New API security

pkg/server/service/service.go

@@ -34,7 +34,7 @@ const (
 )
 
 // NewManager creates a new Manager
-func NewManager(configs map[string]*runtime.ServiceInfo, defaultRoundTripper http.RoundTripper, metricsRegistry metrics.Registry, routinePool *safe.Pool) *Manager {
+func NewManager(configs map[string]*runtime.ServiceInfo, defaultRoundTripper http.RoundTripper, metricsRegistry metrics.Registry, routinePool *safe.Pool, api http.Handler, rest http.Handler) *Manager {
 	return &Manager{
 		routinePool:         routinePool,
 		metricsRegistry:     metricsRegistry,
@@ -42,6 +42,8 @@ func NewManager(configs map[string]*runtime.ServiceInfo, defaultRoundTripper htt
 		defaultRoundTripper: defaultRoundTripper,
 		balancers:           make(map[string][]healthcheck.BalancerHandler),
 		configs:             configs,
+		api:                 api,
+		rest:                rest,
 	}
 }
 
@@ -53,10 +55,26 @@ type Manager struct {
 	defaultRoundTripper http.RoundTripper
 	balancers           map[string][]healthcheck.BalancerHandler
 	configs             map[string]*runtime.ServiceInfo
+	api                 http.Handler
+	rest                http.Handler
 }
 
 // BuildHTTP Creates a http.Handler for a service configuration.
 func (m *Manager) BuildHTTP(rootCtx context.Context, serviceName string, responseModifier func(*http.Response) error) (http.Handler, error) {
+	if serviceName == "api@internal" {
+		if m.api == nil {
+			return nil, errors.New("api is not enabled")
+		}
+		return m.api, nil
+	}
+
+	if serviceName == "rest@internal" {
+		if m.rest == nil {
+			return nil, errors.New("rest is not enabled")
+		}
+		return m.rest, nil
+	}
+
 	ctx := log.With(rootCtx, log.Str(log.ServiceName, serviceName))
 
 	serviceName = internal.GetQualifiedName(ctx, serviceName)