feat: remove all keyshare servers configuration options already present in server.Configuration

2e763493 · Sietse Ringers · 028c70db · 2e763493 · 2e763493 · 2e763493
Commit 2e763493 authored Apr 16, 2021 by Sietse Ringers
--- a/internal/testkeyshare/testkeyshare.go
+++ b/internal/testkeyshare/testkeyshare.go
@@ -10,6 +10,7 @@ import (
 	"github.com/go-chi/chi"
 	"github.com/privacybydesign/irmago/internal/keysharecore"
 	"github.com/privacybydesign/irmago/internal/test"
+	"github.com/privacybydesign/irmago/server"
 	"github.com/privacybydesign/irmago/server/keyshare/keyshareserver"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
@@ -37,16 +38,18 @@ func StartKeyshareServer(t *testing.T, l *logrus.Logger) {

 	testdataPath := test.FindTestdataFolder(t)
 	s, err := keyshareserver.New(&keyshareserver.Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		IssuerPrivateKeysPath: filepath.Join(testdataPath, "privatekeys"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/api/v1/",
+		Configuration: &server.Configuration{
+			SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
+			IssuerPrivateKeysPath: filepath.Join(testdataPath, "privatekeys"),
+			Logger:                l,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/api/v1/",
 		DB:                    db,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                l,
 	})
 	require.NoError(t, err)


--- a/irma/cmd/keyshare-myirma.go
+++ b/irma/cmd/keyshare-myirma.go
@@ -208,12 +208,20 @@ func configureMyirmad(cmd *cobra.Command) {

 	// And build the configuration
 	confKeyshareMyirma = &myirmaserver.Configuration{
-		SchemesPath:           viper.GetString("schemes-path"),
-		SchemesAssetsPath:     viper.GetString("schemes-assets-path"),
-		SchemesUpdateInterval: viper.GetInt("schemes-update"),
-		DisableSchemesUpdate:  viper.GetInt("schemes-update") == 0,
-		URL:                   string(regexp.MustCompile("(https?://[^/]*):port").ReplaceAll([]byte(viper.GetString("url")), []byte("$1:"+strconv.Itoa(viper.GetInt("port"))))),
-		DisableTLS:            viper.GetBool("no-tls"),
+		Configuration: &server.Configuration{
+			SchemesPath:           viper.GetString("schemes-path"),
+			SchemesAssetsPath:     viper.GetString("schemes-assets-path"),
+			SchemesUpdateInterval: viper.GetInt("schemes-update"),
+			DisableSchemesUpdate:  viper.GetInt("schemes-update") == 0,
+			DisableTLS:            viper.GetBool("no-tls"),
+			Verbose:               viper.GetInt("verbose"),
+			Quiet:                 viper.GetBool("quiet"),
+			LogJSON:               viper.GetBool("log-json"),
+			Logger:                logger,
+			Production:            viper.GetBool("production"),
+		},
+
+		MyIRMAURL: string(regexp.MustCompile("(https?://[^/]*):port").ReplaceAll([]byte(viper.GetString("url")), []byte("$1:"+strconv.Itoa(viper.GetInt("port"))))),

 		StaticPath:   viper.GetString("static-path"),
 		StaticPrefix: viper.GetString("static-prefix"),
@@ -235,12 +243,6 @@ func configureMyirmad(cmd *cobra.Command) {
 		DeleteEmailSubject:   viper.GetStringMapString("delete-email-subject"),
 		DeleteAccountFiles:   viper.GetStringMapString("delete-account-template"),
 		DeleteAccountSubject: viper.GetStringMapString("delete-account-subject"),
-
-		Verbose:    viper.GetInt("verbose"),
-		Quiet:      viper.GetBool("quiet"),
-		LogJSON:    viper.GetBool("log-json"),
-		Logger:     logger,
-		Production: viper.GetBool("production"),
 	}
 }


--- a/irma/cmd/keyshare-server.go
+++ b/irma/cmd/keyshare-server.go
@@ -209,13 +209,21 @@ func configureKeyshared(cmd *cobra.Command) {

 	// And build the configuration
 	confKeyshareServer = &keyshareserver.Configuration{
-		SchemesPath:           viper.GetString("schemes-path"),
-		SchemesAssetsPath:     viper.GetString("schemes-assets-path"),
-		SchemesUpdateInterval: viper.GetInt("schemes-update"),
-		DisableSchemesUpdate:  viper.GetInt("schemes-update") == 0,
-		IssuerPrivateKeysPath: viper.GetString("privkeys"),
-		URL:                   string(regexp.MustCompile("(https?://[^/]*):port").ReplaceAll([]byte(viper.GetString("url")), []byte("$1:"+strconv.Itoa(viper.GetInt("port"))))),
-		DisableTLS:            viper.GetBool("no-tls"),
+		Configuration: &server.Configuration{
+			SchemesPath:           viper.GetString("schemes-path"),
+			SchemesAssetsPath:     viper.GetString("schemes-assets-path"),
+			SchemesUpdateInterval: viper.GetInt("schemes-update"),
+			DisableSchemesUpdate:  viper.GetInt("schemes-update") == 0,
+			IssuerPrivateKeysPath: viper.GetString("privkeys"),
+			DisableTLS:            viper.GetBool("no-tls"),
+			Verbose:               viper.GetInt("verbose"),
+			Quiet:                 viper.GetBool("quiet"),
+			LogJSON:               viper.GetBool("log-json"),
+			Production:            viper.GetBool("production"),
+			Logger:                logger,
+		},
+
+		KeyshareURL: string(regexp.MustCompile("(https?://[^/]*):port").ReplaceAll([]byte(viper.GetString("url")), []byte("$1:"+strconv.Itoa(viper.GetInt("port"))))),

 		DBType:       keyshareserver.DatabaseType(viper.GetString("db-type")),
 		DBConnstring: viper.GetString("db"),
@@ -236,12 +244,6 @@ func configureKeyshared(cmd *cobra.Command) {
 		RegistrationEmailSubject: viper.GetStringMapString("registration-email-subject"),
 		RegistrationEmailFiles:   viper.GetStringMapString("registration-email-template"),
 		VerificationURL:          viper.GetStringMapString("verification-url"),
-
-		Verbose:    viper.GetInt("verbose"),
-		Quiet:      viper.GetBool("quiet"),
-		LogJSON:    viper.GetBool("log-json"),
-		Logger:     logger,
-		Production: viper.GetBool("production"),
 	}
 }


--- a/server/keyshare/keyshareserver/conf.go
+++ b/server/keyshare/keyshareserver/conf.go
@@ -12,9 +12,7 @@ import (

 	"github.com/dgrijalva/jwt-go"
 	"github.com/go-errors/errors"
-	irma "github.com/privacybydesign/irmago"
 	"github.com/privacybydesign/irmago/server"
-	"github.com/sirupsen/logrus"
 )

 type DatabaseType string
@@ -28,27 +26,11 @@ const (

 // Configuration contains configuration for the irmaserver library and irmad.
 type Configuration struct {
-	// IRMA server configuration. If not given, this will be populated using information here
-	ServerConfiguration *server.Configuration `json:"-"`
-	// Path to IRMA schemes to parse into server configuration (only used if ServerConfiguration == nil).
-	// If left empty, default value is taken using DefaultSchemesPath().
-	// If an empty folder is specified, default schemes (irma-demo and pbdf) are downloaded into it.
-	SchemesPath string `json:"schemes_path" mapstructure:"schemes_path"`
-	// If specified, schemes found here are copied into SchemesPath (only used if ServerConfiguration == nil)
-	SchemesAssetsPath string `json:"schemes_assets_path" mapstructure:"schemes_assets_path"`
-	// Disable scheme updating (used only if ServerConfiguration == nil)
-	DisableSchemesUpdate bool `json:"disable_schemes_update" mapstructure:"disable_schemes_update"`
-	// Update all schemes every x minutes (default value 0 means 60) (use DisableSchemesUpdate to disable)
-	// (used only if ServerConfiguration == nil)
-	SchemesUpdateInterval int `json:"schemes_update" mapstructure:"schemes_update"`
-	// Path to issuer private keys to parse
-	IssuerPrivateKeysPath string `json:"privkeys" mapstructure:"privkeys"`
+	// IRMA server configuration
+	*server.Configuration `mapstructure:",squash"`
+
 	// URL at which the IRMA app can reach this keyshare server during sessions
-	URL string `json:"url" mapstructure:"url"`
-	// Required to be set to true if URL does not begin with https:// in production mode.
-	// In this case, the server would communicate with IRMA apps over plain HTTP. You must otherwise
-	// ensure (using eg a reverse proxy with TLS enabled) that the attributes are protected in transit.
-	DisableTLS bool `json:"no_tls" mapstructure:"no_tls"`
+	KeyshareURL string `json:"url" mapstructure:"url"`

 	// Database configuration (ignored when database is provided)
 	DBType       DatabaseType `json:"db_type" mapstructure:"db_type"`
@@ -78,18 +60,6 @@ type Configuration struct {
 	RegistrationEmailSubject   map[string]string
 	VerificationURL            map[string]string
 	DefaultLanguage            string
-
-	// Logging verbosity level: 0 is normal, 1 includes DEBUG level, 2 includes TRACE level
-	Verbose int `json:"verbose" mapstructure:"verbose"`
-	// Don't log anything at all
-	Quiet bool `json:"quiet" mapstructure:"quiet"`
-	// Output structured log in JSON format
-	LogJSON bool `json:"log_json" mapstructure:"log_json"`
-	// Custom logger instance. If specified, Verbose, Quiet and LogJSON are ignored.
-	Logger *logrus.Logger `json:"-"`
-
-	// Production mode: enables safer and stricter defaults and config checking
-	Production bool `json:"production" mapstructure:"production"`
 }

 func readAESKey(filename string) (uint32, keysharecore.AesKey, error) {
@@ -108,32 +78,6 @@ func readAESKey(filename string) (uint32, keysharecore.AesKey, error) {
 // Process a passed configuration to ensure all field values are valid and initialized
 // as required by the rest of this keyshare server component.
 func processConfiguration(conf *Configuration) (*keysharecore.Core, error) {
-	// Setup log
-	if conf.Logger == nil {
-		conf.Logger = server.NewLogger(conf.Verbose, conf.Quiet, conf.LogJSON)
-	}
-	server.Logger = conf.Logger
-	irma.Logger = conf.Logger
-
-	// Setup server configuration if needed
-	if conf.ServerConfiguration == nil {
-		conf.ServerConfiguration = &server.Configuration{
-			SchemesPath:           conf.SchemesPath,
-			SchemesAssetsPath:     conf.SchemesAssetsPath,
-			DisableSchemesUpdate:  conf.DisableSchemesUpdate,
-			SchemesUpdateInterval: conf.SchemesUpdateInterval,
-			IssuerPrivateKeysPath: conf.IssuerPrivateKeysPath,
-			DisableTLS:            conf.DisableTLS,
-			Logger:                conf.Logger,
-		}
-	}
-
-	// Force loggers to match (TODO: reevaluate once logging is reworked in IRMA server)
-	conf.ServerConfiguration.Logger = conf.Logger
-
-	// Force production status to match
-	conf.ServerConfiguration.Production = conf.Production
-
 	// Setup email templates
 	if conf.EmailServer != "" && conf.RegistrationEmailTemplates == nil {
 		conf.RegistrationEmailTemplates = map[string]*template.Template{}
@@ -159,33 +103,6 @@ func processConfiguration(conf *Configuration) (*keysharecore.Core, error) {
 		}
 	}

-	// Load configuration (because server setup needs this to be in place)
-	if conf.ServerConfiguration.IrmaConfiguration == nil {
-		var (
-			err    error
-			exists bool
-		)
-		if conf.ServerConfiguration.SchemesPath == "" {
-			conf.ServerConfiguration.SchemesPath = irma.DefaultSchemesPath() // Returns an existing path
-		}
-		if exists, err = common.PathExists(conf.ServerConfiguration.SchemesPath); err != nil {
-			return nil, server.LogError(err)
-		}
-		if !exists {
-			return nil, server.LogError(errors.Errorf("Nonexisting schemes_path provided: %s", conf.ServerConfiguration.SchemesPath))
-		}
-		conf.Logger.WithField("schemes_path", conf.ServerConfiguration.SchemesPath).Info("Determined schemes path")
-		conf.ServerConfiguration.IrmaConfiguration, err = irma.NewConfiguration(conf.ServerConfiguration.SchemesPath, irma.ConfigurationOptions{
-			Assets: conf.ServerConfiguration.SchemesAssetsPath,
-		})
-		if err != nil {
-			return nil, server.LogError(err)
-		}
-		if err = conf.ServerConfiguration.IrmaConfiguration.ParseFolder(); err != nil {
-			return nil, server.LogError(err)
-		}
-	}
-
 	// Setup database
 	if conf.DB == nil {
 		switch conf.DBType {
@@ -203,23 +120,10 @@ func processConfiguration(conf *Configuration) (*keysharecore.Core, error) {
 	}

 	// Setup server urls
-	if !strings.HasSuffix(conf.URL, "/") {
-		conf.URL = conf.URL + "/"
-	}
-	if !strings.HasPrefix(conf.URL, "https://") {
-		if !conf.Production || conf.DisableTLS {
-			conf.DisableTLS = true
-			conf.Logger.Warnf("TLS is not enabled on the url \"%s\" to which the IRMA app will connect. "+
-				"Ensure that attributes are encrypted in transit by either enabling TLS or adding TLS in a reverse proxy.", conf.URL)
-		} else {
-			return nil, server.LogError(errors.Errorf("Running without TLS in production mode is unsafe without a reverse proxy. " +
-				"Either use a https:// URL or explicitly disable TLS."))
-		}
-	}
-	if conf.ServerConfiguration.URL == "" {
-		conf.ServerConfiguration.URL = conf.URL + "irma/"
-		conf.ServerConfiguration.DisableTLS = conf.DisableTLS // ensure matching checks
+	if !strings.HasSuffix(conf.KeyshareURL, "/") {
+		conf.KeyshareURL = conf.KeyshareURL + "/"
 	}
+	conf.URL = conf.KeyshareURL + "irma/"

 	// Parse keysharecore private keys and create a valid keyshare core
 	if conf.JwtPrivateKey == "" && conf.JwtPrivateKeyFile == "" {

--- a/server/keyshare/keyshareserver/conf_test.go
+++ b/server/keyshare/keyshareserver/conf_test.go
@@ -7,6 +7,7 @@ import (

 	irma "github.com/privacybydesign/irmago"
 	"github.com/privacybydesign/irmago/internal/test"
+	"github.com/privacybydesign/irmago/server"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -15,86 +16,101 @@ func TestConfInvalidAESKey(t *testing.T) {
 	testdataPath := test.FindTestdataFolder(t)

 	_, err := New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.NoError(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.NoError(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk-does-not-exist.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey-does-not-exist"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                "undefined",
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
 		StoragePrimaryKeyFile: filepath.Join(testdataPath, "keyshareStorageTestkey"),
 		KeyshareCredential:    "test.test.mijnirma",
 		KeyshareAttribute:     "email",
-		Logger:                irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -109,7 +125,6 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.Error(t, err)

@@ -118,8 +133,11 @@ func TestConfInvalidAESKey(t *testing.T) {
 	require.NoError(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -134,13 +152,15 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -155,13 +175,15 @@ func TestConfInvalidAESKey(t *testing.T) {
 		RegistrationEmailSubject: map[string]string{
 			"en": "testsubject",
 		},
-		Logger: irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -179,13 +201,15 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.NoError(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -203,13 +227,15 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.Error(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -227,13 +253,15 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.NoError(t, err)

 	_, err = New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/",
+		Configuration: &server.Configuration{
+			SchemesPath: filepath.Join(testdataPath, "irma_configuration"),
+			Logger:      irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/",
 		DBType:                DatabaseTypeMemory,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -251,7 +279,6 @@ func TestConfInvalidAESKey(t *testing.T) {
 		VerificationURL: map[string]string{
 			"en": "test",
 		},
-		Logger: irma.Logger,
 	})
 	assert.Error(t, err)
 }
--- a/server/keyshare/keyshareserver/server.go
+++ b/server/keyshare/keyshareserver/server.go
@@ -65,25 +65,24 @@ func New(conf *Configuration) (*Server, error) {
 		scheduler: gocron.NewScheduler(),
 	}

-	// Do initial processing of configuration and create keyshare core
-	s.core, err = processConfiguration(conf)
+	// Setup IRMA session server
+	s.sessionserver, err = irmaserver.New(conf.Configuration)
 	if err != nil {
 		return nil, err
 	}

-	// Load neccessary idemix keys into core, and ensure that future updates
-	// to them are processed
-	s.LoadIdemixKeys(conf.ServerConfiguration.IrmaConfiguration)
-	conf.ServerConfiguration.IrmaConfiguration.UpdateListeners = append(
-		conf.ServerConfiguration.IrmaConfiguration.UpdateListeners,
-		s.LoadIdemixKeys)
-
-	// Setup IRMA session server
-	s.sessionserver, err = irmaserver.New(conf.ServerConfiguration)
+	// Process configuration and create keyshare core
+	s.core, err = processConfiguration(conf)
 	if err != nil {
 		return nil, err
 	}

+	// Load neccessary idemix keys into core, and ensure that future updates
+	// to them are processed
+	s.LoadIdemixKeys(conf.IrmaConfiguration)
+	conf.IrmaConfiguration.UpdateListeners = append(
+		conf.IrmaConfiguration.UpdateListeners, s.LoadIdemixKeys)
+
 	// Setup DB
 	s.db = conf.DB


--- a/server/keyshare/keyshareserver/server_test.go
+++ b/server/keyshare/keyshareserver/server_test.go
@@ -14,6 +14,7 @@ import (
 	irma "github.com/privacybydesign/irmago"
 	"github.com/privacybydesign/irmago/internal/keysharecore"
 	"github.com/privacybydesign/irmago/internal/test"
+	"github.com/privacybydesign/irmago/server"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -450,9 +451,12 @@ var keyshareServ *http.Server
 func StartKeyshareServer(t *testing.T, db KeyshareDB, emailserver string) {
 	testdataPath := test.FindTestdataFolder(t)
 	s, err := New(&Configuration{
-		SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
-		IssuerPrivateKeysPath: filepath.Join(testdataPath, "privatekeys"),
-		URL:                   "http://localhost:8080/irma_keyshare_server/api/v1/",
+		Configuration: &server.Configuration{
+			SchemesPath:           filepath.Join(testdataPath, "irma_configuration"),
+			IssuerPrivateKeysPath: filepath.Join(testdataPath, "privatekeys"),
+			Logger:                irma.Logger,
+		},
+		KeyshareURL:           "http://localhost:8080/irma_keyshare_server/api/v1/",
 		DB:                    db,
 		JwtKeyID:              0,
 		JwtPrivateKeyFile:     filepath.Join(testdataPath, "jwtkeys", "kss-sk.pem"),
@@ -471,7 +475,6 @@ func StartKeyshareServer(t *testing.T, db KeyshareDB, emailserver string) {
 		VerificationURL: map[string]string{
 			"en": "http://example.com/verify/",
 		},
-		Logger: irma.Logger,
 	})
 	require.NoError(t, err)


--- a/server/keyshare/myirmaserver/conf.go
+++ b/server/keyshare/myirmaserver/conf.go
@@ -8,7 +8,6 @@ import (
 	"github.com/go-errors/errors"
 	irma "github.com/privacybydesign/irmago"
 	"github.com/privacybydesign/irmago/server"
-	"github.com/sirupsen/logrus"
 )

 type DatabaseType string
@@ -23,24 +22,9 @@ const (
 // Configuration contains configuration for the irmaserver library and irmad.
 type Configuration struct {
 	// IRMA server configuration. If not given, this will be populated using information here
-	ServerConfiguration *server.Configuration `json:"-"`
-	// Path to IRMA schemes to parse into server configuration (only used if ServerConfiguration == nil).
-	// If left empty, default value is taken using DefaultSchemesPath().
-	// If an empty folder is specified, default schemes (irma-demo and pbdf) are downloaded into it.