grpc

Author: flyqie

cmd/server/main.go

@@ -7,7 +7,6 @@ import (
 	openvmv1Connect "github.com/openvm-http/openvm-api/gen/openvm/v1/v1connect"
 	"github.com/openvm-http/openvm-api/internal/interceptor"
 	openvmServer "github.com/openvm-http/openvm-api/internal/service/openvm"
-	"github.com/rs/cors"
 	"log"
 	"net/http"
 	"os"
@@ -22,45 +21,6 @@ import (
 var gitTag string
 var dateTime string
 
-func disableCORS() *cors.Cors {
-	// To let web developers play with the demo service from browsers, we need a
-	// very permissive CORS setup.
-	return cors.New(cors.Options{
-		AllowedMethods: []string{
-			http.MethodHead,
-			http.MethodGet,
-			http.MethodPost,
-			http.MethodPut,
-			http.MethodPatch,
-			http.MethodDelete,
-		},
-		AllowOriginFunc: func(_ /* origin */ string) bool {
-			// Allow all origins, which effectively disables CORS.
-			return true
-		},
-		AllowedHeaders: []string{"*"},
-		ExposedHeaders: []string{
-			// Content-Type is in the default safelist.
-			"Accept",
-			"Accept-Encoding",
-			"Accept-Post",
-			"Connect-Accept-Encoding",
-			"Connect-Content-Encoding",
-			"Content-Encoding",
-			"Grpc-Accept-Encoding",
-			"Grpc-Encoding",
-			"Grpc-Message",
-			"Grpc-Status",
-			"Grpc-Status-Details-Bin",
-		},
-		// Let browsers cache CORS information for longer, which reduces the number
-		// of preflight requests. Any changes to ExposedHeaders won't take effect
-		// until the cached data expires. FF caps this value at 24h, and modern
-		// Chrome caps it at 2h.
-		MaxAge: int(2 * time.Hour / time.Second),
-	})
-}
-
 func main() {
 	log.Printf("OpenVM-API %s %s", gitTag, dateTime)
 	if token := os.Getenv("ACCESS_TOKEN"); token != "" {
@@ -73,33 +33,11 @@ func main() {
 		addr = addrEnv
 	}
 
-	interceptors := connect.WithInterceptors(interceptor.NewAuthInterceptor())
 	api := http.NewServeMux()
 	api.Handle(openvmv1Connect.NewApiServiceHandler(
 		&openvmServer.ApiServer{},
-		interceptors,
+		connect.WithInterceptors(interceptor.NewAuthInterceptor()),
 	))
-	mux := http.NewServeMux()
-	mux.Handle("/api/", http.StripPrefix("/api", api))
-	var httpServerMux http.Handler
-	if disableCors := os.Getenv("DISABLE_CORS"); disableCors == "YES_I_KNOWN_NOT_SAFE" {
-		log.Printf("Security Warning: DISABLE_CORS set!\n")
-		httpServerMux = disableCORS().Handler(mux)
-	} else {
-		httpServerMux = mux
-	}
-
-	srv := &http.Server{
-		Addr:    addr,
-		Handler: h2c.NewHandler(httpServerMux, &http2.Server{}),
-	}
-	log.Printf("HTTP server listening on %s\n", addr)
-	go func() {
-		if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
-			log.Fatalf("HTTP listen and serve: %v\n", err)
-		}
-	}()
-	// grpc
 	apiSrv := &http.Server{
 		Addr:    addr,
 		Handler: h2c.NewHandler(api, &http2.Server{}),
@@ -116,12 +54,7 @@ func main() {
 	<-signals
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
 	defer cancel()
-	if err := srv.Shutdown(ctx); err != nil {
-		log.Fatalf("HTTP shutdown: %v\n", err)
-	}
-	ctx2, cancel2 := context.WithTimeout(context.Background(), time.Second)
-	defer cancel2()
-	if err := apiSrv.Shutdown(ctx2); err != nil {
+	if err := apiSrv.Shutdown(ctx); err != nil {
 		log.Fatalf("apiSrv shutdown: %v\n", err)
 	}
 }