nel.pet
1package xrpc
2
3import (
4 _ "embed"
5 "encoding/json"
6 "log/slog"
7 "net/http"
8
9 "github.com/go-chi/chi/v5"
10
11 "tangled.org/core/api/tangled"
12 "tangled.org/core/idresolver"
13 "tangled.org/core/rbac"
14 "tangled.org/core/spindle/config"
15 "tangled.org/core/spindle/db"
16 "tangled.org/core/spindle/models"
17 "tangled.org/core/spindle/secrets"
18 xrpcerr "tangled.org/core/xrpc/errors"
19 "tangled.org/core/xrpc/serviceauth"
20)
21
22const ActorDid string = "ActorDid"
23
24type Xrpc struct {
25 Logger *slog.Logger
26 Db *db.DB
27 Enforcer *rbac.Enforcer
28 Engines map[string]models.Engine
29 Config *config.Config
30 Resolver *idresolver.Resolver
31 Vault secrets.Manager
32 ServiceAuth *serviceauth.ServiceAuth
33}
34
35func (x *Xrpc) Router() http.Handler {
36 r := chi.NewRouter()
37
38 r.Group(func(r chi.Router) {
39 r.Use(x.ServiceAuth.VerifyServiceAuth)
40
41 r.Post("/"+tangled.RepoAddSecretNSID, x.AddSecret)
42 r.Post("/"+tangled.RepoRemoveSecretNSID, x.RemoveSecret)
43 r.Get("/"+tangled.RepoListSecretsNSID, x.ListSecrets)
44 })
45
46 // service query endpoints (no auth required)
47 r.Get("/"+tangled.OwnerNSID, x.Owner)
48
49 return r
50}
51
52// this is slightly different from http_util::write_error to follow the spec:
53//
54// the json object returned must include an "error" and a "message"
55func writeError(w http.ResponseWriter, e xrpcerr.XrpcError, status int) {
56 w.Header().Set("Content-Type", "application/json")
57 w.WriteHeader(status)
58 json.NewEncoder(w).Encode(e)
59}