// targetService implements a "target service", representing
// an arbitrary web service that wants to delegate authorization
// to third parties.
//
func targetService(endpoint, authEndpoint string, authPK *bakery.PublicKey) (http.Handler, error) {
	key, err := bakery.GenerateKey()
	if err != nil {
		return nil, err
	}
	pkLocator := bakery.NewPublicKeyRing()
	svc, err := httpbakery.NewService(bakery.NewServiceParams{
		Key:      key,
		Location: endpoint,
		Locator:  pkLocator,
	})
	if err != nil {
		return nil, err
	}
	log.Printf("adding public key for location %s: %x", authEndpoint, authPK[:])
	pkLocator.AddPublicKeyForLocation(authEndpoint, true, authPK)
	mux := http.NewServeMux()
	srv := &targetServiceHandler{
		svc:          svc,
		authEndpoint: authEndpoint,
	}
	mux.HandleFunc("/gold/", srv.serveGold)
	mux.HandleFunc("/silver/", srv.serveSilver)
	return mux, nil
}
Exemple #2
0
// New returns a new handler that services an identity-providing
// service. This acts as a login service and can discharge third-party caveats
// for users.
func New(p Params) (http.Handler, error) {
	svc, err := httpbakery.NewService(p.Service)
	if err != nil {
		return nil, err
	}
	h := &handler{
		svc:   svc,
		users: p.Users,
		place: &place{meeting.New()},
	}
	mux := http.NewServeMux()
	svc.AddDischargeHandler("/", mux, h.checkThirdPartyCaveat)
	mux.Handle("/user/", handleJSON(h.userHandler))
	mux.HandleFunc("/login", h.loginHandler)
	mux.Handle("/question", handleJSON(h.questionHandler))
	mux.Handle("/wait", handleJSON(h.waitHandler))
	mux.HandleFunc("/loginattempt", h.loginAttemptHandler)
	return mux, nil
}