subserver_permissions: add URIs for white-listed RPCs

There are some lnd RPCs that don't require any authentication. Those
weren't included in the main server RPC permission list, so we needed to
add them separately to allow such calls to be made through the LiT RPC
proxy.

Author: guggero

subserver_permissions.go

@@ -16,6 +16,20 @@ var (
 		"/litrpc.Sessions/ListSessions":  {{}},
 		"/litrpc.Sessions/RevokeSession": {{}},
 	}
+
+	// whiteListedMethods is a map of all lnd RPC methods that don't require
+	// any macaroon authentication.
+	whiteListedMethods = map[string][]bakery.Op{
+		"/lnrpc.WalletUnlocker/GenSeed":        {},
+		"/lnrpc.WalletUnlocker/InitWallet":     {},
+		"/lnrpc.WalletUnlocker/UnlockWallet":   {},
+		"/lnrpc.WalletUnlocker/ChangePassword": {},
+
+		// The State service must be available at all times, even
+		// before we can check macaroons, so we whitelist it.
+		"/lnrpc.State/SubscribeState": {},
+		"/lnrpc.State/GetState":       {},
+	}
 )
 
 // getSubserverPermissions returns a merged map of all subserver macaroon
@@ -44,14 +58,18 @@ func getSubserverPermissions() map[string][]bakery.Op {
 func getAllMethodPermissions() map[string][]bakery.Op {
 	subserverPermissions := getSubserverPermissions()
 	lndPermissions := lnd.MainRPCServerPermissions()
-	mapSize := len(subserverPermissions) + len(lndPermissions)
+	mapSize := len(subserverPermissions) + len(lndPermissions) +
+		len(whiteListedMethods)
 	result := make(map[string][]bakery.Op, mapSize)
 	for key, value := range lndPermissions {
 		result[key] = value
 	}
 	for key, value := range subserverPermissions {
 		result[key] = value
 	}
+	for key, value := range whiteListedMethods {
+		result[key] = value
+	}
 	return result
 }