mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-06-17 17:00:14 +00:00
feat: use dig for di in services and controllers (#936)
This commit is contained in:
Stavros
@@ -18,6 +18,7 @@ import (
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/steveiliop56/ding"
|
||||
"go.uber.org/dig"
|
||||
|
||||
"github.com/tinyauthapp/tinyauth/internal/model"
|
||||
"github.com/tinyauthapp/tinyauth/internal/repository"
|
||||
@@ -56,6 +57,7 @@ type BootstrapApp struct {
|
||||
db *sql.DB
|
||||
ding *ding.Ding
|
||||
listeners []Listener
|
||||
dig *dig.Container
|
||||
}
|
||||
|
||||
func NewBootstrapApp(config model.Config) *BootstrapApp {
|
||||
@@ -70,7 +72,11 @@ func (app *BootstrapApp) Setup() error {
|
||||
app.ctx = ctx
|
||||
app.cancel = cancel
|
||||
|
||||
// Create a ding instance
|
||||
// create the dig container
|
||||
c := dig.New()
|
||||
app.dig = c
|
||||
|
||||
// create a ding instance
|
||||
dg := ding.New(ctx)
|
||||
app.ding = dg
|
||||
|
||||
@@ -157,12 +163,6 @@ func (app *BootstrapApp) Setup() error {
|
||||
app.runtime.OAuthProviders[id] = provider
|
||||
}
|
||||
|
||||
// setup oidc clients
|
||||
for id, client := range app.config.OIDC.Clients {
|
||||
client.ID = id
|
||||
app.runtime.OIDCClients = append(app.runtime.OIDCClients, client)
|
||||
}
|
||||
|
||||
// cookie domain
|
||||
cookieDomainResolver := utils.GetCookieDomain
|
||||
|
||||
@@ -211,6 +211,33 @@ func (app *BootstrapApp) Setup() error {
|
||||
// store
|
||||
app.queries = store
|
||||
|
||||
// provide basic utilities to container
|
||||
type utilityProvider struct {
|
||||
dig.Out
|
||||
|
||||
Log *logger.Logger
|
||||
Config *model.Config
|
||||
Runtime *model.RuntimeConfig
|
||||
Ding *ding.Ding
|
||||
Ctx context.Context
|
||||
Queries repository.Store
|
||||
}
|
||||
|
||||
err = app.dig.Provide(func() utilityProvider {
|
||||
return utilityProvider{
|
||||
Log: app.log,
|
||||
Config: &app.config,
|
||||
Runtime: &app.runtime,
|
||||
Ding: app.ding,
|
||||
Ctx: app.ctx,
|
||||
Queries: app.queries,
|
||||
}
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide utilities to container: %w", err)
|
||||
}
|
||||
|
||||
// services
|
||||
err = app.setupServices()
|
||||
|
||||
|
||||
@@ -13,6 +13,7 @@ import (
|
||||
"github.com/tinyauthapp/tinyauth/internal/controller"
|
||||
"github.com/tinyauthapp/tinyauth/internal/middleware"
|
||||
"github.com/tinyauthapp/tinyauth/internal/model"
|
||||
"go.uber.org/dig"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
@@ -40,31 +41,94 @@ func (app *BootstrapApp) setupRouter() error {
|
||||
}
|
||||
}
|
||||
|
||||
contextMiddleware := middleware.NewContextMiddleware(app.log, app.runtime, app.services.authService, app.services.oauthBrokerService, app.services.tailscaleService)
|
||||
engine.Use(contextMiddleware.Middleware())
|
||||
|
||||
uiMiddleware, err := middleware.NewUIMiddleware()
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to initialize UI middleware: %w", err)
|
||||
middlewareProvideFor := []any{
|
||||
middleware.NewContextMiddleware,
|
||||
middleware.NewUIMiddleware,
|
||||
middleware.NewZerologMiddleware,
|
||||
}
|
||||
|
||||
engine.Use(uiMiddleware.Middleware())
|
||||
for _, provider := range middlewareProvideFor {
|
||||
err := app.dig.Provide(provider)
|
||||
|
||||
zerologMiddleware := middleware.NewZerologMiddleware(app.log)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide middleware: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
engine.Use(zerologMiddleware.Middleware())
|
||||
type middlewareInput struct {
|
||||
dig.In
|
||||
|
||||
apiRouter := engine.Group("/api")
|
||||
ContextMiddleware *middleware.ContextMiddleware
|
||||
UIMiddleware *middleware.UIMiddleware
|
||||
ZerologMiddleware *middleware.ZerologMiddleware
|
||||
}
|
||||
|
||||
controller.NewContextController(app.log, app.config, app.runtime, apiRouter)
|
||||
controller.NewOAuthController(app.log, app.config, app.runtime, apiRouter, app.services.authService)
|
||||
controller.NewOIDCController(app.log, app.services.oidcService, app.runtime, apiRouter, &engine.RouterGroup)
|
||||
controller.NewProxyController(app.log, app.runtime, apiRouter, app.services.accessControlService, app.services.authService, app.services.policyEngine)
|
||||
controller.NewUserController(app.log, app.runtime, apiRouter, app.services.authService)
|
||||
controller.NewResourcesController(app.config, &engine.RouterGroup)
|
||||
controller.NewHealthController(apiRouter)
|
||||
controller.NewWellKnownController(app.services.oidcService, &engine.RouterGroup)
|
||||
err := app.dig.Invoke(func(mi middlewareInput) {
|
||||
engine.Use(mi.ContextMiddleware.Middleware())
|
||||
engine.Use(mi.UIMiddleware.Middleware())
|
||||
engine.Use(mi.ZerologMiddleware.Middleware())
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to invoke middleware: %w", err)
|
||||
}
|
||||
|
||||
err = app.dig.Provide(func() *gin.RouterGroup {
|
||||
return &engine.RouterGroup
|
||||
}, dig.Name("mainRouterGroup"))
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide main router group: %w", err)
|
||||
}
|
||||
|
||||
err = app.dig.Provide(func() *gin.RouterGroup {
|
||||
return engine.Group("/api")
|
||||
}, dig.Name("apiRouterGroup"))
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide api router group: %w", err)
|
||||
}
|
||||
|
||||
controllerProvideFor := []any{
|
||||
controller.NewContextController,
|
||||
controller.NewOAuthController,
|
||||
controller.NewOIDCController,
|
||||
controller.NewProxyController,
|
||||
controller.NewUserController,
|
||||
controller.NewResourcesController,
|
||||
controller.NewHealthController,
|
||||
controller.NewWellKnownController,
|
||||
}
|
||||
|
||||
for _, provider := range controllerProvideFor {
|
||||
err := app.dig.Provide(provider)
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide controller: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
type controllerInput struct {
|
||||
dig.In
|
||||
|
||||
ContextController *controller.ContextController
|
||||
OAuthController *controller.OAuthController
|
||||
OIDCController *controller.OIDCController
|
||||
ProxyController *controller.ProxyController
|
||||
UserController *controller.UserController
|
||||
ResourcesController *controller.ResourcesController
|
||||
HealthController *controller.HealthController
|
||||
WellKnownController *controller.WellKnownController
|
||||
}
|
||||
|
||||
// force dig to build all controllers and register their routes
|
||||
err = app.dig.Invoke(func(ci controllerInput) error {
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to invoke controllers: %w", err)
|
||||
}
|
||||
|
||||
app.router = engine
|
||||
return nil
|
||||
|
||||
@@ -5,54 +5,67 @@ import (
|
||||
"os"
|
||||
|
||||
"github.com/tinyauthapp/tinyauth/internal/service"
|
||||
"go.uber.org/dig"
|
||||
)
|
||||
|
||||
func (app *BootstrapApp) setupServices() error {
|
||||
ldapService, err := service.NewLdapService(app.log, app.config, app.ding)
|
||||
err := app.setupPolicyEngine()
|
||||
|
||||
if err != nil {
|
||||
app.log.App.Warn().Err(err).Msg("Failed to initialize LDAP connection, will continue without it")
|
||||
return fmt.Errorf("failed to setup policy engine: %w", err)
|
||||
}
|
||||
|
||||
app.services.ldapService = ldapService
|
||||
|
||||
labelProvider, err := app.getLabelProvider()
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to initialize label provider: %w", err)
|
||||
return fmt.Errorf("failed to get label provider: %w", err)
|
||||
}
|
||||
|
||||
tailscaleService, err := service.NewTailscaleService(app.log, app.config, app.ctx, app.ding)
|
||||
serviceProvideFor := []any{
|
||||
func() service.LabelProvider {
|
||||
return labelProvider
|
||||
},
|
||||
service.NewLdapService,
|
||||
service.NewTailscaleService,
|
||||
service.NewAccessControlsService,
|
||||
service.NewOAuthBrokerService,
|
||||
service.NewAuthService,
|
||||
service.NewOIDCService,
|
||||
}
|
||||
|
||||
for _, provider := range serviceProvideFor {
|
||||
err = app.dig.Provide(provider)
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to provide service: %w", err)
|
||||
}
|
||||
}
|
||||
|
||||
type svcInput struct {
|
||||
dig.In
|
||||
|
||||
AccessControlService *service.AccessControlsService
|
||||
AuthService *service.AuthService
|
||||
LDAPService *service.LdapService
|
||||
OAuthBrokerService *service.OAuthBrokerService
|
||||
OIDCService *service.OIDCService
|
||||
TailscaleService *service.TailscaleService
|
||||
}
|
||||
|
||||
err = app.dig.Invoke(func(i svcInput) error {
|
||||
app.services.accessControlService = i.AccessControlService
|
||||
app.services.authService = i.AuthService
|
||||
app.services.ldapService = i.LDAPService
|
||||
app.services.oauthBrokerService = i.OAuthBrokerService
|
||||
app.services.oidcService = i.OIDCService
|
||||
app.services.tailscaleService = i.TailscaleService
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
app.log.App.Warn().Err(err).Msg("Failed to initialize Tailscale connection, will continue without it")
|
||||
return fmt.Errorf("failed to invoke services: %w", err)
|
||||
}
|
||||
|
||||
app.services.tailscaleService = tailscaleService
|
||||
|
||||
accessControlsService := service.NewAccessControlsService(app.log, app.config, &labelProvider)
|
||||
app.services.accessControlService = accessControlsService
|
||||
|
||||
err = app.setupPolicyEngine()
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to initialize policy engine: %w", err)
|
||||
}
|
||||
|
||||
oauthBrokerService := service.NewOAuthBrokerService(app.log, app.runtime.OAuthProviders, app.ctx)
|
||||
app.services.oauthBrokerService = oauthBrokerService
|
||||
|
||||
authService := service.NewAuthService(app.log, app.config, app.runtime, app.ctx, app.ding, app.services.ldapService, app.queries, app.services.oauthBrokerService, app.services.tailscaleService, app.services.policyEngine)
|
||||
app.services.authService = authService
|
||||
|
||||
oidcService, err := service.NewOIDCService(app.log, app.config, app.runtime, app.queries, app.ding)
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to initialize oidc service: %w", err)
|
||||
}
|
||||
|
||||
app.services.oidcService = oidcService
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -69,66 +82,93 @@ func (app *BootstrapApp) getLabelProvider() (service.LabelProvider, error) {
|
||||
if useKubernetes {
|
||||
app.log.App.Debug().Msg("Using Kubernetes label provider")
|
||||
|
||||
kubernetesService, err := service.NewKubernetesService(app.log, app.ctx, app.ding)
|
||||
err := app.dig.Provide(service.NewKubernetesService)
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to initialize kubernetes service: %w", err)
|
||||
return nil, fmt.Errorf("failed to provide kubernetes service: %w", err)
|
||||
}
|
||||
|
||||
app.services.kubernetesService = kubernetesService
|
||||
return kubernetesService, nil
|
||||
err = app.dig.Invoke(func(k *service.KubernetesService) error {
|
||||
app.services.kubernetesService = k
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to invoke kubernetes service: %w", err)
|
||||
}
|
||||
|
||||
// Kubernetes will fail to initialize with an error if it cannot connect to the cluster
|
||||
// but just to be safe, we check if the service is nil and log a warning if it is
|
||||
if app.services.kubernetesService == nil {
|
||||
if app.config.LabelProvider == "kubernetes" {
|
||||
app.log.App.Warn().Msg("Kubernetes label provider selected but Kubernetes is not available, will continue without it")
|
||||
}
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
return app.services.kubernetesService, nil
|
||||
}
|
||||
|
||||
app.log.App.Debug().Msg("Using Docker label provider")
|
||||
|
||||
dockerService, err := service.NewDockerService(app.log, app.ctx, app.ding)
|
||||
err := app.dig.Provide(service.NewDockerService)
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to initialize docker service: %w", err)
|
||||
return nil, fmt.Errorf("failed to provide docker service: %w", err)
|
||||
}
|
||||
|
||||
if dockerService == nil {
|
||||
err = app.dig.Invoke(func(d *service.DockerService) error {
|
||||
app.services.dockerService = d
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to invoke docker service: %w", err)
|
||||
}
|
||||
|
||||
if app.services.dockerService == nil {
|
||||
if app.config.LabelProvider == "docker" {
|
||||
app.log.App.Warn().Msg("Docker label provider selected but Docker is not available, will continue without it")
|
||||
}
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
app.services.dockerService = dockerService
|
||||
return dockerService, nil
|
||||
return app.services.dockerService, nil
|
||||
default:
|
||||
return nil, fmt.Errorf("invalid label provider: %s", app.config.LabelProvider)
|
||||
}
|
||||
}
|
||||
|
||||
func (app *BootstrapApp) setupPolicyEngine() error {
|
||||
policyEngine, err := service.NewPolicyEngine(app.config, app.log)
|
||||
err := app.dig.Provide(service.NewPolicyEngine)
|
||||
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to initialize policy engine: %w", err)
|
||||
return fmt.Errorf("failed to create policy engine: %w", err)
|
||||
}
|
||||
|
||||
policyEngine.RegisterRule(service.RuleUserAllowed, &service.UserAllowedRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleOAuthGroup, &service.OAuthGroupRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleLDAPGroup, &service.LDAPGroupRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleAuthEnabled, &service.AuthEnabledRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleIPAllowed, &service.IPAllowedRule{
|
||||
Log: app.log,
|
||||
Config: app.config,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleIPBypassed, &service.IPBypassedRule{
|
||||
Log: app.log,
|
||||
Config: app.config,
|
||||
err = app.dig.Invoke(func(policyEngine *service.PolicyEngine) error {
|
||||
policyEngine.RegisterRule(service.RuleUserAllowed, &service.UserAllowedRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleOAuthGroup, &service.OAuthGroupRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleLDAPGroup, &service.LDAPGroupRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleAuthEnabled, &service.AuthEnabledRule{
|
||||
Log: app.log,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleIPAllowed, &service.IPAllowedRule{
|
||||
Log: app.log,
|
||||
Config: app.config,
|
||||
})
|
||||
policyEngine.RegisterRule(service.RuleIPBypassed, &service.IPBypassedRule{
|
||||
Log: app.log,
|
||||
Config: app.config,
|
||||
})
|
||||
return nil
|
||||
})
|
||||
|
||||
app.services.policyEngine = policyEngine
|
||||
return nil
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user