forked from canonical/candid
-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.go
138 lines (114 loc) · 4.04 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
// Copyright 2014 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
package identity
import (
"html/template"
"net/http"
"sort"
"time"
"github.com/juju/utils/debugstatus"
"gopkg.in/errgo.v1"
"gopkg.in/macaroon-bakery.v2/bakery"
"github.com/CanonicalLtd/candid/idp"
"github.com/CanonicalLtd/candid/idp/agent"
"github.com/CanonicalLtd/candid/internal/debug"
"github.com/CanonicalLtd/candid/internal/discharger"
"github.com/CanonicalLtd/candid/internal/identity"
"github.com/CanonicalLtd/candid/internal/v1"
"github.com/CanonicalLtd/candid/meeting"
"github.com/CanonicalLtd/candid/store"
)
// Versions of the API that can be served.
const (
Debug = "debug"
Discharger = "discharger"
V1 = "v1"
)
var versions = map[string]identity.NewAPIHandlerFunc{
Debug: debug.NewAPIHandler,
Discharger: discharger.NewAPIHandler,
V1: v1.NewAPIHandler,
}
// Versions returns all known API version strings in alphabetical order.
func Versions() []string {
vs := make([]string, 0, len(versions))
for v := range versions {
vs = append(vs, v)
}
sort.Strings(vs)
return vs
}
// ServerParams contains configuration parameters for a server.
type ServerParams struct {
// MeetingStore holds the storage that will be used to store
// rendezvous information.
MeetingStore meeting.Store
// ProviderDataStore holds the storeage that can be used by
// identity providers to store data that is not associated with
// an individual identity.
ProviderDataStore store.ProviderDataStore
// RootKeyStore holds the root key store that will be used to
// store macaroon root keys within the identity server.
RootKeyStore bakery.RootKeyStore
// Store holds the identities store for the identity server.
Store store.Store
// AdminPassword holds the password for admin login.
AdminPassword string
// Key holds the keypair to use with the bakery service.
Key *bakery.KeyPair
// Location holds a URL representing the externally accessible
// base URL of the service, without a trailing slash.
Location string
// PrivateAddr should hold a dialable address that will be used
// for communication between identity servers. Note that this
// should not contain a port.
PrivateAddr string
// IdentityProviders contains the set of identity providers that
// should be initialised by the service.
IdentityProviders []idp.IdentityProvider
// DebugTeams contains the set of launchpad teams that may access
// the restricted debug endpoints.
// TODO remove this.
DebugTeams []string
// AdminAgentPublicKey contains the public key of the admin agent.
AdminAgentPublicKey *bakery.PublicKey
// StaticFileSystem contains an http.FileSystem that can be used
// to serve static files.
StaticFileSystem http.FileSystem
// Template contains a set of templates that are used to generate
// html output.
Template *template.Template
// DebugStatusCheckerFuncs contains functions that will be
// executed as part of a /debug/status check.
DebugStatusCheckerFuncs []debugstatus.CheckerFunc
// RendezvousTimeout holds the time after which an interactive discharge wait
// request will time out.
RendezvousTimeout time.Duration
}
// NewServer returns a new handler that handles identity service requests and
// stores its data in the given database. The handler will serve the specified
// versions of the API.
func NewServer(params ServerParams, serveVersions ...string) (HandlerCloser, error) {
// Remove the agent identity provider if it is specified as it is no longer used.
idps := make([]idp.IdentityProvider, 0, len(params.IdentityProviders))
for _, idp := range params.IdentityProviders {
if idp == agent.IdentityProvider {
continue
}
idps = append(idps, idp)
}
params.IdentityProviders = idps
newAPIs := make(map[string]identity.NewAPIHandlerFunc)
for _, vers := range serveVersions {
newAPI := versions[vers]
if newAPI == nil {
return nil, errgo.Newf("unknown version %q", vers)
}
newAPIs[vers] = newAPI
}
return identity.New(identity.ServerParams(params), newAPIs)
}
type HandlerCloser interface {
http.Handler
Close()
}