forked from perkeep/perkeep
-
Notifications
You must be signed in to change notification settings - Fork 0
/
camsigd.go
83 lines (68 loc) · 2.26 KB
/
camsigd.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
/*
Copyright 2011 Google Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// The sigserver is a stand-alone JSON signing and verification server.
//
// TODO(bradfitz): as of 2012-01-10 this is very old and superceded by
// the general server and pkg/serverconfig. We should just make it
// possible to configure a signing-only server with
// serverconfig/genconfig.go. I think we basically already can. Then
// we can delete this.
package main
import (
"flag"
"fmt"
"log"
"net/http"
"camlistore.org/pkg/auth"
"camlistore.org/pkg/blob"
"camlistore.org/pkg/httputil"
"camlistore.org/pkg/webserver"
)
var accessPassword string
var flagPubKeyDir = flag.String("pubkey-dir", "test/pubkey-blobs",
"Temporary development hack; directory to dig-xxxx.camli public keys.")
// TODO: for now, the only implementation of the blobref.Fetcher
// interface for fetching public keys is the "local, from disk"
// implementation used for testing. In reality we'd want to be able
// to fetch these from blobservers.
var pubKeyFetcher = blob.NewSimpleDirectoryFetcher(*flagPubKeyDir)
func handleRoot(conn http.ResponseWriter, req *http.Request) {
fmt.Fprintf(conn, "camsigd")
}
func handleCamliSig(conn http.ResponseWriter, req *http.Request) {
handler := func(conn http.ResponseWriter, req *http.Request) {
httputil.BadRequestError(conn, "Unsupported path or method.")
}
switch req.Method {
case "POST":
switch req.URL.Path {
case "/camli/sig/sign":
handler = auth.RequireAuth(handleSign, auth.OpSign)
case "/camli/sig/verify":
handler = handleVerify
}
}
handler(conn, req)
}
func main() {
flag.Parse()
mode, err := auth.FromEnv()
if err != nil {
log.Fatal(err)
}
auth.SetMode(mode)
ws := webserver.New()
ws.HandleFunc("/", handleRoot)
ws.HandleFunc("/camli/sig/", handleCamliSig)
ws.Serve()
}