Skip to content
Snippets Groups Projects
Select Git revision
  • v1.20130909
  • master default protected
  • commit-alias
  • editor-modeline
  • commit-abbreviation
  • make-hooks-work-as-advertised
  • lyda-home-version
  • feature-aliases
  • git-version-bsd-fix
  • hook-changes
  • v1.20151229-1
  • v1.20151229
  • v1.20150502-1
  • v1.20150502
  • v1.20141026-manpage-static
  • v1.20141026-1
  • v1.20141026
  • v1.20141025-1
  • v1.20141025
  • v1.20141009-manpage-static
  • v1.20141009-1
  • v1.20141009
  • v1.20140508-1-bpo70+1
  • v1.20140508-1
  • v1.20140508-manpage-static
  • v1.20140508
  • v1.20140507
  • v1.20140313
  • v1.20131229-homebrew
  • v1.20131229-1-bpo60+1
30 results

PACKAGING.md

Blame
  • rpc.go 1.73 KiB
    package server
    
    import (
    	"log"
    	"net"
    
    	"golang.org/x/net/context"
    
    	"golang.org/x/oauth2"
    
    	"google.golang.org/grpc"
    	"google.golang.org/grpc/codes"
    	"google.golang.org/grpc/metadata"
    
    	"github.com/nsheridan/cashier/lib"
    	"github.com/nsheridan/cashier/proto"
    )
    
    type rpcServer struct{}
    
    type key int
    
    const usernameKey key = 0
    
    func (s *rpcServer) Sign(ctx context.Context, req *proto.SignRequest) (*proto.SignResponse, error) {
    	username, ok := ctx.Value(usernameKey).(string)
    	if !ok {
    		return nil, grpc.Errorf(codes.InvalidArgument, "Error reading username")
    	}
    	cert, err := keysigner.SignUserKeyFromRPC(req, username)
    	if err != nil {
    		return nil, grpc.Errorf(codes.InvalidArgument, err.Error())
    	}
    	if err := certstore.SetCert(cert); err != nil {
    		log.Printf("Error recording cert: %v", err)
    	}
    	resp := &proto.SignResponse{
    		Cert: lib.GetPublicKey(cert),
    	}
    	return resp, nil
    }
    
    func authInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
    	md, ok := metadata.FromOutgoingContext(ctx)
    	if !ok {
    		return nil, grpc.Errorf(codes.Unauthenticated, "request not authenticated")
    	}
    	switch md["security"][0] {
    	case "authorization":
    		token := &oauth2.Token{
    			AccessToken: md["payload"][0],
    		}
    		if !authprovider.Valid(token) {
    			return nil, grpc.Errorf(codes.PermissionDenied, "access denied")
    		}
    		ctx = context.WithValue(ctx, usernameKey, authprovider.Username(token))
    		authprovider.Revoke(token)
    	default:
    		return nil, grpc.Errorf(codes.InvalidArgument, "unknown argument")
    	}
    	return handler(ctx, req)
    }
    
    func runGRPCServer(l net.Listener) {
    	serv := grpc.NewServer(grpc.UnaryInterceptor(authInterceptor))
    	proto.RegisterSignerServer(serv, &rpcServer{})
    	serv.Serve(l)
    }