Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
IRMA
Github mirrors
irmago
Commits
2e763493
Commit
2e763493
authored
Apr 16, 2021
by
Sietse Ringers
Browse files
feat: remove all keyshare servers configuration options already present in server.Configuration
parent
028c70db
Changes
11
Hide whitespace changes
Inline
Side-by-side
internal/testkeyshare/testkeyshare.go
View file @
2e763493
...
...
@@ -10,6 +10,7 @@ import (
"github.com/go-chi/chi"
"github.com/privacybydesign/irmago/internal/keysharecore"
"github.com/privacybydesign/irmago/internal/test"
"github.com/privacybydesign/irmago/server"
"github.com/privacybydesign/irmago/server/keyshare/keyshareserver"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
...
...
@@ -37,16 +38,18 @@ func StartKeyshareServer(t *testing.T, l *logrus.Logger) {
testdataPath
:=
test
.
FindTestdataFolder
(
t
)
s
,
err
:=
keyshareserver
.
New
(
&
keyshareserver
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
IssuerPrivateKeysPath
:
filepath
.
Join
(
testdataPath
,
"privatekeys"
),
URL
:
"http://localhost:8080/irma_keyshare_server/api/v1/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
IssuerPrivateKeysPath
:
filepath
.
Join
(
testdataPath
,
"privatekeys"
),
Logger
:
l
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/api/v1/"
,
DB
:
db
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
l
,
})
require
.
NoError
(
t
,
err
)
...
...
irma/cmd/keyshare-myirma.go
View file @
2e763493
...
...
@@ -208,12 +208,20 @@ func configureMyirmad(cmd *cobra.Command) {
// And build the configuration
confKeyshareMyirma
=
&
myirmaserver
.
Configuration
{
SchemesPath
:
viper
.
GetString
(
"schemes-path"
),
SchemesAssetsPath
:
viper
.
GetString
(
"schemes-assets-path"
),
SchemesUpdateInterval
:
viper
.
GetInt
(
"schemes-update"
),
DisableSchemesUpdate
:
viper
.
GetInt
(
"schemes-update"
)
==
0
,
URL
:
string
(
regexp
.
MustCompile
(
"(https?://[^/]*):port"
)
.
ReplaceAll
([]
byte
(
viper
.
GetString
(
"url"
)),
[]
byte
(
"$1:"
+
strconv
.
Itoa
(
viper
.
GetInt
(
"port"
))))),
DisableTLS
:
viper
.
GetBool
(
"no-tls"
),
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
viper
.
GetString
(
"schemes-path"
),
SchemesAssetsPath
:
viper
.
GetString
(
"schemes-assets-path"
),
SchemesUpdateInterval
:
viper
.
GetInt
(
"schemes-update"
),
DisableSchemesUpdate
:
viper
.
GetInt
(
"schemes-update"
)
==
0
,
DisableTLS
:
viper
.
GetBool
(
"no-tls"
),
Verbose
:
viper
.
GetInt
(
"verbose"
),
Quiet
:
viper
.
GetBool
(
"quiet"
),
LogJSON
:
viper
.
GetBool
(
"log-json"
),
Logger
:
logger
,
Production
:
viper
.
GetBool
(
"production"
),
},
MyIRMAURL
:
string
(
regexp
.
MustCompile
(
"(https?://[^/]*):port"
)
.
ReplaceAll
([]
byte
(
viper
.
GetString
(
"url"
)),
[]
byte
(
"$1:"
+
strconv
.
Itoa
(
viper
.
GetInt
(
"port"
))))),
StaticPath
:
viper
.
GetString
(
"static-path"
),
StaticPrefix
:
viper
.
GetString
(
"static-prefix"
),
...
...
@@ -235,12 +243,6 @@ func configureMyirmad(cmd *cobra.Command) {
DeleteEmailSubject
:
viper
.
GetStringMapString
(
"delete-email-subject"
),
DeleteAccountFiles
:
viper
.
GetStringMapString
(
"delete-account-template"
),
DeleteAccountSubject
:
viper
.
GetStringMapString
(
"delete-account-subject"
),
Verbose
:
viper
.
GetInt
(
"verbose"
),
Quiet
:
viper
.
GetBool
(
"quiet"
),
LogJSON
:
viper
.
GetBool
(
"log-json"
),
Logger
:
logger
,
Production
:
viper
.
GetBool
(
"production"
),
}
}
...
...
irma/cmd/keyshare-server.go
View file @
2e763493
...
...
@@ -209,13 +209,21 @@ func configureKeyshared(cmd *cobra.Command) {
// And build the configuration
confKeyshareServer
=
&
keyshareserver
.
Configuration
{
SchemesPath
:
viper
.
GetString
(
"schemes-path"
),
SchemesAssetsPath
:
viper
.
GetString
(
"schemes-assets-path"
),
SchemesUpdateInterval
:
viper
.
GetInt
(
"schemes-update"
),
DisableSchemesUpdate
:
viper
.
GetInt
(
"schemes-update"
)
==
0
,
IssuerPrivateKeysPath
:
viper
.
GetString
(
"privkeys"
),
URL
:
string
(
regexp
.
MustCompile
(
"(https?://[^/]*):port"
)
.
ReplaceAll
([]
byte
(
viper
.
GetString
(
"url"
)),
[]
byte
(
"$1:"
+
strconv
.
Itoa
(
viper
.
GetInt
(
"port"
))))),
DisableTLS
:
viper
.
GetBool
(
"no-tls"
),
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
viper
.
GetString
(
"schemes-path"
),
SchemesAssetsPath
:
viper
.
GetString
(
"schemes-assets-path"
),
SchemesUpdateInterval
:
viper
.
GetInt
(
"schemes-update"
),
DisableSchemesUpdate
:
viper
.
GetInt
(
"schemes-update"
)
==
0
,
IssuerPrivateKeysPath
:
viper
.
GetString
(
"privkeys"
),
DisableTLS
:
viper
.
GetBool
(
"no-tls"
),
Verbose
:
viper
.
GetInt
(
"verbose"
),
Quiet
:
viper
.
GetBool
(
"quiet"
),
LogJSON
:
viper
.
GetBool
(
"log-json"
),
Production
:
viper
.
GetBool
(
"production"
),
Logger
:
logger
,
},
KeyshareURL
:
string
(
regexp
.
MustCompile
(
"(https?://[^/]*):port"
)
.
ReplaceAll
([]
byte
(
viper
.
GetString
(
"url"
)),
[]
byte
(
"$1:"
+
strconv
.
Itoa
(
viper
.
GetInt
(
"port"
))))),
DBType
:
keyshareserver
.
DatabaseType
(
viper
.
GetString
(
"db-type"
)),
DBConnstring
:
viper
.
GetString
(
"db"
),
...
...
@@ -236,12 +244,6 @@ func configureKeyshared(cmd *cobra.Command) {
RegistrationEmailSubject
:
viper
.
GetStringMapString
(
"registration-email-subject"
),
RegistrationEmailFiles
:
viper
.
GetStringMapString
(
"registration-email-template"
),
VerificationURL
:
viper
.
GetStringMapString
(
"verification-url"
),
Verbose
:
viper
.
GetInt
(
"verbose"
),
Quiet
:
viper
.
GetBool
(
"quiet"
),
LogJSON
:
viper
.
GetBool
(
"log-json"
),
Logger
:
logger
,
Production
:
viper
.
GetBool
(
"production"
),
}
}
...
...
server/keyshare/keyshareserver/conf.go
View file @
2e763493
...
...
@@ -12,9 +12,7 @@ import (
"github.com/dgrijalva/jwt-go"
"github.com/go-errors/errors"
irma
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/server"
"github.com/sirupsen/logrus"
)
type
DatabaseType
string
...
...
@@ -28,27 +26,11 @@ const (
// Configuration contains configuration for the irmaserver library and irmad.
type
Configuration
struct
{
// IRMA server configuration. If not given, this will be populated using information here
ServerConfiguration
*
server
.
Configuration
`json:"-"`
// Path to IRMA schemes to parse into server configuration (only used if ServerConfiguration == nil).
// If left empty, default value is taken using DefaultSchemesPath().
// If an empty folder is specified, default schemes (irma-demo and pbdf) are downloaded into it.
SchemesPath
string
`json:"schemes_path" mapstructure:"schemes_path"`
// If specified, schemes found here are copied into SchemesPath (only used if ServerConfiguration == nil)
SchemesAssetsPath
string
`json:"schemes_assets_path" mapstructure:"schemes_assets_path"`
// Disable scheme updating (used only if ServerConfiguration == nil)
DisableSchemesUpdate
bool
`json:"disable_schemes_update" mapstructure:"disable_schemes_update"`
// Update all schemes every x minutes (default value 0 means 60) (use DisableSchemesUpdate to disable)
// (used only if ServerConfiguration == nil)
SchemesUpdateInterval
int
`json:"schemes_update" mapstructure:"schemes_update"`
// Path to issuer private keys to parse
IssuerPrivateKeysPath
string
`json:"privkeys" mapstructure:"privkeys"`
// IRMA server configuration
*
server
.
Configuration
`mapstructure:",squash"`
// URL at which the IRMA app can reach this keyshare server during sessions
URL
string
`json:"url" mapstructure:"url"`
// Required to be set to true if URL does not begin with https:// in production mode.
// In this case, the server would communicate with IRMA apps over plain HTTP. You must otherwise
// ensure (using eg a reverse proxy with TLS enabled) that the attributes are protected in transit.
DisableTLS
bool
`json:"no_tls" mapstructure:"no_tls"`
KeyshareURL
string
`json:"url" mapstructure:"url"`
// Database configuration (ignored when database is provided)
DBType
DatabaseType
`json:"db_type" mapstructure:"db_type"`
...
...
@@ -78,18 +60,6 @@ type Configuration struct {
RegistrationEmailSubject
map
[
string
]
string
VerificationURL
map
[
string
]
string
DefaultLanguage
string
// Logging verbosity level: 0 is normal, 1 includes DEBUG level, 2 includes TRACE level
Verbose
int
`json:"verbose" mapstructure:"verbose"`
// Don't log anything at all
Quiet
bool
`json:"quiet" mapstructure:"quiet"`
// Output structured log in JSON format
LogJSON
bool
`json:"log_json" mapstructure:"log_json"`
// Custom logger instance. If specified, Verbose, Quiet and LogJSON are ignored.
Logger
*
logrus
.
Logger
`json:"-"`
// Production mode: enables safer and stricter defaults and config checking
Production
bool
`json:"production" mapstructure:"production"`
}
func
readAESKey
(
filename
string
)
(
uint32
,
keysharecore
.
AesKey
,
error
)
{
...
...
@@ -108,32 +78,6 @@ func readAESKey(filename string) (uint32, keysharecore.AesKey, error) {
// Process a passed configuration to ensure all field values are valid and initialized
// as required by the rest of this keyshare server component.
func
processConfiguration
(
conf
*
Configuration
)
(
*
keysharecore
.
Core
,
error
)
{
// Setup log
if
conf
.
Logger
==
nil
{
conf
.
Logger
=
server
.
NewLogger
(
conf
.
Verbose
,
conf
.
Quiet
,
conf
.
LogJSON
)
}
server
.
Logger
=
conf
.
Logger
irma
.
Logger
=
conf
.
Logger
// Setup server configuration if needed
if
conf
.
ServerConfiguration
==
nil
{
conf
.
ServerConfiguration
=
&
server
.
Configuration
{
SchemesPath
:
conf
.
SchemesPath
,
SchemesAssetsPath
:
conf
.
SchemesAssetsPath
,
DisableSchemesUpdate
:
conf
.
DisableSchemesUpdate
,
SchemesUpdateInterval
:
conf
.
SchemesUpdateInterval
,
IssuerPrivateKeysPath
:
conf
.
IssuerPrivateKeysPath
,
DisableTLS
:
conf
.
DisableTLS
,
Logger
:
conf
.
Logger
,
}
}
// Force loggers to match (TODO: reevaluate once logging is reworked in IRMA server)
conf
.
ServerConfiguration
.
Logger
=
conf
.
Logger
// Force production status to match
conf
.
ServerConfiguration
.
Production
=
conf
.
Production
// Setup email templates
if
conf
.
EmailServer
!=
""
&&
conf
.
RegistrationEmailTemplates
==
nil
{
conf
.
RegistrationEmailTemplates
=
map
[
string
]
*
template
.
Template
{}
...
...
@@ -159,33 +103,6 @@ func processConfiguration(conf *Configuration) (*keysharecore.Core, error) {
}
}
// Load configuration (because server setup needs this to be in place)
if
conf
.
ServerConfiguration
.
IrmaConfiguration
==
nil
{
var
(
err
error
exists
bool
)
if
conf
.
ServerConfiguration
.
SchemesPath
==
""
{
conf
.
ServerConfiguration
.
SchemesPath
=
irma
.
DefaultSchemesPath
()
// Returns an existing path
}
if
exists
,
err
=
common
.
PathExists
(
conf
.
ServerConfiguration
.
SchemesPath
);
err
!=
nil
{
return
nil
,
server
.
LogError
(
err
)
}
if
!
exists
{
return
nil
,
server
.
LogError
(
errors
.
Errorf
(
"Nonexisting schemes_path provided: %s"
,
conf
.
ServerConfiguration
.
SchemesPath
))
}
conf
.
Logger
.
WithField
(
"schemes_path"
,
conf
.
ServerConfiguration
.
SchemesPath
)
.
Info
(
"Determined schemes path"
)
conf
.
ServerConfiguration
.
IrmaConfiguration
,
err
=
irma
.
NewConfiguration
(
conf
.
ServerConfiguration
.
SchemesPath
,
irma
.
ConfigurationOptions
{
Assets
:
conf
.
ServerConfiguration
.
SchemesAssetsPath
,
})
if
err
!=
nil
{
return
nil
,
server
.
LogError
(
err
)
}
if
err
=
conf
.
ServerConfiguration
.
IrmaConfiguration
.
ParseFolder
();
err
!=
nil
{
return
nil
,
server
.
LogError
(
err
)
}
}
// Setup database
if
conf
.
DB
==
nil
{
switch
conf
.
DBType
{
...
...
@@ -203,23 +120,10 @@ func processConfiguration(conf *Configuration) (*keysharecore.Core, error) {
}
// Setup server urls
if
!
strings
.
HasSuffix
(
conf
.
URL
,
"/"
)
{
conf
.
URL
=
conf
.
URL
+
"/"
}
if
!
strings
.
HasPrefix
(
conf
.
URL
,
"https://"
)
{
if
!
conf
.
Production
||
conf
.
DisableTLS
{
conf
.
DisableTLS
=
true
conf
.
Logger
.
Warnf
(
"TLS is not enabled on the url
\"
%s
\"
to which the IRMA app will connect. "
+
"Ensure that attributes are encrypted in transit by either enabling TLS or adding TLS in a reverse proxy."
,
conf
.
URL
)
}
else
{
return
nil
,
server
.
LogError
(
errors
.
Errorf
(
"Running without TLS in production mode is unsafe without a reverse proxy. "
+
"Either use a https:// URL or explicitly disable TLS."
))
}
}
if
conf
.
ServerConfiguration
.
URL
==
""
{
conf
.
ServerConfiguration
.
URL
=
conf
.
URL
+
"irma/"
conf
.
ServerConfiguration
.
DisableTLS
=
conf
.
DisableTLS
// ensure matching checks
if
!
strings
.
HasSuffix
(
conf
.
KeyshareURL
,
"/"
)
{
conf
.
KeyshareURL
=
conf
.
KeyshareURL
+
"/"
}
conf
.
URL
=
conf
.
KeyshareURL
+
"irma/"
// Parse keysharecore private keys and create a valid keyshare core
if
conf
.
JwtPrivateKey
==
""
&&
conf
.
JwtPrivateKeyFile
==
""
{
...
...
server/keyshare/keyshareserver/conf_test.go
View file @
2e763493
...
...
@@ -7,6 +7,7 @@ import (
irma
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/test"
"github.com/privacybydesign/irmago/server"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
...
...
@@ -15,86 +16,101 @@ func TestConfInvalidAESKey(t *testing.T) {
testdataPath
:=
test
.
FindTestdataFolder
(
t
)
_
,
err
:=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
NoError
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
NoError
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk-does-not-exist.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey-does-not-exist"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
"undefined"
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
StoragePrimaryKeyFile
:
filepath
.
Join
(
testdataPath
,
"keyshareStorageTestkey"
),
KeyshareCredential
:
"test.test.mijnirma"
,
KeyshareAttribute
:
"email"
,
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -109,7 +125,6 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
...
...
@@ -118,8 +133,11 @@ func TestConfInvalidAESKey(t *testing.T) {
require
.
NoError
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -134,13 +152,15 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -155,13 +175,15 @@ func TestConfInvalidAESKey(t *testing.T) {
RegistrationEmailSubject
:
map
[
string
]
string
{
"en"
:
"testsubject"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -179,13 +201,15 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
NoError
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -203,13 +227,15 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -227,13 +253,15 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
NoError
(
t
,
err
)
_
,
err
=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
URL
:
"http://localhost:8080/irma_keyshare_server/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/"
,
DBType
:
DatabaseTypeMemory
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -251,7 +279,6 @@ func TestConfInvalidAESKey(t *testing.T) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"test"
,
},
Logger
:
irma
.
Logger
,
})
assert
.
Error
(
t
,
err
)
}
server/keyshare/keyshareserver/server.go
View file @
2e763493
...
...
@@ -65,25 +65,24 @@ func New(conf *Configuration) (*Server, error) {
scheduler
:
gocron
.
NewScheduler
(),
}
//
Do initial processing of configuration and create keyshare core
s
.
core
,
err
=
process
Configuration
(
conf
)
//
Setup IRMA session server
s
.
sessionserver
,
err
=
irmaserver
.
New
(
conf
.
Configuration
)
if
err
!=
nil
{
return
nil
,
err
}
// Load neccessary idemix keys into core, and ensure that future updates
// to them are processed
s
.
LoadIdemixKeys
(
conf
.
ServerConfiguration
.
IrmaConfiguration
)
conf
.
ServerConfiguration
.
IrmaConfiguration
.
UpdateListeners
=
append
(
conf
.
ServerConfiguration
.
IrmaConfiguration
.
UpdateListeners
,
s
.
LoadIdemixKeys
)
// Setup IRMA session server
s
.
sessionserver
,
err
=
irmaserver
.
New
(
conf
.
ServerConfiguration
)
// Process configuration and create keyshare core
s
.
core
,
err
=
processConfiguration
(
conf
)
if
err
!=
nil
{
return
nil
,
err
}
// Load neccessary idemix keys into core, and ensure that future updates
// to them are processed
s
.
LoadIdemixKeys
(
conf
.
IrmaConfiguration
)
conf
.
IrmaConfiguration
.
UpdateListeners
=
append
(
conf
.
IrmaConfiguration
.
UpdateListeners
,
s
.
LoadIdemixKeys
)
// Setup DB
s
.
db
=
conf
.
DB
...
...
server/keyshare/keyshareserver/server_test.go
View file @
2e763493
...
...
@@ -14,6 +14,7 @@ import (
irma
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/keysharecore"
"github.com/privacybydesign/irmago/internal/test"
"github.com/privacybydesign/irmago/server"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
...
...
@@ -450,9 +451,12 @@ var keyshareServ *http.Server
func
StartKeyshareServer
(
t
*
testing
.
T
,
db
KeyshareDB
,
emailserver
string
)
{
testdataPath
:=
test
.
FindTestdataFolder
(
t
)
s
,
err
:=
New
(
&
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
IssuerPrivateKeysPath
:
filepath
.
Join
(
testdataPath
,
"privatekeys"
),
URL
:
"http://localhost:8080/irma_keyshare_server/api/v1/"
,
Configuration
:
&
server
.
Configuration
{
SchemesPath
:
filepath
.
Join
(
testdataPath
,
"irma_configuration"
),
IssuerPrivateKeysPath
:
filepath
.
Join
(
testdataPath
,
"privatekeys"
),
Logger
:
irma
.
Logger
,
},
KeyshareURL
:
"http://localhost:8080/irma_keyshare_server/api/v1/"
,
DB
:
db
,
JwtKeyID
:
0
,
JwtPrivateKeyFile
:
filepath
.
Join
(
testdataPath
,
"jwtkeys"
,
"kss-sk.pem"
),
...
...
@@ -471,7 +475,6 @@ func StartKeyshareServer(t *testing.T, db KeyshareDB, emailserver string) {
VerificationURL
:
map
[
string
]
string
{
"en"
:
"http://example.com/verify/"
,
},
Logger
:
irma
.
Logger
,
})
require
.
NoError
(
t
,
err
)
...
...
server/keyshare/myirmaserver/conf.go
View file @
2e763493
...
...
@@ -8,7 +8,6 @@ import (
"github.com/go-errors/errors"
irma
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/server"
"github.com/sirupsen/logrus"
)
type
DatabaseType
string
...
...
@@ -23,24 +22,9 @@ const (
// Configuration contains configuration for the irmaserver library and irmad.
type
Configuration
struct
{
// IRMA server configuration. If not given, this will be populated using information here
ServerConfiguration
*
server
.
Configuration
`json:"-"`
// Path to IRMA schemes to parse into server configuration (only used if ServerConfiguration == nil).
// If left empty, default value is taken using DefaultSchemesPath().
// If an empty folder is specified, default schemes (irma-demo and pbdf) are downloaded into it.