go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/tokenserver/appengine/impl/services/admin/adminsrv/service.go

go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/tokenserver/appengine/impl/services/admin/adminsrv/service.go (about)

     1  // Copyright 2016 The LUCI Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package adminsrv implements Admin API.
    16  //
    17  // Code defined here is either invoked by an administrator or by the service
    18  // itself (via cron jobs or task queues).
    19  package adminsrv
    20  
    21  import (
    22  	"go.chromium.org/luci/server/auth/signing"
    23  
    24  	"go.chromium.org/luci/tokenserver/api/admin/v1"
    25  
    26  	"go.chromium.org/luci/tokenserver/appengine/impl/certconfig"
    27  	"go.chromium.org/luci/tokenserver/appengine/impl/delegation"
    28  	"go.chromium.org/luci/tokenserver/appengine/impl/machinetoken"
    29  	"go.chromium.org/luci/tokenserver/appengine/impl/projectscope"
    30  	"go.chromium.org/luci/tokenserver/appengine/impl/serviceaccounts"
    31  )
    32  
    33  // AdminServer implements admin.AdminServer RPC interface.
    34  type AdminServer struct {
    35  	admin.UnsafeAdminServer
    36  
    37  	certconfig.ImportCAConfigsRPC
    38  	delegation.ImportDelegationConfigsRPC
    39  	delegation.InspectDelegationTokenRPC
    40  	machinetoken.InspectMachineTokenRPC
    41  	projectscope.ImportProjectIdentityConfigsRPC
    42  	serviceaccounts.ImportProjectOwnedAccountsConfigsRPC
    43  }
    44  
    45  // NewServer returns prod AdminServer implementation.
    46  //
    47  // It assumes authorization has happened already.
    48  func NewServer(signer signing.Signer) *AdminServer {
    49  	return &AdminServer{
    50  		ImportDelegationConfigsRPC: delegation.ImportDelegationConfigsRPC{
    51  			RulesCache: delegation.GlobalRulesCache,
    52  		},
    53  		InspectDelegationTokenRPC: delegation.InspectDelegationTokenRPC{
    54  			Signer: signer,
    55  		},
    56  		InspectMachineTokenRPC: machinetoken.InspectMachineTokenRPC{
    57  			Signer: signer,
    58  		},
    59  		ImportProjectIdentityConfigsRPC: projectscope.ImportProjectIdentityConfigsRPC{},
    60  		ImportProjectOwnedAccountsConfigsRPC: serviceaccounts.ImportProjectOwnedAccountsConfigsRPC{
    61  			MappingCache: serviceaccounts.GlobalMappingCache,
    62  		},
    63  	}
    64  }