diff --git a/config.docker.yaml b/config.docker.yaml index 0d97c24..0e1ae51 100644 --- a/config.docker.yaml +++ b/config.docker.yaml @@ -3,11 +3,13 @@ WebServer: Port: ${WEB_SERVER_PORT} PublicBase: ${WEB_SERVER_PUBLIC_BASE} TrustedPlatform: ${WEB_SERVER_TRUSTED_PLATFORM} - JwtSigningKey: ${WEB_SERVER_JWT_SIGNING_KEY} - JwtExpireHour: ${WEB_SERVER_JWT_EXPIRE_HOUR} - OAuthDomain: ${WEB_SERVER_OAUTH_DOMAIN} - OAuthClientID: ${WEB_SERVER_OAUTH_CLIENT_ID} - OAuthClientSecret: ${WEB_SERVER_OAUTH_CLIENT_SECRET} + JWT: + SigningKey: ${WEB_SERVER_JWT_SIGNING_KEY} + ExpireHour: ${WEB_SERVER_JWT_EXPIRE_HOUR} + OAuth: + Domain: ${WEB_SERVER_OAUTH_DOMAIN} + ClientID: ${WEB_SERVER_OAUTH_CLIENT_ID} + ClientSecret: ${WEB_SERVER_OAUTH_CLIENT_SECRET} Redis: Db: ${REDIS_DB} diff --git a/internal/model/config.go b/internal/model/config.go index 71d09cd..b136ed6 100644 --- a/internal/model/config.go +++ b/internal/model/config.go @@ -1,15 +1,23 @@ package model type ConfigWebServer struct { - Address string `yaml:"Address"` - Port int `yaml:"Port"` - PublicBase string `yaml:"PublicBase"` - TrustedPlatform string `yaml:"TrustedPlatform"` - JwtSigningKey string `yaml:"JwtSigningKey"` - JwtExpireHour int `yaml:"JwtExpireHour"` - OAuthDomain string `yaml:"OAuthDomain"` - OAuthClientID string `yaml:"OAuthClientID"` - OAuthClientSecret string `yaml:"OAuthClientSecret"` + Address string `yaml:"Address"` + Port int `yaml:"Port"` + PublicBase string `yaml:"PublicBase"` + TrustedPlatform string `yaml:"TrustedPlatform"` + JWT ConfigJWT `yaml:"JWT"` + OAuth ConfigOAuth `yaml:"OAuth"` +} + +type ConfigJWT struct { + SigningKey string `yaml:"SigningKey"` + ExpireHour int `yaml:"ExpireHour"` +} + +type ConfigOAuth struct { + Domain string `yaml:"Domain"` + ClientID string `yaml:"ClientID"` + ClientSecret string `yaml:"ClientSecret"` } type ConfigRedis struct { diff --git a/internal/web/jwt/service.go b/internal/web/jwt/service.go index 09ba74a..86e6c97 100644 --- a/internal/web/jwt/service.go +++ b/internal/web/jwt/service.go @@ -29,8 +29,8 @@ func NewService(i *do.Injector) (Service, error) { srv.cacheService = do.MustInvoke[cache.Service](i) // .Get().(*redis.Client) conf := do.MustInvoke[config.Service](i).GetConfig() - srv.SigningKey = []byte(conf.WebServer.JwtSigningKey) - srv.ExpireHour = conf.WebServer.JwtExpireHour + srv.SigningKey = []byte(conf.WebServer.JWT.SigningKey) + srv.ExpireHour = conf.WebServer.JWT.ExpireHour return srv, srv.err } diff --git a/internal/web/oauth/service.go b/internal/web/oauth/service.go index 48e2d90..68e357a 100644 --- a/internal/web/oauth/service.go +++ b/internal/web/oauth/service.go @@ -40,21 +40,21 @@ func NewService(i *do.Injector) (Service, error) { conf := do.MustInvoke[config.Service](i).GetConfig() - if conf.WebServer.OAuthDomain == "" { + if conf.WebServer.OAuth.Domain == "" { return srv, srv.err } - srv.provider, srv.err = oidc.NewProvider(context.Background(), conf.WebServer.OAuthDomain) + srv.provider, srv.err = oidc.NewProvider(context.Background(), conf.WebServer.OAuth.Domain) if srv.err != nil { - srv.log.Error("failed to create oauth provider", zap.Error(srv.err), zap.String("domain", conf.WebServer.OAuthDomain)) + srv.log.Error("failed to create oauth provider", zap.Error(srv.err), zap.String("domain", conf.WebServer.OAuth.Domain)) return srv, srv.err } - srv.verifier = srv.provider.Verifier(&oidc.Config{ClientID: conf.WebServer.OAuthClientID}) + srv.verifier = srv.provider.Verifier(&oidc.Config{ClientID: conf.WebServer.OAuth.ClientID}) srv.conf = oauth2.Config{ - ClientID: conf.WebServer.OAuthClientID, - ClientSecret: conf.WebServer.OAuthClientSecret, + ClientID: conf.WebServer.OAuth.ClientID, + ClientSecret: conf.WebServer.OAuth.ClientSecret, RedirectURL: conf.WebServer.PublicBase + callbackPath, Endpoint: srv.provider.Endpoint(), Scopes: []string{oidc.ScopeOpenID, "profile", "email", "roles"},