proxy+auth: fix post request

lightninglabs · Oct 24, 2023 · a5a24d7 · a5a24d7
1 parent 7f1411c
commit a5a24d7
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 13 deletions.
diff --git a/auth/authenticator.go b/auth/authenticator.go
@@ -75,8 +75,8 @@ func (l *LsatAuthenticator) Accept(header *http.Header, serviceName string) bool
 // complete.
 //
 // NOTE: This is part of the Authenticator interface.
-func (l *LsatAuthenticator) FreshChallengeHeader(r *http.Request,
-	serviceName string, servicePrice int64) (http.Header, error) {
+func (l *LsatAuthenticator) FreshChallengeHeader(serviceName string,
+	servicePrice int64) (http.Header, error) {
 
 	service := lsat.Service{
 		Name:  serviceName,
@@ -97,7 +97,7 @@ func (l *LsatAuthenticator) FreshChallengeHeader(r *http.Request,
 
 	str := fmt.Sprintf("LSAT macaroon=\"%s\", invoice=\"%s\"",
 		base64.StdEncoding.EncodeToString(macBytes), paymentRequest)
-	header := r.Header
+	header := http.Header{}
 	header.Set("WWW-Authenticate", str)
 
 	log.Debugf("Created new challenge header: [%s]", str)

diff --git a/auth/interface.go b/auth/interface.go
@@ -27,7 +27,7 @@ type Authenticator interface {
 
 	// FreshChallengeHeader returns a header containing a challenge for the
 	// user to complete.
-	FreshChallengeHeader(*http.Request, string, int64) (http.Header, error)
+	FreshChallengeHeader(string, int64) (http.Header, error)
 }
 
 // Minter is an entity that is able to mint and verify LSATs for a set of

diff --git a/auth/mock_authenticator.go b/auth/mock_authenticator.go
@@ -31,10 +31,10 @@ func (a MockAuthenticator) Accept(header *http.Header, _ string) bool {
 
 // FreshChallengeHeader returns a header containing a challenge for the user to
 // complete.
-func (a MockAuthenticator) FreshChallengeHeader(r *http.Request,
-	_ string, _ int64) (http.Header, error) {
+func (a MockAuthenticator) FreshChallengeHeader(string, int64) (http.Header,
+	error) {
 
-	header := r.Header
+	header := http.Header{}
 	header.Set(
 		"WWW-Authenticate", "LSAT macaroon=\"AGIAJEemVQUTEyNCR0exk7ek9"+
 			"0Cg==\", invoice=\"lnbc1500n1pw5kjhmpp5fu6xhthlt2vucm"+

diff --git a/proxy/proxy.go b/proxy/proxy.go
@@ -398,10 +398,8 @@ func addCorsHeaders(header http.Header) {
 func (p *Proxy) handlePaymentRequired(w http.ResponseWriter, r *http.Request,
 	serviceName string, servicePrice int64) {
 
-	addCorsHeaders(r.Header)
-
 	header, err := p.authenticator.FreshChallengeHeader(
-		r, serviceName, servicePrice,
+		serviceName, servicePrice,
 	)
 	if err != nil {
 		log.Errorf("Error creating new challenge header: %v", err)
@@ -412,6 +410,7 @@ func (p *Proxy) handlePaymentRequired(w http.ResponseWriter, r *http.Request,
 		return
 	}
 
+	addCorsHeaders(header)
 	for name, value := range header {
 		w.Header().Set(name, value[0])
 		for i := 1; i < len(value); i++ {

diff --git a/proxy/proxy_test.go b/proxy/proxy_test.go
@@ -313,9 +313,7 @@ func runGRPCTest(t *testing.T, tc *testCase) {
 
 	// We expect the WWW-Authenticate header field to be set to an LSAT
 	// auth response.
-	expectedHeaderContent, _ := mockAuth.FreshChallengeHeader(&http.Request{
-		Header: map[string][]string{},
-	}, "", 0)
+	expectedHeaderContent, _ := mockAuth.FreshChallengeHeader("", 0)
 	capturedHeader := captureMetadata.Get("WWW-Authenticate")
 	require.Len(t, capturedHeader, 1)
 	require.Equal(