auth

Paddy 2015-06-29 Parent:b0d1b3e39fc8 Child:0a2c3d677161

174:9e3ceddf29ad Go to Latest

auth/authd/server.go

Use an environment variable to set the JWT secret. When setting up the authd server, populate the JWT secret using a JWT_SECRET environment variable. Incidentally, we also included the subscriptions scope, for testing purposes while creating code.secondbit.org/ducky/subscriptions. We now also log the port we're listening on, listen on all interfaces (instead of just 127.0.0.1), and changed the port to 9000 instead of 8080.

Download raw file
View source Diff to previous Annotate
History
1 package main
2
3 import (
4 "encoding/base64"
5 "html/template"
6 "log"
7 "net/http"
8 "os"
9
10 "code.secondbit.org/auth.hg"
11 "github.com/gorilla/mux"
12 )
13
14 func main() {
15 log.SetFlags(log.LstdFlags | log.Llongfile)
16 log.Printf("Running version '%s'\n", auth.Version)
17 var config auth.Config
18 var jwtSecret string
19 var err error
20 if os.Getenv("JWT_SECRET") == "" {
21 log.Fatal("JWT_SECRET must be set.")
22 } else {
23 jwtSecret = os.Getenv("JWT_SECRET")
24 }
25 if os.Getenv("JWT_SECRET_IS_BASE64_ENCODED") == "true" {
26 config.JWTPrivateKey, err = base64.StdEncoding.DecodeString(jwtSecret)
27 if err != nil {
28 panic(err)
29 }
30 } else {
31 config.JWTPrivateKey = []byte(jwtSecret)
32 }
33 if os.Getenv("AUTH_PG_DB") != "" {
34 p, err := auth.NewPostgres(os.Getenv("AUTH_PG_DB"))
35 if err != nil {
36 panic(err)
37 }
38 config.ClientStore = &p
39 config.AuthCodeStore = &p
40 config.ProfileStore = &p
41 config.TokenStore = &p
42 config.SessionStore = &p
43 config.ScopeStore = &p
44 } else {
45 store := auth.NewMemstore()
46 config.ClientStore = store
47 config.AuthCodeStore = store
48 config.ProfileStore = store
49 config.TokenStore = store
50 config.SessionStore = store
51 config.ScopeStore = store
52 }
53 config.Template = template.Must(template.New("base").ParseGlob("./templates/*.gotmpl"))
54 config.LoginURI = "/login"
55 if os.Getenv("AUTH_NSQD_ADDR") != "" {
56 n, err := auth.NewNSQNotifier(os.Getenv("AUTH_NSQD_ADDR"))
57 if err != nil {
58 log.Fatal(err)
59 }
60 config.LoginVerificationNotifier = n
61 } else {
62 config.LoginVerificationNotifier = auth.NewStdoutNotifier()
63 }
64 err = config.Init()
65 if err != nil {
66 log.Fatal(err)
67 }
68 context, err := auth.NewContext(config)
69 if err != nil {
70 panic(err)
71 }
72 err = context.CreateScopes([]auth.Scope{
73 auth.ScopeLoginAdmin,
74 {ID: "subscriptions", Name: "Manage subscriptions", Description: "Create, view, edit, and cancel your subscriptions."},
75 })
76 if err != nil && err != auth.ErrScopeAlreadyExists {
77 log.Fatal(err)
78 }
79
80 router := mux.NewRouter()
81 auth.RegisterOAuth2(router, context)
82 auth.RegisterSessionHandlers(router, context)
83 auth.RegisterProfileHandlers(router, context)
84 auth.RegisterClientHandlers(router, context)
85 http.Handle("/", router)
86 log.Println("Listening on port 9000")
87 log.Fatal(http.ListenAndServe("0.0.0.0:9000", nil))
88 }