet'
|
hint='tor or clearnet'
|
||||||
placeholder='55.5.555.55:10001'
|
placeholder='55.5.555.55:10001'
|
||||||
|
clear
|
||||||
required
|
required
|
||||||
autoFocus
|
autoFocus
|
||||||
/>
|
/>
|
||||||
<Input
|
<Input
|
||||||
label='invoice macaroon'
|
label={
|
||||||
|
<div className='d-flex align-items-center'>invoice macaroon
|
||||||
|
<Info label='privacy tip'>
|
||||||
|
<Text>
|
||||||
|
{'We accept a prebaked ***invoice.macaroon*** for your convenience. To gain better privacy, generate a new macaroon as follows:\n\n```lncli bakemacaroon invoices:write invoices:read```'}
|
||||||
|
</Text>
|
||||||
|
</Info>
|
||||||
|
</div>
|
||||||
|
}
|
||||||
name='macaroon'
|
name='macaroon'
|
||||||
|
clear
|
||||||
hint='hex or base64 encoded'
|
hint='hex or base64 encoded'
|
||||||
placeholder='AgEDbG5kAlgDChCn7YgfWX7uTkQQgXZ2uahNEgEwGhYKB2FkZHJlc3MSBHJlYWQSBXdyaXRlGhcKCGludm9pY2VzEgRyZWFkEgV3cml0ZRoPCgdvbmNoYWluEgRyZWFkAAAGIJkMBrrDV0npU90JV0TGNJPrqUD8m2QYoTDjolaL6eBs'
|
placeholder='AgEDbG5kAlgDChCn7YgfWX7uTkQQgXZ2uahNEgEwGhYKB2FkZHJlc3MSBHJlYWQSBXdyaXRlGhcKCGludm9pY2VzEgRyZWFkEgV3cml0ZRoPCgdvbmNoYWluEgRyZWFkAAAGIJkMBrrDV0npU90JV0TGNJPrqUD8m2QYoTDjolaL6eBs'
|
||||||
required
|
required
|
||||||
/>
|
/>
|
||||||
<Input
|
<Input
|
||||||
label={<>cert <small className='text-muted ms-2'>optional if from CA (e.g. voltage)</small></>}
|
label={<>cert <small className='text-muted ms-2'>optional if from <a href='https://en.wikipedia.org/wiki/Certificate_authority' target='_blank' rel='noreferrer'>CA</a> (e.g. voltage)</small></>}
|
||||||
name='cert'
|
name='cert'
|
||||||
|
clear
|
||||||
hint='hex or base64 encoded'
|
hint='hex or base64 encoded'
|
||||||
placeholder='LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNNVENDQWRpZ0F3SUJBZ0lRSHBFdFdrcGJwZHV4RVF2eVBPc3NWVEFLQmdncWhrak9QUVFEQWpBdk1SOHcKSFFZRFZRUUtFeFpzYm1RZ1lYVjBiMmRsYm1WeVlYUmxaQ0JqWlhKME1Rd3dDZ1lEVlFRREV3TmliMkl3SGhjTgpNalF3TVRBM01qQXhORE0wV2hjTk1qVXdNekF6TWpBeE5ETTBXakF2TVI4d0hRWURWUVFLRXhac2JtUWdZWFYwCmIyZGxibVZ5WVhSbFpDQmpaWEowTVF3d0NnWURWUVFERXdOaWIySXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak8KUFFNQkJ3TkNBQVJUS3NMVk5oZnhqb1FLVDlkVVdDbzUzSmQwTnBuL1BtYi9LUE02M1JxbU52dFYvdFk4NjJJZwpSbE41cmNHRnBEajhUeFc2OVhIK0pTcHpjWDdlN3N0Um80SFZNSUhTTUE0R0ExVWREd0VCL3dRRUF3SUNwREFUCkJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01CMEdBMVVkRGdRV0JCVDAKMnh3V25GeHRUNzI0MWxwZlNoNm9FWi9UMWpCN0JnTlZIUkVFZERCeWdnTmliMktDQ1d4dlkyRnNhRzl6ZElJRApZbTlpZ2d4d2IyeGhjaTF1TVMxaWIyS0NGR2h2YzNRdVpHOWphMlZ5TG1sdWRHVnlibUZzZ2dSMWJtbDRnZ3AxCmJtbDRjR0ZqYTJWMGdnZGlkV1pqYjI1dWh3Ui9BQUFCaHhBQUFBQUFBQUFBQUFBQUFBQUFBQUFCaHdTc0VnQUQKTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUEwUTlkRXdoNXpPRnpwL3hYeHNpemh5SkxNVG5yazU1VWx1NHJPRwo4WW52QWlBVGt4U3p3Y3hZZnFscGx0UlNIbmd0NUJFcDBzcXlHL05nenBzb2pmMGNqQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K'
|
placeholder='LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNNVENDQWRpZ0F3SUJBZ0lRSHBFdFdrcGJwZHV4RVF2eVBPc3NWVEFLQmdncWhrak9QUVFEQWpBdk1SOHcKSFFZRFZRUUtFeFpzYm1RZ1lYVjBiMmRsYm1WeVlYUmxaQ0JqWlhKME1Rd3dDZ1lEVlFRREV3TmliMkl3SGhjTgpNalF3TVRBM01qQXhORE0wV2hjTk1qVXdNekF6TWpBeE5ETTBXakF2TVI4d0hRWURWUVFLRXhac2JtUWdZWFYwCmIyZGxibVZ5WVhSbFpDQmpaWEowTVF3d0NnWURWUVFERXdOaWIySXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak8KUFFNQkJ3TkNBQVJUS3NMVk5oZnhqb1FLVDlkVVdDbzUzSmQwTnBuL1BtYi9LUE02M1JxbU52dFYvdFk4NjJJZwpSbE41cmNHRnBEajhUeFc2OVhIK0pTcHpjWDdlN3N0Um80SFZNSUhTTUE0R0ExVWREd0VCL3dRRUF3SUNwREFUCkJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01CMEdBMVVkRGdRV0JCVDAKMnh3V25GeHRUNzI0MWxwZlNoNm9FWi9UMWpCN0JnTlZIUkVFZERCeWdnTmliMktDQ1d4dlkyRnNhRzl6ZElJRApZbTlpZ2d4d2IyeGhjaTF1TVMxaWIyS0NGR2h2YzNRdVpHOWphMlZ5TG1sdWRHVnlibUZzZ2dSMWJtbDRnZ3AxCmJtbDRjR0ZqYTJWMGdnZGlkV1pqYjI1dWh3Ui9BQUFCaHhBQUFBQUFBQUFBQUFBQUFBQUFBQUFCaHdTc0VnQUQKTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUEwUTlkRXdoNXpPRnpwL3hYeHNpemh5SkxNVG5yazU1VWx1NHJPRwo4WW52QWlBVGt4U3p3Y3hZZnFscGx0UlNIbmd0NUJFcDBzcXlHL05nenBzb2pmMGNqQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K'
|
||||||
/>
|
/>
|
||||||
|
|
Loading…
Reference in New Issue