(optional) multi: add public price oracle flag

lightninglabs · Feb 18, 2025 · 1ecfdf1 · 1ecfdf1
1 parent ee43143
commit 1ecfdf1
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 1 deletion.
diff --git a/config.go b/config.go
@@ -53,6 +53,8 @@ type RPCConfig struct {
 
 	AllowPublicStats bool
 
+	AllowPublicPriceOracle bool
+
 	LetsEncryptDir string
 
 	LetsEncryptListen string

diff --git a/perms/perms.go b/perms/perms.go
@@ -336,7 +336,8 @@ var (
 // macaroon authentication.
 func MacaroonWhitelist(allowUniPublicAccessRead bool,
 	allowUniPublicAccessWrite bool, allowPublicUniProofCourier bool,
-	allowPublicStats bool) map[string]struct{} {
+	allowPublicStats bool, allowPublicPriceOracle bool,
+) map[string]struct{} {
 
 	// Make a copy of the default whitelist.
 	whitelist := make(map[string]struct{})
@@ -361,5 +362,10 @@ func MacaroonWhitelist(allowUniPublicAccessRead bool,
 		whitelist["/universerpc.Universe/QueryEvents"] = struct{}{}
 	}
 
+	// Conditionally add public price oracle RPC endpoints to the whitelist.
+	if allowPublicPriceOracle {
+		whitelist["/priceoraclerpc.PriceOracle/QueryAssetRates"] = struct{}{} // nolint: lll
+	}
+
 	return whitelist
 }
diff --git a/sample-tapd.conf b/sample-tapd.conf
@@ -128,6 +128,9 @@
 ; Disable macaroon authentication for stats RPC endpoints
 ; allow-public-stats=false
 
+; Disble macaroon authentication for price oracle proxy RPC endpoints
+; allow-public-price-oracle=false
+
 ; Add an ip:port/hostname to allow cross origin access from
 ; To allow all origins, set as "*"
 ; restcors=

diff --git a/server.go b/server.go
@@ -315,6 +315,7 @@ func (s *Server) RunUntilShutdown(mainErrChan <-chan error) error {
 		s.cfg.UniversePublicAccess.IsWriteAccessGranted(),
 		s.cfg.RPCConfig.AllowPublicUniProofCourier,
 		s.cfg.RPCConfig.AllowPublicStats,
+		s.cfg.RPCConfig.AllowPublicPriceOracle,
 	)
 
 	// Create a new RPC interceptor that we'll add to the GRPC server. This

diff --git a/tapcfg/config.go b/tapcfg/config.go
@@ -238,6 +238,7 @@ type RpcConfig struct {
 
 	AllowPublicUniProofCourier bool `long:"allow-public-uni-proof-courier" description:"Disable macaroon authentication for universe proof courier RPC endpoints."`
 	AllowPublicStats           bool `long:"allow-public-stats" description:"Disable macaroon authentication for stats RPC endpoints."`
+	AllowPublicPriceOracle     bool `long:"allow-public-price-oracle" description:"Disable macaroon authentication for price oracle RPC endpoints."`
 
 	RestCORS []string `long:"restcors" description:"Add an ip:port/hostname to allow cross origin access from. To allow all origins, set as \"*\"."`