Merge pull request #44 from ellemouton/parseAuthData

multi: extract expiry and perms from macaroon

Author: guggero

cmd/wasm-client/go.mod

@@ -3,13 +3,16 @@ module github.com/lightninglabs/lightning-node-connect/cmd/wasm-client
 require (
 	github.com/btcsuite/btcd/btcec/v2 v2.2.0
 	github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f
+	github.com/golang/protobuf v1.5.2
 	github.com/jessevdk/go-flags v1.4.0
-	github.com/lightninglabs/faraday v0.2.7-alpha.0.20220503144421-cd1e56982f09
+	github.com/lightninglabs/faraday v0.2.7-alpha.0.20220614135954-0f761430806c
 	github.com/lightninglabs/lightning-node-connect v0.1.9-alpha.0.20220602120524-e9964c685b18
-	github.com/lightninglabs/loop v0.18.0-beta
-	github.com/lightninglabs/pool v0.5.6-alpha
-	github.com/lightningnetwork/lnd v0.15.0-beta.rc3
+	github.com/lightninglabs/loop v0.19.1-beta.0.20220614171321-490fb352ffe9
+	github.com/lightninglabs/pool v0.5.6-alpha.0.20220615075127-160ae4594f4a
+	github.com/lightningnetwork/lnd v0.15.0-beta.rc4
 	google.golang.org/grpc v1.39.0
+	gopkg.in/macaroon-bakery.v2 v2.0.1
+	gopkg.in/macaroon.v2 v2.1.0
 )
 
 replace github.com/lightninglabs/lightning-node-connect => ../../

cmd/wasm-client/go.sum

@@ -87,8 +87,6 @@ github.com/btcsuite/btcd/btcutil v1.1.0/go.mod h1:5OapHB7A2hBBWLm48mmw4MOHNJCcUB
 github.com/btcsuite/btcd/btcutil v1.1.1 h1:hDcDaXiP0uEzR8Biqo2weECKqEw0uHDZ9ixIWevVQqY=
 github.com/btcsuite/btcd/btcutil v1.1.1/go.mod h1:nbKlBMNm9FGsdvKvu0essceubPiAcI57pYBNnsLAa34=
 github.com/btcsuite/btcd/btcutil/psbt v1.1.0/go.mod h1:xMuACsIKDzcE3kWMxqK+aLrAWZ8bMdn7YjYEwNs5q8k=
-github.com/btcsuite/btcd/btcutil/psbt v1.1.1/go.mod h1:KsGzRAzAdEimzgERpK9Xm+RhuCMvc4j2ctK0BEQ8JV0=
-github.com/btcsuite/btcd/btcutil/psbt v1.1.2/go.mod h1:GMJ40RHh0brZmhAKjltvYjakbVg9wQqfH+hZF96jIRE=
 github.com/btcsuite/btcd/btcutil/psbt v1.1.4 h1:Edx4AfBn+YPam2KP5AobDitulGp4r1Oibm8oruzkMdI=
 github.com/btcsuite/btcd/btcutil/psbt v1.1.4/go.mod h1:9AyU6EQVJ9Iw9zPyNT1lcdHd6cnEZdno5wLu5FY74os=
 github.com/btcsuite/btcd/chaincfg/chainhash v1.0.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
@@ -98,9 +96,9 @@ github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f h1:bAs4lUbRJpnnkd9
 github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA=
 github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg=
 github.com/btcsuite/btcwallet v0.14.0/go.mod h1:KFR1x3ZH7c31i4qA34XIvcsnhrEBLK1SHli52lN8E54=
-github.com/btcsuite/btcwallet v0.14.1-0.20220322182735-b0001c262734/go.mod h1:QN2tl1ipATUQRo9RtgvMHLSspqx7QWsj30qL+7AXuAo=
-github.com/btcsuite/btcwallet v0.15.1-0.20220512002839-af5562928b70 h1:BkEGO61/bSFNr1xlFTMPrVg2Qw83Bs6gJ5r7PBEGBMo=
 github.com/btcsuite/btcwallet v0.15.1-0.20220512002839-af5562928b70/go.mod h1:OQ+KZYSjNxxSIya6uWKquZBJgb8sV86njOj1tzsf0WE=
+github.com/btcsuite/btcwallet v0.15.1-0.20220601171836-38f1e7fbb23d h1:wJkFDREcDmctDkgMpSQ3R5i1LURsGWsDauzU3OO7HPI=
+github.com/btcsuite/btcwallet v0.15.1-0.20220601171836-38f1e7fbb23d/go.mod h1:zquPhQW95RBsCoSdCz3HxfaWnmxKB6ED3NW1WqFcTIk=
 github.com/btcsuite/btcwallet/wallet/txauthor v1.2.1/go.mod h1:/74bubxX5Js48d76nf/TsNabpYp/gndUuJw4chzCmhU=
 github.com/btcsuite/btcwallet/wallet/txauthor v1.2.3 h1:M2yr5UlULvpqtxUqpMxTME/pA92Z9cpqeyvAFk9lAg0=
 github.com/btcsuite/btcwallet/wallet/txauthor v1.2.3/go.mod h1:T2xSiKGpUkSLCh68aF+FMXmKK9mFqNdHl9VaqOr+JjU=
@@ -498,34 +496,32 @@ github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lib/pq v1.10.3 h1:v9QZf2Sn6AmjXtQeFpdoq/eaNtYP6IN+7lcrygsIAtg=
 github.com/lib/pq v1.10.3/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
-github.com/lightninglabs/aperture v0.1.17-beta.0.20220325093943-42b9d4c1be7f/go.mod h1:lDjRKhndRH0CzZQ2m8dWODdqp/ejEW7esb2u2nlvrw4=
-github.com/lightninglabs/aperture v0.1.17-beta.0.20220328072456-4a2632d0be38/go.mod h1:lDjRKhndRH0CzZQ2m8dWODdqp/ejEW7esb2u2nlvrw4=
 github.com/lightninglabs/aperture v0.1.18-beta/go.mod h1:lDjRKhndRH0CzZQ2m8dWODdqp/ejEW7esb2u2nlvrw4=
-github.com/lightninglabs/faraday v0.2.7-alpha.0.20220503144421-cd1e56982f09 h1:4H3TDTZ7QE5RNzXCpxjPIlN3whA35p7xSbinDj3TJtg=
-github.com/lightninglabs/faraday v0.2.7-alpha.0.20220503144421-cd1e56982f09/go.mod h1:YyeMuBbsqJ85wT6j1rCmTPMuk5a5Iz+QouiTN6qQiQ0=
+github.com/lightninglabs/faraday v0.2.7-alpha.0.20220614135954-0f761430806c h1:p126YmW2I9qwh/Dd751hsW4tHCJ67acIOhwB5gwxW44=
+github.com/lightninglabs/faraday v0.2.7-alpha.0.20220614135954-0f761430806c/go.mod h1:YyeMuBbsqJ85wT6j1rCmTPMuk5a5Iz+QouiTN6qQiQ0=
 github.com/lightninglabs/gozmq v0.0.0-20191113021534-d20a764486bf h1:HZKvJUHlcXI/f/O0Avg7t8sqkPo78HFzjmeYFl6DPnc=
 github.com/lightninglabs/gozmq v0.0.0-20191113021534-d20a764486bf/go.mod h1:vxmQPeIQxPf6Jf9rM8R+B4rKBqLA2AjttNxkFBL2Plk=
 github.com/lightninglabs/lndclient v0.15.0-0/go.mod h1:ORS/YFe9hAXlzN/Uj+gvTmrnXEml6yD6dWwzCjpTJyQ=
-github.com/lightninglabs/lndclient v0.15.0-2/go.mod h1:bef6exkGOboLNGZpx+nJFspmyV/CSiO/aIeWj9UFqE4=
-github.com/lightninglabs/loop v0.18.0-beta h1:Xnx2u96MX/4uIeKei4MmkCEXbSgooS3u9pC/ZqoCNf0=
-github.com/lightninglabs/loop v0.18.0-beta/go.mod h1:hOz9syXWEXjYbTKKxK1IsUnmXDiNmCTvc2jIn3wVais=
-github.com/lightninglabs/loop/swapserverrpc v1.0.0 h1:kPvN0gVMuwEONtiij+9nlVg65/Ab9fWP09ph0cYu+AE=
-github.com/lightninglabs/loop/swapserverrpc v1.0.0/go.mod h1:imy1/sqnb70EEyBKMo4pHwwLBPW8uYahWZ8s+1Xcq1o=
+github.com/lightninglabs/lndclient v0.15.0-6/go.mod h1:bQrzrVGpBuaM2c6mapsAdbnhsXJydOU6gFAKvevEzgo=
+github.com/lightninglabs/loop v0.19.1-beta.0.20220614171321-490fb352ffe9 h1:iltkEIowOz4pRmMYrX8Jd/Xy6Rtw13UdU9TiICXz9nU=
+github.com/lightninglabs/loop v0.19.1-beta.0.20220614171321-490fb352ffe9/go.mod h1:4uRskIR61TH2xf19N1Y6GTEcN4QaWhfnGnhpey7XpEY=
+github.com/lightninglabs/loop/swapserverrpc v1.0.1 h1:z99vrpRgQ834FC/C0Qx8HLtE0RX0WBDa1gAu7yOGPsg=
+github.com/lightninglabs/loop/swapserverrpc v1.0.1/go.mod h1:imy1/sqnb70EEyBKMo4pHwwLBPW8uYahWZ8s+1Xcq1o=
 github.com/lightninglabs/neutrino v0.13.2/go.mod h1:Cv/v8oHiPhuGiGvGgO+rIMhwCwEdsQFu6as840i2afw=
 github.com/lightninglabs/neutrino v0.14.1 h1:ALFckeS3CPmWZmX75vxZaWvz2TUebuASH+CR4cqVo18=
 github.com/lightninglabs/neutrino v0.14.1/go.mod h1:SV9ccrw2m6t6UvJX8xB//W0Dv+LEwMTbjg4V/Fb5KwU=
-github.com/lightninglabs/pool v0.5.6-alpha h1:V2hsAm/zai9whciuHH7rls7U/7XY8mN5OGXC9wG1lWM=
-github.com/lightninglabs/pool v0.5.6-alpha/go.mod h1:ffCa2rXiFK7E+AK1Qu3QW8ia1hAZ3fOQy6YbH90aB90=
-github.com/lightninglabs/pool/auctioneerrpc v1.0.5 h1:TIPnH3gPQxoN4HQ+3ATO5geTB6kthBtnx3TLROa6QE0=
-github.com/lightninglabs/pool/auctioneerrpc v1.0.5/go.mod h1:F9uND5Kpj2eYeYe0RLi8IWQHsRjQ88FUp8itkYmX1Mo=
+github.com/lightninglabs/pool v0.5.6-alpha.0.20220615075127-160ae4594f4a h1:wAl7nppliCKiY8uj9WvlkAXr5jXn2penQ1ubS6yhqw4=
+github.com/lightninglabs/pool v0.5.6-alpha.0.20220615075127-160ae4594f4a/go.mod h1:ID3ttDyd12Uu72qkMl21VRKheV6MRIanrnRGV30QonE=
+github.com/lightninglabs/pool/auctioneerrpc v1.0.7 h1:+a1ynzXAHDlFT4pOeKeAfV38rlwRX3wVdKnGxggtDEQ=
+github.com/lightninglabs/pool/auctioneerrpc v1.0.7/go.mod h1:F9uND5Kpj2eYeYe0RLi8IWQHsRjQ88FUp8itkYmX1Mo=
 github.com/lightninglabs/protobuf-hex-display v1.4.3-hex-display/go.mod h1:2oKOBU042GKFHrdbgGiKax4xVrFiZu51lhacUZQ9MnE=
 github.com/lightningnetwork/lightning-onion v1.0.2-0.20220211021909-bb84a1ccb0c5 h1:TkKwqFcQTGYoI+VEqyxA8rxpCin8qDaYX0AfVRinT3k=
 github.com/lightningnetwork/lightning-onion v1.0.2-0.20220211021909-bb84a1ccb0c5/go.mod h1:7dDx73ApjEZA0kcknI799m2O5kkpfg4/gr7N092ojNo=
 github.com/lightningnetwork/lnd v0.14.1-beta.0.20220324135938-0dcaa511a249/go.mod h1:Tp3ZxsfioUl6kQ30RrbMqWoZyZ4K+fv/o1lMEU8U7rA=
-github.com/lightningnetwork/lnd v0.14.1-beta.0.20220325230756-dceb10144f71/go.mod h1:ocTs4P7UuJrTjl37IyxwSb7/HOzTqF5GX41zFL2guCk=
-github.com/lightningnetwork/lnd v0.14.1-beta.0.20220330161355-8072b20d548d/go.mod h1:1u/ZZ1Cy9chz1odyGvgad+y6mA6wd5QNjOVWRXIQTbA=
-github.com/lightningnetwork/lnd v0.15.0-beta.rc3 h1:PpKtAPmP7d7NBJZE1OBIBcdhMzw9r6znkQUUj92dTWo=
+github.com/lightningnetwork/lnd v0.15.0-beta.rc1/go.mod h1:NzCE1ZGct0YEW9u74TXUpXp5AoUXzpkI5lgrO7x0ugM=
 github.com/lightningnetwork/lnd v0.15.0-beta.rc3/go.mod h1:NzCE1ZGct0YEW9u74TXUpXp5AoUXzpkI5lgrO7x0ugM=
+github.com/lightningnetwork/lnd v0.15.0-beta.rc4 h1:K5JViCnQ7U2YJiXnTRZy6ErlbhZTe+L849g6UYDXhfs=
+github.com/lightningnetwork/lnd v0.15.0-beta.rc4/go.mod h1:OZQDkyg56fhvgIvCgJvKdNR55+3pldN+u4n8lF2m2Sg=
 github.com/lightningnetwork/lnd/cert v1.1.1 h1:Nsav0RlIDRbOnzz2Yu69SQlK939IKya3Q2S0mDviIN8=
 github.com/lightningnetwork/lnd/cert v1.1.1/go.mod h1:1P46svkkd73oSoeI4zjkVKgZNwGq8bkGuPR8z+5vQUs=
 github.com/lightningnetwork/lnd/clock v1.0.1/go.mod h1:KnQudQ6w0IAMZi1SgvecLZQZ43ra2vpDNj7H/aasemg=
@@ -545,8 +541,9 @@ github.com/lightningnetwork/lnd/ticker v1.1.0/go.mod h1:ubqbSVCn6RlE0LazXuBr7/Zi
 github.com/lightningnetwork/lnd/tlv v1.0.2/go.mod h1:fICAfsqk1IOsC1J7G9IdsWX1EqWRMqEDCNxZJSKr9C4=
 github.com/lightningnetwork/lnd/tlv v1.0.3 h1:0xBZcPuXagP6f7TY/RnLNR4igE21ov6qUdTr5NyvhhI=
 github.com/lightningnetwork/lnd/tlv v1.0.3/go.mod h1:dzR/aZetBri+ZY/fHbwV06fNn/3UID6htQzbHfREFdo=
-github.com/lightningnetwork/lnd/tor v1.0.0 h1:wvEc7I+Y7IOtPglVP3cVBbYhiVhc7uTd7cMF9gQRzwA=
 github.com/lightningnetwork/lnd/tor v1.0.0/go.mod h1:RDtaAdwfAm+ONuPYwUhNIH1RAvKPv+75lHPOegUcz64=
+github.com/lightningnetwork/lnd/tor v1.0.1 h1:A11FrpU0Y//g+fA827W4VnjOeoIvExONdchlLX8wYkA=
+github.com/lightningnetwork/lnd/tor v1.0.1/go.mod h1:RDtaAdwfAm+ONuPYwUhNIH1RAvKPv+75lHPOegUcz64=
 github.com/ltcsuite/ltcd v0.0.0-20190101042124-f37f8bf35796 h1:sjOGyegMIhvgfq5oaue6Td+hxZuf3tDC8lAPrFldqFw=
 github.com/ltcsuite/ltcd v0.0.0-20190101042124-f37f8bf35796/go.mod h1:3p7ZTf9V1sNPI5H8P3NkTFF4LuwMdPl2DodF60qAKqY=
 github.com/ltcsuite/ltcutil v0.0.0-20181217130922-17f3b04680b6/go.mod h1:8Vg/LTOO0KYa/vlHWJ6XZAevPQThGH5sufO0Hrou/lA=
@@ -976,8 +973,9 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=

cmd/wasm-client/main.go

@@ -11,10 +11,13 @@ import (
 	"fmt"
 	"net/http"
 	"os"
+	"regexp"
 	"runtime/debug"
+	"strings"
 	"syscall/js"
 
 	"github.com/btcsuite/btcd/btcec/v2"
+	"github.com/golang/protobuf/proto"
 	"github.com/jessevdk/go-flags"
 	"github.com/lightninglabs/faraday/frdrpc"
 	"github.com/lightninglabs/lightning-node-connect/mailbox"
@@ -34,27 +37,36 @@ import (
 	"github.com/lightningnetwork/lnd/lnrpc/wtclientrpc"
 	"github.com/lightningnetwork/lnd/signal"
 	"google.golang.org/grpc"
+	"gopkg.in/macaroon-bakery.v2/bakery"
+	"gopkg.in/macaroon-bakery.v2/bakery/checkers"
+	"gopkg.in/macaroon.v2"
 )
 
 type stubPackageRegistration func(map[string]func(context.Context,
 	*grpc.ClientConn, string, func(string, error)))
 
-var registrations = []stubPackageRegistration{
-	lnrpc.RegisterLightningJSONCallbacks,
-	lnrpc.RegisterStateJSONCallbacks,
-	autopilotrpc.RegisterAutopilotJSONCallbacks,
-	chainrpc.RegisterChainNotifierJSONCallbacks,
-	invoicesrpc.RegisterInvoicesJSONCallbacks,
-	routerrpc.RegisterRouterJSONCallbacks,
-	signrpc.RegisterSignerJSONCallbacks,
-	verrpc.RegisterVersionerJSONCallbacks,
-	walletrpc.RegisterWalletKitJSONCallbacks,
-	watchtowerrpc.RegisterWatchtowerJSONCallbacks,
-	wtclientrpc.RegisterWatchtowerClientJSONCallbacks,
-	looprpc.RegisterSwapClientJSONCallbacks,
-	poolrpc.RegisterTraderJSONCallbacks,
-	frdrpc.RegisterFaradayServerJSONCallbacks,
-}
+var (
+	registrations = []stubPackageRegistration{
+		lnrpc.RegisterLightningJSONCallbacks,
+		lnrpc.RegisterStateJSONCallbacks,
+		autopilotrpc.RegisterAutopilotJSONCallbacks,
+		chainrpc.RegisterChainNotifierJSONCallbacks,
+		invoicesrpc.RegisterInvoicesJSONCallbacks,
+		routerrpc.RegisterRouterJSONCallbacks,
+		signrpc.RegisterSignerJSONCallbacks,
+		verrpc.RegisterVersionerJSONCallbacks,
+		walletrpc.RegisterWalletKitJSONCallbacks,
+		watchtowerrpc.RegisterWatchtowerJSONCallbacks,
+		wtclientrpc.RegisterWatchtowerClientJSONCallbacks,
+		looprpc.RegisterSwapClientJSONCallbacks,
+		poolrpc.RegisterTraderJSONCallbacks,
+		frdrpc.RegisterFaradayServerJSONCallbacks,
+	}
+
+	perms = getAllMethodPermissions()
+
+	jsonCBRegex = regexp.MustCompile("(\\w+)\\.(\\w+)\\.(\\w+)")
+)
 
 func main() {
 	defer func() {
@@ -104,6 +116,9 @@ func main() {
 	callbacks.Set("wasmClientDisconnect", js.FuncOf(wc.Disconnect))
 	callbacks.Set("wasmClientInvokeRPC", js.FuncOf(wc.InvokeRPC))
 	callbacks.Set("wasmClientStatus", js.FuncOf(wc.Status))
+	callbacks.Set("wasmClientGetExpiry", js.FuncOf(wc.GetExpiry))
+	callbacks.Set("wasmClientHasPerms", js.FuncOf(wc.HasPermissions))
+	callbacks.Set("wasmClientIsReadOnly", js.FuncOf(wc.IsReadOnly))
 	js.Global().Set(cfg.NameSpace, callbacks)
 
 	for _, registration := range registrations {
@@ -127,6 +142,8 @@ type wasmClient struct {
 
 	statusChecker func() mailbox.ConnStatus
 
+	mac *macaroon.Macaroon
+
 	registry map[string]func(context.Context, *grpc.ClientConn,
 		string, func(string, error))
 }
@@ -202,10 +219,28 @@ func (w *wasmClient) ConnectServer(_ js.Value, args []js.Value) interface{} {
 					),
 				)
 			}, func(data []byte) error {
+				parts := strings.Split(string(data), ": ")
+				if len(parts) != 2 || parts[0] != "Macaroon" {
+					return fmt.Errorf("authdata does " +
+						"not contain a macaroon")
+				}
+
+				macBytes, err := hex.DecodeString(parts[1])
+				if err != nil {
+					return err
+				}
+
+				mac := &macaroon.Macaroon{}
+				err = mac.UnmarshalBinary(macBytes)
+				if err != nil {
+					return fmt.Errorf("unable to decode "+
+						"macaroon: %v", err)
+				}
+
+				w.mac = mac
+
 				return callJsCallback(
-					w.cfg.OnAuthData, hex.EncodeToString(
-						data,
-					),
+					w.cfg.OnAuthData, string(data),
 				)
 			},
 		)
@@ -281,6 +316,134 @@ func (w *wasmClient) InvokeRPC(_ js.Value, args []js.Value) interface{} {
 
 }
 
+func (w *wasmClient) GetExpiry(_ js.Value, _ []js.Value) interface{} {
+	if w.mac == nil {
+		log.Errorf("macaroon not obtained yet. GetExpiry should " +
+			"only be called once the connection is complete")
+		return nil
+	}
+
+	expiry, found := checkers.ExpiryTime(nil, w.mac.Caveats())
+	if !found {
+		return nil
+	}
+
+	return js.ValueOf(expiry.Unix())
+}
+
+func (w *wasmClient) IsReadOnly(_ js.Value, _ []js.Value) interface{} {
+	if w.mac == nil {
+		log.Errorf("macaroon not obtained yet. IsReadOnly should " +
+			"only be called once the connection is complete")
+		return js.ValueOf(false)
+	}
+
+	macOps, err := extractMacaroonOps(w.mac)
+	if err != nil {
+		log.Errorf("could not extract macaroon ops: %v", err)
+		return js.ValueOf(false)
+	}
+
+	// Check that the macaroon contains each of the required permissions
+	// for the given URI.
+	return js.ValueOf(isReadOnly(macOps))
+}
+
+func (w *wasmClient) HasPermissions(_ js.Value, args []js.Value) interface{} {
+	if len(args) != 1 {
+		return js.ValueOf(false)
+	}
+
+	if w.mac == nil {
+		log.Errorf("macaroon not obtained yet. HasPermissions should " +
+			"only be called once the connection is complete")
+		return js.ValueOf(false)
+	}
+
+	// Convert JSON callback to grpc URI. JSON callbacks are of the form:
+	// `lnrpc.Lightning.WalletBalance` and the corresponding grpc URI is of
+	// the form: `/lnrpc.Lightning/WalletBalance`. So to convert the one to
+	// the other, we first convert all the `.` into `/`. Then we replace the
+	// first `/` back to a `.` and then we prepend the result with a `/`.
+	uri := jsonCBRegex.ReplaceAllString(args[0].String(), "/$1.$2/$3")
+
+	ops, ok := perms[uri]
+	if !ok {
+		log.Errorf("uri %s not found in known permissions list", uri)
+		return js.ValueOf(false)
+	}
+
+	macOps, err := extractMacaroonOps(w.mac)
+	if err != nil {
+		log.Errorf("could not extract macaroon ops: %v", err)
+		return js.ValueOf(false)
+	}
+
+	// Check that the macaroon contains each of the required permissions
+	// for the given URI.
+	return js.ValueOf(hasPermissions(macOps, ops))
+}
+
+// extractMacaroonOps is a helper function that extracts operations from the
+// ID of a macaroon.
+func extractMacaroonOps(mac *macaroon.Macaroon) ([]*lnrpc.Op, error) {
+	rawID := mac.Id()
+	if rawID[0] != byte(bakery.LatestVersion) {
+		return nil, fmt.Errorf("invalid macaroon version: %x", rawID)
+	}
+
+	decodedID := &lnrpc.MacaroonId{}
+	idProto := rawID[1:]
+	err := proto.Unmarshal(idProto, decodedID)
+	if err != nil {
+		return nil, fmt.Errorf("unable to decode macaroon: %v", err)
+	}
+
+	return decodedID.Ops, nil
+}
+
+// isReadOnly returns true if the given operations only contain "read" actions.
+func isReadOnly(ops []*lnrpc.Op) bool {
+	for _, op := range ops {
+		for _, action := range op.Actions {
+			if action != "read" {
+				return false
+			}
+		}
+	}
+
+	return true
+}
+
+// hasPermissions returns true if all the operations in requiredOps can also be
+// found in macOps.
+func hasPermissions(macOps []*lnrpc.Op, requiredOps []bakery.Op) bool {
+	// Create a lookup map of the macaroon operations.
+	macOpsMap := make(map[string]map[string]bool)
+	for _, op := range macOps {
+		macOpsMap[op.Entity] = make(map[string]bool)
+
+		for _, action := range op.Actions {
+			macOpsMap[op.Entity][action] = true
+		}
+	}
+
+	// For each of the required operations, we ensure that the macaroon also
+	// contains the operation.
+	for _, op := range requiredOps {
+		macEntity, ok := macOpsMap[op.Entity]
+		if !ok {
+			return false
+		}
+
+		if !macEntity[op.Action] {
+			return false
+		}
+	}
+
+	return true
+}
+
 // validateArgs checks that the correct keys and callback functions have been
 // provided.
 func validateArgs(cfg *config, localPrivKey, remotePubKey string) error {

cmd/wasm-client/permissions.go

@@ -0,0 +1,32 @@
+package main
+
+import (
+	faraday "github.com/lightninglabs/faraday/frdrpcserver/perms"
+	loopd "github.com/lightninglabs/loop/loopd/perms"
+	poold "github.com/lightninglabs/pool/perms"
+	"github.com/lightningnetwork/lnd"
+	"gopkg.in/macaroon-bakery.v2/bakery"
+)
+
+// getAllMethodPermissions returns a merged map of all litd's method
+// permissions.
+func getAllMethodPermissions() map[string][]bakery.Op {
+	mapSize := len(lnd.MainRPCServerPermissions()) +
+		len(faraday.RequiredPermissions) +
+		len(loopd.RequiredPermissions) + len(poold.RequiredPermissions)
+
+	allPerms := make(map[string][]bakery.Op, mapSize)
+	for key, value := range lnd.MainRPCServerPermissions() {
+		allPerms[key] = value
+	}
+	for key, value := range faraday.RequiredPermissions {
+		allPerms[key] = value
+	}
+	for key, value := range loopd.RequiredPermissions {
+		allPerms[key] = value
+	}
+	for key, value := range poold.RequiredPermissions {
+		allPerms[key] = value
+	}
+	return allPerms
+}