From 26447f99c92e346ca5823f84db8822e1988f726d Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sun, 19 Sep 2021 19:54:00 +0200 Subject: [PATCH] Extract startServer method from main() --- cmd/idp.go | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/cmd/idp.go b/cmd/idp.go index f228fd6..791672c 100644 --- a/cmd/idp.go +++ b/cmd/idp.go @@ -33,6 +33,7 @@ import ( "github.com/go-openapi/runtime/client" "github.com/gorilla/csrf" + "github.com/knadh/koanf" hydra "github.com/ory/hydra-client-go/client" log "github.com/sirupsen/logrus" @@ -145,22 +146,32 @@ func main() { logger.Fatalf("could not initialize request error handling: %v", err) } + handlerChain := tracing(logging(hsts(errorMiddleware(csrfProtect(router))))) + + startServer(ctx, handlerChain, logger, config) +} + +func startServer(ctx context.Context, handlerChain http.Handler, logger *log.Logger, config *koanf.Koanf) { + clientCertificateCAFile := config.MustString("security.client.ca-file") + serverName := config.String("server.name") + serverPort := config.Int("server.port") + clientCertPool := x509.NewCertPool() - pemBytes, err := ioutil.ReadFile(config.MustString("security.client.ca-file")) + pemBytes, err := ioutil.ReadFile(clientCertificateCAFile) if err != nil { logger.Fatalf("could not load client CA certificates: %v", err) } clientCertPool.AppendCertsFromPEM(pemBytes) tlsConfig := &tls.Config{ - ServerName: config.String("server.name"), + ServerName: serverName, MinVersion: tls.VersionTLS12, ClientAuth: tls.VerifyClientCertIfGiven, ClientCAs: clientCertPool, } server := &http.Server{ - Addr: fmt.Sprintf("%s:%d", config.String("server.name"), config.Int("server.port")), - Handler: tracing(logging(hsts(errorMiddleware(csrfProtect(router))))), + Addr: fmt.Sprintf("%s:%d", serverName, serverPort), + Handler: handlerChain, ReadTimeout: 20 * time.Second, WriteTimeout: 20 * time.Second, IdleTimeout: 30 * time.Second,