chore: rabbit comments

2026-06-14 23:40:16 +00:00 · 2026-06-14 18:20:17 +03:00
parent 4b323d07ab
commit 8426db306d
8 changed files with 23 additions and 25 deletions
@@ -21,6 +21,7 @@ require (
 	github.com/stretchr/testify v1.11.1
 	github.com/tinyauthapp/paerser v0.0.0-20260410140347-85c3740d6298
 	github.com/weppos/publicsuffix-go v0.50.3
+	go.uber.org/dig v1.19.0
 	golang.org/x/crypto v0.52.0
 	golang.org/x/oauth2 v0.36.0
 	golang.org/x/tools v0.45.0
@@ -152,7 +153,6 @@ require (
 	go.opentelemetry.io/otel/sdk v1.43.0 // indirect
 	go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
 	go.opentelemetry.io/otel/trace v1.43.0 // indirect
-	go.uber.org/dig v1.19.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go4.org/mem v0.0.0-20240501181205-ae6ca9944745 // indirect
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
@@ -163,12 +163,6 @@ func (app *BootstrapApp) Setup() error {
 		app.runtime.OAuthProviders[id] = provider
 	}

-	// setup oidc clients
-	for id, client := range app.config.OIDC.Clients {
-		client.ID = id
-		app.runtime.OIDCClients = append(app.runtime.OIDCClients, client)
-	}
-
 	// cookie domain
 	cookieDomainResolver := utils.GetCookieDomain

@@ -71,13 +71,11 @@ func (app *BootstrapApp) setupServices() error {
 	}

 	err = app.dig.Invoke(func(i svcInput) error {
-		app.services = Services{
-			accessControlService: i.AccessControlService,
-			authService:          i.AuthService,
-			ldapService:          i.LDAPService,
-			oauthBrokerService:   i.OAuthBrokerService,
-			tailscaleService:     i.TailscaleService,
-		}
+		app.services.accessControlService = i.AccessControlService
+		app.services.authService = i.AuthService
+		app.services.ldapService = i.LDAPService
+		app.services.oauthBrokerService = i.OAuthBrokerService
+		app.services.tailscaleService = i.TailscaleService
 		return nil
 	})

@@ -35,7 +35,7 @@ type WellKnownControllerInput struct {
 	dig.In

 	OIDCService *service.OIDCService
-	RouterGroup *gin.RouterGroup `name:"apiRouterGroup"`
+	RouterGroup *gin.RouterGroup `name:"mainRouterGroup"`
 }

 func NewWellKnownController(i WellKnownControllerInput) *WellKnownController {
@@ -12,7 +12,6 @@ type RuntimeConfig struct {
 	OAuthProviders         map[string]OAuthServiceConfig
 	OAuthWhitelist         []string
 	ConfiguredProviders    []Provider
-	OIDCClients            []OIDCClientConfig
 	TrustedDomains         []string
 }

@@ -4,6 +4,7 @@ import (
 	"testing"

 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/tinyauthapp/tinyauth/internal/model"
 	"github.com/tinyauthapp/tinyauth/internal/utils/logger"
 )
@@ -12,6 +13,19 @@ func TestIsEmailWhitelistedUsesProviderSpecificList(t *testing.T) {
 	log := logger.NewLogger().WithTestConfig()
 	log.Init()

+	policyEngine, err := NewPolicyEngine(PolicyEngineInput{
+		Log: log,
+		Config: &model.Config{
+			Auth: model.AuthConfig{
+				ACLs: model.ACLsConfig{
+					Policy: string(PolicyAllow),
+				},
+			},
+		},
+	})
+
+	require.NoError(t, err)
+
 	auth := &AuthService{
 		log: log,
 		runtime: &model.RuntimeConfig{
@@ -28,6 +42,7 @@ func TestIsEmailWhitelistedUsesProviderSpecificList(t *testing.T) {
 				},
 			},
 		},
+		policyEngine: policyEngine,
 	}

 	assert.True(t, auth.IsEmailWhitelisted("github", "github@example.com"))
@@ -163,7 +163,7 @@ type OIDCServiceInput struct {

 func NewOIDCService(i OIDCServiceInput) (*OIDCService, error) {
 	// If not configured, skip init
-	if len(i.Runtime.OIDCClients) == 0 {
+	if len(i.Config.OIDC.Clients) == 0 {
 		return nil, nil
 	}

@@ -121,14 +121,6 @@ func CreateTestConfigs(t *testing.T) (model.Config, model.RuntimeConfig) {
 		CookieDomain:      "example.com",
 		AppURL:            "https://tinyauth.example.com",
 		SessionCookieName: "tinyauth-session",
-		OIDCClients: func() []model.OIDCClientConfig {
-			var clients []model.OIDCClientConfig
-			for id, client := range config.OIDC.Clients {
-				client.ID = id
-				clients = append(clients, client)
-			}
-			return clients
-		}(),
 	}

 	return config, runtime