refactor: use one struct for context handling and cancellation

2026-05-09 22:08:12 +00:00 · 2026-05-07 22:31:51 +03:00
parent cc357f35ef
commit 592c221b2d
7 changed files with 327 additions and 210 deletions
@@ -3,98 +3,137 @@ package bootstrap
 import (
 	"bytes"
 	"context"
+	"database/sql"
 	"encoding/json"
+	"errors"
 	"fmt"
+	"net"
 	"net/http"
 	"net/url"
 	"os"
+	"os/signal"
 	"sort"
 	"strings"
+	"syscall"
 	"time"

+	"github.com/gin-gonic/gin"
 	"github.com/tinyauthapp/tinyauth/internal/controller"
 	"github.com/tinyauthapp/tinyauth/internal/model"
 	"github.com/tinyauthapp/tinyauth/internal/repository"
+	"github.com/tinyauthapp/tinyauth/internal/service"
 	"github.com/tinyauthapp/tinyauth/internal/utils"
-	"github.com/tinyauthapp/tinyauth/internal/utils/tlog"
+	"github.com/tinyauthapp/tinyauth/internal/utils/logger"
 )

-type BootstrapApp struct {
-	config  model.Config
-	context struct {
-		appUrl                 string
-		uuid                   string
-		cookieDomain           string
-		sessionCookieName      string
-		csrfCookieName         string
-		redirectCookieName     string
-		oauthSessionCookieName string
-		localUsers             *[]model.LocalUser
-		oauthProviders         map[string]model.OAuthServiceConfig
-		oauthWhitelist         []string
-		configuredProviders    []controller.Provider
-		oidcClients            []model.OIDCClientConfig
-	}
-	services Services
+type Services struct {
+	accessControlService *service.AccessControlsService
+	authService          *service.AuthService
+	dockerService        *service.DockerService
+	kubernetesService    *service.KubernetesService
+	ldapService          *service.LdapService
+	oauthBrokerService   *service.OAuthBrokerService
+	oidcService          *service.OIDCService
 }

-func NewBootstrapApp(config model.Config) *BootstrapApp {
-	return &BootstrapApp{
+type RuntimeConfig struct {
+	appUrl                 string
+	uuid                   string
+	cookieDomain           string
+	sessionCookieName      string
+	csrfCookieName         string
+	redirectCookieName     string
+	oauthSessionCookieName string
+	localUsers             []model.LocalUser
+	oauthProviders         map[string]model.OAuthServiceConfig
+	oauthWhitelist         []string
+	configuredProviders    []controller.Provider
+	oidcClients            []model.OIDCClientConfig
+	labelProvider          service.LabelProvider
+}
+
+type App struct {
+	config   model.Config
+	runtime  RuntimeConfig
+	services Services
+	log      *logger.Logger
+	ctx      context.Context
+	cancel   context.CancelFunc
+	queries  *repository.Queries
+	router   *gin.Engine
+	db       *sql.DB
+}
+
+func NewBootstrapApp(config model.Config) *App {
+	return &App{
 		config: config,
 	}
 }

-func (app *BootstrapApp) Setup() error {
+func (app *App) Setup() error {
+	// create context
+	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM)
+	app.ctx = ctx
+	app.cancel = cancel
+
+	// setup logger
+	log := logger.NewLogger().WithConfig(app.config.Log)
+	log.Init()
+	app.log = log
+
 	// get app url
 	if app.config.AppURL == "" {
-		return fmt.Errorf("app URL cannot be empty, perhaps config loading failed")
+		return errors.New("app url cannot be empty, perhaps config loading failed")
 	}

 	appUrl, err := url.Parse(app.config.AppURL)

 	if err != nil {
-		return err
+		return fmt.Errorf("failed to parse app url: %w", err)
 	}

-	app.context.appUrl = appUrl.Scheme + "://" + appUrl.Host
+	app.runtime.appUrl = appUrl.Scheme + "://" + appUrl.Host

 	// validate session config
 	if app.config.Auth.SessionMaxLifetime != 0 && app.config.Auth.SessionMaxLifetime < app.config.Auth.SessionExpiry {
-		return fmt.Errorf("session max lifetime cannot be less than session expiry")
+		return errors.New("session max lifetime cannot be less than session expiry")
 	}

-	// Parse users
+	// parse users
 	users, err := utils.GetUsers(app.config.Auth.Users, app.config.Auth.UsersFile, app.config.Auth.UserAttributes)

 	if err != nil {
-		return err
+		return fmt.Errorf("failed to load users: %w", err)
 	}

-	app.context.localUsers = users
+	app.runtime.localUsers = *users

+	// load oauth whitelist
 	oauthWhitelist, err := utils.GetStringList(app.config.OAuth.Whitelist, app.config.OAuth.WhitelistFile)
+
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to load oauth whitelist: %w", err)
 	}

-	app.context.oauthWhitelist = oauthWhitelist
+	app.runtime.oauthWhitelist = oauthWhitelist

-	// Setup OAuth providers
-	app.context.oauthProviders = app.config.OAuth.Providers
+	// Setup oauth providers
+	app.runtime.oauthProviders = app.config.OAuth.Providers

-	for name, provider := range app.context.oauthProviders {
+	for id, provider := range app.runtime.oauthProviders {
 		secret := utils.GetSecret(provider.ClientSecret, provider.ClientSecretFile)
 		provider.ClientSecret = secret
 		provider.ClientSecretFile = ""

 		if provider.RedirectURL == "" {
-			provider.RedirectURL = app.context.appUrl + "/api/oauth/callback/" + name
+			provider.RedirectURL = app.runtime.appUrl + "/api/oauth/callback/" + id
 		}

-		app.context.oauthProviders[name] = provider
+		app.runtime.oauthProviders[id] = provider
 	}

-	for id, provider := range app.context.oauthProviders {
+	// set presets for built-in providers
+	for id, provider := range app.runtime.oauthProviders {
 		if provider.Name == "" {
 			if name, ok := model.OverrideProviders[id]; ok {
 				provider.Name = name
@@ -102,70 +141,63 @@ func (app *BootstrapApp) Setup() error {
 				provider.Name = utils.Capitalize(id)
 			}
 		}
-		app.context.oauthProviders[id] = provider
+		app.runtime.oauthProviders[id] = provider
 	}

-	// Setup OIDC clients
+	// setup oidc clients
 	for id, client := range app.config.OIDC.Clients {
 		client.ID = id
-		app.context.oidcClients = append(app.context.oidcClients, client)
+		app.runtime.oidcClients = append(app.runtime.oidcClients, client)
 	}

-	// Get cookie domain
+	// cookie domain
 	cookieDomainResolver := utils.GetCookieDomain
+
 	if !app.config.Auth.SubdomainsEnabled {
-		tlog.App.Info().Msg("Subdomains disabled, automatic authentication for proxied apps will not work")
+		app.log.App.Warn().Msg("Subdomains are disabled, using standalone cookie domain resolver which will not work with subdomains")
 		cookieDomainResolver = utils.GetStandaloneCookieDomain
 	}

-	cookieDomain, err := cookieDomainResolver(app.context.appUrl)
+	cookieDomain, err := cookieDomainResolver(app.runtime.appUrl)

 	if err != nil {
-		return err
+		return fmt.Errorf("failed to get cookie domain: %w", err)
 	}

-	app.context.cookieDomain = cookieDomain
+	app.runtime.cookieDomain = cookieDomain

-	// Cookie names
-	app.context.uuid = utils.GenerateUUID(appUrl.Hostname())
-	cookieId := strings.Split(app.context.uuid, "-")[0]
-	app.context.sessionCookieName = fmt.Sprintf("%s-%s", model.SessionCookieName, cookieId)
-	app.context.csrfCookieName = fmt.Sprintf("%s-%s", model.CSRFCookieName, cookieId)
-	app.context.redirectCookieName = fmt.Sprintf("%s-%s", model.RedirectCookieName, cookieId)
-	app.context.oauthSessionCookieName = fmt.Sprintf("%s-%s", model.OAuthSessionCookieName, cookieId)
+	// cookie names
+	app.runtime.uuid = utils.GenerateUUID(appUrl.Hostname())

-	// Dumps
-	tlog.App.Trace().Interface("config", app.config).Msg("Config dump")
-	tlog.App.Trace().Interface("users", app.context.localUsers).Msg("Users dump")
-	tlog.App.Trace().Interface("oauthProviders", app.context.oauthProviders).Msg("OAuth providers dump")
-	tlog.App.Trace().Str("cookieDomain", app.context.cookieDomain).Msg("Cookie domain")
-	tlog.App.Trace().Str("sessionCookieName", app.context.sessionCookieName).Msg("Session cookie name")
-	tlog.App.Trace().Str("csrfCookieName", app.context.csrfCookieName).Msg("CSRF cookie name")
-	tlog.App.Trace().Str("redirectCookieName", app.context.redirectCookieName).Msg("Redirect cookie name")
+	cookieId := strings.Split(app.runtime.uuid, "-")[0] // first 8 characters of the uuid should be good enough

-	// Database
-	db, err := app.SetupDatabase(app.config.Database.Path)
+	app.runtime.sessionCookieName = fmt.Sprintf("%s-%s", model.SessionCookieName, cookieId)
+	app.runtime.csrfCookieName = fmt.Sprintf("%s-%s", model.CSRFCookieName, cookieId)
+	app.runtime.redirectCookieName = fmt.Sprintf("%s-%s", model.RedirectCookieName, cookieId)
+	app.runtime.oauthSessionCookieName = fmt.Sprintf("%s-%s", model.OAuthSessionCookieName, cookieId)
+
+	// database
+	err = app.SetupDatabase()

 	if err != nil {
 		return fmt.Errorf("failed to setup database: %w", err)
 	}

-	// Queries
-	queries := repository.New(db)
+	// queries
+	queries := repository.New(app.db)
+	app.queries = queries

-	// Services
-	services, err := app.initServices(queries)
+	// services
+	err = app.setupServices()

 	if err != nil {
 		return fmt.Errorf("failed to initialize services: %w", err)
 	}

-	app.services = services
-
-	// Configured providers
+	// configured providers
 	configuredProviders := make([]controller.Provider, 0)

-	for id, provider := range app.context.oauthProviders {
+	for id, provider := range app.runtime.oauthProviders {
 		configuredProviders = append(configuredProviders, controller.Provider{
 			Name:  provider.Name,
 			ID:    id,
@@ -177,7 +209,7 @@ func (app *BootstrapApp) Setup() error {
 		return configuredProviders[i].Name < configuredProviders[j].Name
 	})

-	if services.authService.LocalAuthConfigured() {
+	if app.services.authService.LocalAuthConfigured() {
 		configuredProviders = append(configuredProviders, controller.Provider{
 			Name:  "Local",
 			ID:    "local",
@@ -185,7 +217,7 @@ func (app *BootstrapApp) Setup() error {
 		})
 	}

-	if services.authService.LDAPAuthConfigured() {
+	if app.services.authService.LDAPAuthConfigured() {
 		configuredProviders = append(configuredProviders, controller.Provider{
 			Name:  "LDAP",
 			ID:    "ldap",
@@ -193,77 +225,150 @@ func (app *BootstrapApp) Setup() error {
 		})
 	}

-	tlog.App.Debug().Interface("providers", configuredProviders).Msg("Authentication providers")
-
 	if len(configuredProviders) == 0 {
-		return fmt.Errorf("no authentication providers configured")
+		return errors.New("no authentication providers configured")
 	}

-	app.context.configuredProviders = configuredProviders
+	for _, provider := range app.runtime.configuredProviders {
+		app.log.App.Debug().Str("provider", provider.Name).Msg("Configured authentication provider")
+	}

-	// Setup router
-	router, err := app.setupRouter()
+	app.runtime.configuredProviders = configuredProviders
+
+	// setup router
+	err = app.setupRouter()

 	if err != nil {
 		return fmt.Errorf("failed to setup routes: %w", err)
 	}

-	// Start db cleanup routine
-	tlog.App.Debug().Msg("Starting database cleanup routine")
-	go app.dbCleanupRoutine(queries)
+	// start db cleanup routine
+	app.log.App.Debug().Msg("Starting database cleanup routine")
+	go app.dbCleanupRoutine()

-	// If analytics are not disabled, start heartbeat
+	// if analytics are not disabled, start heartbeat
 	if app.config.Analytics.Enabled {
-		tlog.App.Debug().Msg("Starting heartbeat routine")
+		app.log.App.Debug().Msg("Starting heartbeat routine")
 		go app.heartbeatRoutine()
 	}

-	// If we have an socket path, bind to it
-	if app.config.Server.SocketPath != "" {
-		if _, err := os.Stat(app.config.Server.SocketPath); err == nil {
-			tlog.App.Info().Msgf("Removing existing socket file %s", app.config.Server.SocketPath)
-			err := os.Remove(app.config.Server.SocketPath)
-			if err != nil {
-				return fmt.Errorf("failed to remove existing socket file: %w", err)
-			}
-		}
+	// create err channel to listen for server errors
+	errChan := make(chan error, 1)

-		tlog.App.Info().Msgf("Starting server on unix socket %s", app.config.Server.SocketPath)
-		if err := router.RunUnix(app.config.Server.SocketPath); err != nil {
-			tlog.App.Fatal().Err(err).Msg("Failed to start server")
-		}
+	// serve unix
+	go func() {
+		errChan <- app.serveUnix()
+	}()

+	// serve to http
+	go func() {
+		errChan <- app.serveHTTP()
+	}()
+
+	// monitor cancellation and server errors
+	select {
+	case <-app.ctx.Done():
+		app.log.App.Debug().Msg("Shutting down application")
 		return nil
-	}
-
-	// Start server
-	address := fmt.Sprintf("%s:%d", app.config.Server.Address, app.config.Server.Port)
-	tlog.App.Info().Msgf("Starting server on %s", address)
-	if err := router.Run(address); err != nil {
-		tlog.App.Fatal().Err(err).Msg("Failed to start server")
+	case err := <-errChan:
+		if err != nil {
+			return fmt.Errorf("server error: %w", err)
+		}
 	}

 	return nil
 }

-func (app *BootstrapApp) heartbeatRoutine() {
+func (app *App) serveHTTP() error {
+	address := fmt.Sprintf("%s:%d", app.config.Server.Address, app.config.Server.Port)
+
+	app.log.App.Info().Msgf("Starting server on %s", address)
+
+	server := &http.Server{
+		Addr:    address,
+		Handler: app.router.Handler(),
+	}
+
+	go func() {
+		<-app.ctx.Done()
+		app.log.App.Debug().Msg("Shutting down server")
+		server.Close()
+	}()
+
+	err := server.ListenAndServe()
+
+	if err != nil && !errors.Is(err, http.ErrServerClosed) {
+		return fmt.Errorf("failed to start server: %w", err)
+	}
+
+	return nil
+}
+
+func (app *App) serveUnix() error {
+	if app.config.Server.SocketPath == "" {
+		return nil
+	}
+
+	_, err := os.Stat(app.config.Server.SocketPath)
+
+	if err == nil {
+		app.log.App.Info().Msgf("Removing existing socket file %s", app.config.Server.SocketPath)
+		err := os.Remove(app.config.Server.SocketPath)
+
+		if err != nil {
+			return fmt.Errorf("failed to remove existing socket file: %w", err)
+		}
+	}
+
+	app.log.App.Info().Msgf("Starting server on unix socket %s", app.config.Server.SocketPath)
+
+	listener, err := net.Listen("unix", app.config.Server.SocketPath)
+
+	if err != nil {
+		return fmt.Errorf("failed to create unix socket listner: %w", err)
+	}
+
+	defer listener.Close()
+	defer os.Remove(app.config.Server.SocketPath)
+
+	go func() {
+		<-app.ctx.Done()
+		app.log.App.Debug().Msg("Shutting down server")
+		listener.Close()
+		os.Remove(app.config.Server.SocketPath)
+	}()
+
+	server := &http.Server{
+		Handler: app.router.Handler(),
+	}
+
+	err = server.Serve(listener)
+
+	if err != nil && !errors.Is(err, net.ErrClosed) {
+		return fmt.Errorf("failed to start server: %w", err)
+	}
+
+	return nil
+}
+
+func (app *App) heartbeatRoutine() {
 	ticker := time.NewTicker(time.Duration(12) * time.Hour)
 	defer ticker.Stop()

-	type heartbeat struct {
+	type Heartbeat struct {
 		UUID    string `json:"uuid"`
 		Version string `json:"version"`
 	}

-	var body heartbeat
+	var body Heartbeat

-	body.UUID = app.context.uuid
+	body.UUID = app.runtime.uuid
 	body.Version = model.Version

 	bodyJson, err := json.Marshal(body)

 	if err != nil {
-		tlog.App.Error().Err(err).Msg("Failed to marshal heartbeat body")
+		app.log.App.Error().Err(err).Msg("Failed to marshal heartbeat body, heartbeat routine will not start")
 		return
 	}

@@ -273,43 +378,58 @@ func (app *BootstrapApp) heartbeatRoutine() {

 	heartbeatURL := model.APIServer + "/v1/instances/heartbeat"

-	for range ticker.C {
-		tlog.App.Debug().Msg("Sending heartbeat")
+	for {
+		select {
+		case <-ticker.C:
+			app.log.App.Debug().Msg("Sending heartbeat")

-		req, err := http.NewRequest(http.MethodPost, heartbeatURL, bytes.NewReader(bodyJson))
+			req, err := http.NewRequest(http.MethodPost, heartbeatURL, bytes.NewReader(bodyJson))

-		if err != nil {
-			tlog.App.Error().Err(err).Msg("Failed to create heartbeat request")
-			continue
-		}
+			if err != nil {
+				app.log.App.Error().Err(err).Msg("Failed to create heartbeat request")
+				continue
+			}

-		req.Header.Add("Content-Type", "application/json")
+			req.Header.Add("Content-Type", "application/json")

-		res, err := client.Do(req)
+			res, err := client.Do(req)

-		if err != nil {
-			tlog.App.Error().Err(err).Msg("Failed to send heartbeat")
-			continue
-		}
+			if err != nil {
+				app.log.App.Error().Err(err).Msg("Failed to send heartbeat")
+				continue
+			}

-		res.Body.Close()
+			res.Body.Close()

-		if res.StatusCode != 200 && res.StatusCode != 201 {
-			tlog.App.Debug().Str("status", res.Status).Msg("Heartbeat returned non-200/201 status")
+			if res.StatusCode != 200 && res.StatusCode != 201 {
+				app.log.App.Debug().Str("status", res.Status).Msg("Heartbeat returned non-200/201 status")
+			}
+		case <-app.ctx.Done():
+			app.log.App.Debug().Msg("Stopping heartbeat routine")
+			ticker.Stop()
+			return
 		}
 	}
 }

-func (app *BootstrapApp) dbCleanupRoutine(queries *repository.Queries) {
+func (app *App) dbCleanupRoutine() {
 	ticker := time.NewTicker(time.Duration(30) * time.Minute)
 	defer ticker.Stop()
-	ctx := context.Background()

-	for range ticker.C {
-		tlog.App.Debug().Msg("Cleaning up old database sessions")
-		err := queries.DeleteExpiredSessions(ctx, time.Now().Unix())
-		if err != nil {
-			tlog.App.Error().Err(err).Msg("Failed to clean up old database sessions")
+	for {
+		select {
+		case <-ticker.C:
+			app.log.App.Debug().Msg("Running database cleanup")
+
+			err := app.queries.DeleteExpiredSessions(app.ctx, time.Now().Unix())
+
+			if err != nil {
+				app.log.App.Error().Err(err).Msg("Failed to delete expired sessions")
+			}
+		case <-app.ctx.Done():
+			app.log.App.Debug().Msg("Stopping database cleanup routine")
+			ticker.Stop()
+			return
 		}
 	}
 }