authenticateflow: move stateless flow logic (#4820)

Consolidate all logic specific to the stateless authenticate flow into a a new Stateless type in a new package internal/authenticateflow. This is in preparation for adding a new Stateful type implementing the older stateful authenticate flow (from Pomerium v0.20 and previous). This change is intended as a pure refactoring of existing logic, with no changes in functionality.
2025-06-04 03:42:49 +02:00 · 2023-12-06 16:55:57 -08:00 · 2023-12-06 16:55:57 -08:00 · b7896b3153
commit b7896b3153
parent 3b2bdd059a
18 changed files with 823 additions and 461 deletions
--- a/authenticate/authenticate.go
+++ b/authenticate/authenticate.go
@ -45,15 +45,16 @@ type Authenticate struct {

 // New validates and creates a new authenticate service from a set of Options.
 func New(cfg *config.Config, options ...Option) (*Authenticate, error) {
+	authenticateConfig := getAuthenticateConfig(options...)
 	a := &Authenticate{
-		cfg:     getAuthenticateConfig(options...),
+		cfg:     authenticateConfig,
 		options: config.NewAtomicOptions(),
 		state:   atomicutil.NewValue(newAuthenticateState()),
 	}

 	a.options.Store(cfg.Options)

-	state, err := newAuthenticateStateFromConfig(cfg)
+	state, err := newAuthenticateStateFromConfig(cfg, authenticateConfig)
 	if err != nil {
 		return nil, err
 	}
@ -69,7 +70,7 @@ func (a *Authenticate) OnConfigChange(ctx context.Context, cfg *config.Config) {
 	}

 	a.options.Store(cfg.Options)
-	if state, err := newAuthenticateStateFromConfig(cfg); err != nil {
+	if state, err := newAuthenticateStateFromConfig(cfg, a.cfg); err != nil {
 		log.Error(ctx).Err(err).Msg("authenticate: failed to update state")
 	} else {
 		a.state.Store(state)