3 files changed, 1 insertions, 85 deletions

diff --git a/server/rpc.go b/server/rpc.go
deleted file mode 100644
index 2d02218..0000000
--- a/server/rpc.go
+++ /dev/null
@@ -1,68 +0,0 @@
-package server
-
-import (
-	"log"
-	"net"
-
-	"golang.org/x/net/context"
-
-	"golang.org/x/oauth2"
-
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/metadata"
-
-	"github.com/nsheridan/cashier/lib"
-	"github.com/nsheridan/cashier/proto"
-)
-
-type rpcServer struct{}
-
-type key int
-
-const usernameKey key = 0
-
-func (s *rpcServer) Sign(ctx context.Context, req *proto.SignRequest) (*proto.SignResponse, error) {
-	username, ok := ctx.Value(usernameKey).(string)
-	if !ok {
-		return nil, grpc.Errorf(codes.InvalidArgument, "Error reading username")
-	}
-	cert, err := keysigner.SignUserKeyFromRPC(req, username)
-	if err != nil {
-		return nil, grpc.Errorf(codes.InvalidArgument, err.Error())
-	}
-	if err := certstore.SetCert(cert); err != nil {
-		log.Printf("Error recording cert: %v", err)
-	}
-	resp := &proto.SignResponse{
-		Cert: lib.GetPublicKey(cert),
-	}
-	return resp, nil
-}
-
-func authInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
-	md, ok := metadata.FromOutgoingContext(ctx)
-	if !ok {
-		return nil, grpc.Errorf(codes.Unauthenticated, "request not authenticated")
-	}
-	switch md["security"][0] {
-	case "authorization":
-		token := &oauth2.Token{
-			AccessToken: md["payload"][0],
-		}
-		if !authprovider.Valid(token) {
-			return nil, grpc.Errorf(codes.PermissionDenied, "access denied")
-		}
-		ctx = context.WithValue(ctx, usernameKey, authprovider.Username(token))
-		authprovider.Revoke(token)
-	default:
-		return nil, grpc.Errorf(codes.InvalidArgument, "unknown argument")
-	}
-	return handler(ctx, req)
-}
-
-func runGRPCServer(l net.Listener) {
-	serv := grpc.NewServer(grpc.UnaryInterceptor(authInterceptor))
-	proto.RegisterSignerServer(serv, &rpcServer{})
-	serv.Serve(l)
-}
diff --git a/server/server.go b/server/server.go
index 97b3c63..2995ead 100644
--- a/server/server.go
+++ b/server/server.go
@@ -41,7 +41,7 @@ func loadCerts(certFile, keyFile string) (tls.Certificate, error) {
 	return tls.X509KeyPair(cert, key)
 }
 
-// Run the HTTP and RPC servers.
+// Run the HTTP server.
 func Run(conf *config.Config) {
 	var err error
 	keysigner, err = signer.New(conf.SSH)
diff --git a/server/signer/signer.go b/server/signer/signer.go
index 47ff7c8..8830d50 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -10,9 +10,7 @@ import (
 	"go4.org/wkfs"
 	_ "go4.org/wkfs/gcs" // Register "/gcs/" as a wkfs.
 
-	"github.com/golang/protobuf/ptypes"
 	"github.com/nsheridan/cashier/lib"
-	"github.com/nsheridan/cashier/proto"
 	"github.com/nsheridan/cashier/server/config"
 	"github.com/nsheridan/cashier/server/store"
 	"github.com/stripe/krl"
@@ -53,20 +51,6 @@ func (s *KeySigner) setPermissions(cert *ssh.Certificate) {
 	}
 }
 
-// SignUserKeyFromRPC returns a signed ssh certificate.
-func (s *KeySigner) SignUserKeyFromRPC(req *proto.SignRequest, username string) (*ssh.Certificate, error) {
-	valid, err := ptypes.Timestamp(req.GetValidUntil())
-	if err != nil {
-		return nil, err
-	}
-	r := &lib.SignRequest{
-		Key:        string(req.GetKey()),
-		ValidUntil: valid,
-		Message:    string(req.GetMessage()),
-	}
-	return s.SignUserKey(r, username)
-}
-
 // SignUserKey returns a signed ssh certificate.
 func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) {
 	pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key))