Merge pull request #7 from formancehq/feature/handle-strip-prefix

feat: refactor to properly handle urls prefix stripped.
formancehq · Oct 3, 2022 · 5f63146 · 5f63146
2 parents 5cf1ee9 + 6d7f81e
commit 5f63146
Show file tree

Hide file tree

Showing 10 changed files with 48 additions and 147 deletions.
diff --git a/cmd/serve.go b/cmd/serve.go
@@ -5,7 +5,6 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
-	"net/url"
 
 	auth "github.com/formancehq/auth/pkg"
 	"github.com/formancehq/auth/pkg/api"
@@ -71,11 +70,6 @@ var serveCmd = &cobra.Command{
 			return errors.New("base url must be defined")
 		}
 
-		baseUrl, err := url.Parse(viper.GetString(baseUrlFlag))
-		if err != nil {
-			return errors.Wrap(err, "parsing base url")
-		}
-
 		delegatedClientID := viper.GetString(delegatedClientIDFlag)
 		if delegatedClientID == "" {
 			return errors.New("delegated client id must be defined")
@@ -127,10 +121,10 @@ var serveCmd = &cobra.Command{
 				Issuer:       delegatedIssuer,
 				ClientID:     delegatedClientID,
 				ClientSecret: delegatedClientSecret,
-				RedirectURL:  fmt.Sprintf("%s/authorize/callback", baseUrl.String()),
+				RedirectURL:  fmt.Sprintf("%s/authorize/callback", viper.GetString(baseUrlFlag)),
 			}),
-			api.Module(":8080", baseUrl),
-			oidc.Module(key, baseUrl, o.Clients...),
+			api.Module(":8080"),
+			oidc.Module(key, viper.GetString(baseUrlFlag), o.Clients...),
 			authorization.Module(),
 			sqlstorage.Module(sqlstorage.KindPostgres, viper.GetString(postgresUriFlag),
 				viper.GetBool(debugFlag), key, o.Clients...),

diff --git a/pkg/api/authorization/module.go b/pkg/api/authorization/module.go
@@ -11,14 +11,14 @@ import (
 
 func Module() fx.Option {
 	return fx.Options(
-		fx.Invoke(fx.Annotate(func(router *mux.Router, o op.OpenIDProvider) error {
+		fx.Invoke(func(router *mux.Router, o op.OpenIDProvider) error {
 			return router.Walk(func(route *mux.Route, router *mux.Router, ancestors []*mux.Route) error {
 				route.Handler(
 					middleware(o)(route.GetHandler()),
 				)
 				return nil
 			})
-		}, fx.ParamTags(`name:"prefixedRouter"`))),
+		}),
 	)
 }
 

diff --git a/pkg/api/routing/context.go → pkg/api/context.go b/pkg/api/routing/context.go → pkg/api/context.go
@@ -1,4 +1,4 @@
-package routing
+package api
 
 import (
 	"context"

diff --git a/pkg/api/module.go b/pkg/api/module.go
@@ -1,21 +1,47 @@
 package api
 
 import (
-	"net/url"
+	"context"
+	"net/http"
 
-	"github.com/formancehq/auth/pkg/api/routing"
+	"github.com/gorilla/mux"
 	sharedhealth "github.com/numary/go-libs/sharedhealth/pkg"
+	"go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux"
 	"go.uber.org/fx"
 )
 
-func Module(addr string, baseUrl *url.URL) fx.Option {
+func CreateRootRouter(healthController *sharedhealth.HealthController) *mux.Router {
+	rootRouter := mux.NewRouter()
+	rootRouter.Use(otelmux.Middleware("auth"))
+	rootRouter.Use(func(handler http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "application/json")
+			handler.ServeHTTP(w, r)
+		})
+	})
+	rootRouter.Path("/_healthcheck").HandlerFunc(healthController.Check)
+
+	return rootRouter
+}
+
+func Module(addr string) fx.Option {
 	return fx.Options(
 		sharedhealth.ProvideHealthCheck(delegatedOIDCServerAvailability),
-		routing.Module(addr, baseUrl),
+		sharedhealth.Module(),
+		fx.Provide(func(healthController *sharedhealth.HealthController) *mux.Router {
+			return CreateRootRouter(healthController)
+		}),
+		fx.Invoke(func(lc fx.Lifecycle, router *mux.Router, healthController *sharedhealth.HealthController) {
+			lc.Append(fx.Hook{
+				OnStart: func(ctx context.Context) error {
+					return StartServer(ctx, addr, router)
+				},
+			})
+		}),
 		fx.Invoke(
-			fx.Annotate(addClientRoutes, fx.ParamTags(``, `name:"prefixedRouter"`)),
-			fx.Annotate(addScopeRoutes, fx.ParamTags(``, `name:"prefixedRouter"`)),
-			fx.Annotate(addUserRoutes, fx.ParamTags(``, `name:"prefixedRouter"`)),
+			addClientRoutes,
+			addScopeRoutes,
+			addUserRoutes,
 		),
 	)
 }
diff --git a/pkg/api/routing/module.go b/pkg/api/routing/module.go
diff --git a/pkg/api/routing/module_test.go b/pkg/api/routing/module_test.go
diff --git a/pkg/api/routing/server.go → pkg/api/server.go b/pkg/api/routing/server.go → pkg/api/server.go
@@ -1,4 +1,4 @@
-package routing
+package api
 
 import (
 	"context"

diff --git a/pkg/oidc/module.go b/pkg/oidc/module.go
@@ -3,7 +3,6 @@ package oidc
 import (
 	"context"
 	"crypto/rsa"
-	"net/url"
 
 	auth "github.com/formancehq/auth/pkg"
 	"github.com/formancehq/auth/pkg/delegatedauth"
@@ -13,11 +12,11 @@ import (
 	"go.uber.org/fx"
 )
 
-func Module(privateKey *rsa.PrivateKey, baseUrl *url.URL, staticClients ...auth.StaticClient) fx.Option {
+func Module(privateKey *rsa.PrivateKey, issuer string, staticClients ...auth.StaticClient) fx.Option {
 	return fx.Options(
-		fx.Invoke(fx.Annotate(func(router *mux.Router, provider op.OpenIDProvider, storage Storage, relyingParty rp.RelyingParty) {
-			AddRoutes(router, provider, storage, relyingParty, baseUrl)
-		}, fx.ParamTags(`name:"rootRouter"`))),
+		fx.Invoke(func(router *mux.Router, provider op.OpenIDProvider, storage Storage, relyingParty rp.RelyingParty) {
+			AddRoutes(router, provider, storage, relyingParty)
+		}),
 		fx.Provide(fx.Annotate(func(storage Storage, relyingParty rp.RelyingParty) *storageFacade {
 			return NewStorageFacade(storage, relyingParty, privateKey, staticClients...)
 		}, fx.As(new(op.Storage)))),
@@ -27,7 +26,7 @@ func Module(privateKey *rsa.PrivateKey, baseUrl *url.URL, staticClients ...auth.
 				return nil, err
 			}
 
-			return NewOpenIDProvider(context.TODO(), storage, baseUrl.String(), configuration.Issuer, *keySet)
+			return NewOpenIDProvider(context.TODO(), storage, issuer, configuration.Issuer, *keySet)
 		}),
 	)
 }
diff --git a/pkg/oidc/oidc_test.go b/pkg/oidc/oidc_test.go
@@ -77,12 +77,9 @@ func withServer(t *testing.T, fn func(m *mockoidc.MockOIDC, storage *sqlstorage.
 	provider, err := oidc.NewOpenIDProvider(context.TODO(), storageFacade, serverUrl, mockOIDC.Issuer(), *keySet)
 	require.NoError(t, err)
 
-	u, err := url.Parse(serverUrl)
-	require.NoError(t, err)
-
 	// Create the router
 	router := mux.NewRouter()
-	oidc.AddRoutes(router, provider, storage, serverRelyingParty, u)
+	oidc.AddRoutes(router, provider, storage, serverRelyingParty)
 
 	// Create our http server for our oidc provider
 	providerHttpServer := &http.Server{

diff --git a/pkg/oidc/router.go b/pkg/oidc/router.go
@@ -1,18 +1,15 @@
 package oidc
 
 import (
-	"net/http"
-	"net/url"
-
 	"github.com/gorilla/mux"
 	"github.com/zitadel/oidc/pkg/client/rp"
 	"github.com/zitadel/oidc/pkg/op"
 )
 
-func AddRoutes(router *mux.Router, provider op.OpenIDProvider, storage Storage, relyingParty rp.RelyingParty, baseUrl *url.URL) {
+func AddRoutes(router *mux.Router, provider op.OpenIDProvider, storage Storage, relyingParty rp.RelyingParty) {
 	router.NewRoute().Path("/authorize/callback").Queries("code", "{code}").
 		Handler(authorizeCallbackHandler(provider, storage, relyingParty))
 	router.NewRoute().Path("/authorize/callback").Queries("error", "{error}").
 		Handler(authorizeErrorHandler())
-	router.PathPrefix("/").Handler(http.StripPrefix(baseUrl.Path, provider.HttpHandler()))
+	router.PathPrefix("/").Handler(provider.HttpHandler())
 }