func handleApplicationPost(core *roll.Core, w http.ResponseWriter, r *http.Request) {
var app roll.Application
if err := parseRequest(r, &app); err != nil {
respondError(w, http.StatusBadRequest, err)
return
}
//Assign a client ID
id, err := core.GenerateID()
if err != nil {
respondError(w, http.StatusInternalServerError, err)
return
}
app.ClientID = id
//Validate the content
if err := app.Validate(); err != nil {
respondError(w, http.StatusBadRequest, err)
return
}
//Extract the subject from the request header based on security mode
subject, _, err := subjectAndAdminScopeFromRequestCtx(r)
if err != nil {
log.Print("Error extracting subject:", err.Error())
respondError(w, http.StatusInternalServerError, nil)
return
}
app.DeveloperID = subject
//Store the application definition
log.Info("storing app def: ", app)
err = core.CreateApplication(&app)
if err != nil {
log.Info("Error storing app def: ", err.Error())
switch err.(type) {
case *repos.DuplicateAppdefError:
respondError(w, http.StatusConflict, err)
default:
respondError(w, http.StatusInternalServerError, err)
}
return
}
//Generate a private/public key pair
log.Info("Generate key pair")
private, public, err := secrets.GenerateKeyPair()
if err != nil {
respondError(w, http.StatusBadRequest, err)
return
}
//Store keys in secrets vault
log.Info("store key pair in vault")
err = core.StoreKeysForApp(id, private, public)
if err != nil {
respondError(w, http.StatusInternalServerError, err)
return
}
//Return the client id
log.Info("return client id: ", id)
clientID := ApplicationCreatedResponse{ClientID: id}
respondOk(w, clientID)
}
