chore: re-organize config

config.docker.yaml

@@ -3,11 +3,13 @@ WebServer:
   Port: ${WEB_SERVER_PORT}
   PublicBase: ${WEB_SERVER_PUBLIC_BASE}
   TrustedPlatform: ${WEB_SERVER_TRUSTED_PLATFORM}
-  JwtSigningKey: ${WEB_SERVER_JWT_SIGNING_KEY}
+  JWT:
-  JwtExpireHour: ${WEB_SERVER_JWT_EXPIRE_HOUR}
+    SigningKey: ${WEB_SERVER_JWT_SIGNING_KEY}
-  OAuthDomain: ${WEB_SERVER_OAUTH_DOMAIN}
+    ExpireHour: ${WEB_SERVER_JWT_EXPIRE_HOUR}
-  OAuthClientID: ${WEB_SERVER_OAUTH_CLIENT_ID}
+  OAuth:
-  OAuthClientSecret: ${WEB_SERVER_OAUTH_CLIENT_SECRET}
+    Domain: ${WEB_SERVER_OAUTH_DOMAIN}
+    ClientID: ${WEB_SERVER_OAUTH_CLIENT_ID}
+    ClientSecret: ${WEB_SERVER_OAUTH_CLIENT_SECRET}
 
 Redis:
   Db: ${REDIS_DB}

internal/model/config.go

@@ -5,11 +5,19 @@ type ConfigWebServer struct {
 	Port            int         `yaml:"Port"`
 	PublicBase      string      `yaml:"PublicBase"`
 	TrustedPlatform string      `yaml:"TrustedPlatform"`
-	JwtSigningKey     string `yaml:"JwtSigningKey"`
+	JWT             ConfigJWT   `yaml:"JWT"`
-	JwtExpireHour     int    `yaml:"JwtExpireHour"`
+	OAuth           ConfigOAuth `yaml:"OAuth"`
-	OAuthDomain       string `yaml:"OAuthDomain"`
+}
-	OAuthClientID     string `yaml:"OAuthClientID"`
+
-	OAuthClientSecret string `yaml:"OAuthClientSecret"`
+type ConfigJWT struct {
+	SigningKey string `yaml:"SigningKey"`
+	ExpireHour int    `yaml:"ExpireHour"`
+}
+
+type ConfigOAuth struct {
+	Domain       string `yaml:"Domain"`
+	ClientID     string `yaml:"ClientID"`
+	ClientSecret string `yaml:"ClientSecret"`
 }
 
 type ConfigRedis struct {

internal/web/jwt/service.go

@@ -29,8 +29,8 @@ func NewService(i *do.Injector) (Service, error) {
 	srv.cacheService = do.MustInvoke[cache.Service](i) // .Get().(*redis.Client)
 
 	conf := do.MustInvoke[config.Service](i).GetConfig()
-	srv.SigningKey = []byte(conf.WebServer.JwtSigningKey)
+	srv.SigningKey = []byte(conf.WebServer.JWT.SigningKey)
-	srv.ExpireHour = conf.WebServer.JwtExpireHour
+	srv.ExpireHour = conf.WebServer.JWT.ExpireHour
 
 	return srv, srv.err
 }

internal/web/oauth/service.go

@@ -40,21 +40,21 @@ func NewService(i *do.Injector) (Service, error) {
 
 	conf := do.MustInvoke[config.Service](i).GetConfig()
 
-	if conf.WebServer.OAuthDomain == "" {
+	if conf.WebServer.OAuth.Domain == "" {
 		return srv, srv.err
 	}
 
-	srv.provider, srv.err = oidc.NewProvider(context.Background(), conf.WebServer.OAuthDomain)
+	srv.provider, srv.err = oidc.NewProvider(context.Background(), conf.WebServer.OAuth.Domain)
 	if srv.err != nil {
-		srv.log.Error("failed to create oauth provider", zap.Error(srv.err), zap.String("domain", conf.WebServer.OAuthDomain))
+		srv.log.Error("failed to create oauth provider", zap.Error(srv.err), zap.String("domain", conf.WebServer.OAuth.Domain))
 		return srv, srv.err
 	}
 
-	srv.verifier = srv.provider.Verifier(&oidc.Config{ClientID: conf.WebServer.OAuthClientID})
+	srv.verifier = srv.provider.Verifier(&oidc.Config{ClientID: conf.WebServer.OAuth.ClientID})
 
 	srv.conf = oauth2.Config{
-		ClientID:     conf.WebServer.OAuthClientID,
+		ClientID:     conf.WebServer.OAuth.ClientID,
-		ClientSecret: conf.WebServer.OAuthClientSecret,
+		ClientSecret: conf.WebServer.OAuth.ClientSecret,
 		RedirectURL:  conf.WebServer.PublicBase + callbackPath,
 		Endpoint:     srv.provider.Endpoint(),
 		Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "roles"},