options refactor (#1088)

* refactor config loading * wip * move autocert to its own config source * refactor options updaters * fix stuttering * fix autocert validate check
2025-08-02 16:30:17 +02:00 · 2020-07-16 14:30:15 -06:00 · 2020-07-16 14:30:15 -06:00 · d3a7ee38be
commit d3a7ee38be
parent eef4c6f2c0
18 changed files with 385 additions and 489 deletions
--- a/authenticate/authenticate.go
+++ b/authenticate/authenticate.go
@ -36,7 +36,7 @@ import (

 // ValidateOptions checks that configuration are complete and valid.
 // Returns on first error found.
-func ValidateOptions(o config.Options) error {
+func ValidateOptions(o *config.Options) error {
 	if _, err := cryptutil.NewAEADCipherFromBase64(o.SharedKey); err != nil {
 		return fmt.Errorf("authenticate: 'SHARED_SECRET' invalid: %w", err)
 	}
@ -118,7 +118,7 @@ type Authenticate struct {
 }

 // New validates and creates a new authenticate service from a set of Options.
-func New(opts config.Options) (*Authenticate, error) {
+func New(opts *config.Options) (*Authenticate, error) {
 	if err := ValidateOptions(opts); err != nil {
 		return nil, err
 	}
@ -238,15 +238,13 @@ func (a *Authenticate) setAdminUsers(opts *config.Options) {
 	}
 }

-// UpdateOptions implements the OptionsUpdater interface and updates internal
+// OnConfigChange implements the OptionsUpdater interface and updates internal
 // structures based on config.Options
-func (a *Authenticate) UpdateOptions(opts config.Options) error {
+func (a *Authenticate) OnConfigChange(cfg *config.Config) {
 	if a == nil {
-		return nil
+		return
 	}

-	log.Info().Str("checksum", fmt.Sprintf("%x", opts.Checksum())).Msg("authenticate: updating options")
-	a.setAdminUsers(&opts)
-
-	return nil
+	log.Info().Str("checksum", fmt.Sprintf("%x", cfg.Options.Checksum())).Msg("authenticate: updating options")
+	a.setAdminUsers(cfg.Options)
 }
--- a/authenticate/authenticate_test.go
+++ b/authenticate/authenticate_test.go
@ -71,7 +71,7 @@ func TestOptions_Validate(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if err := ValidateOptions(*tt.o); (err != nil) != tt.wantErr {
+			if err := ValidateOptions(tt.o); (err != nil) != tt.wantErr {
 				t.Errorf("Options.Validate() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
@ -128,7 +128,7 @@ func TestNew(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			_, err := New(*tt.opts)
+			_, err := New(tt.opts)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("New() error = %v, wantErr %v", err, tt.wantErr)
 				return
@ -155,8 +155,8 @@ func TestIsAdmin(t *testing.T) {
 			t.Parallel()
 			opts := newTestOptions(t)
 			opts.Administrators = tc.admins
-			a, err := New(*opts)
-			assert.NoError(t, a.UpdateOptions(*opts))
+			a, err := New(opts)
+			a.OnConfigChange(&config.Config{Options: opts})
 			require.NoError(t, err)
 			assert.True(t, a.isAdmin(tc.user) == tc.isAdmin)
 		})
--- a/authenticate/handlers_test.go
+++ b/authenticate/handlers_test.go
@ -511,7 +511,7 @@ func TestWellKnownEndpoint(t *testing.T) {
 func TestJwksEndpoint(t *testing.T) {
 	o := newTestOptions(t)
 	o.SigningKey = "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUpCMFZkbko1VjEvbVlpYUlIWHhnd2Q0Yzd5YWRTeXMxb3Y0bzA1b0F3ekdvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVUc1eENQMEpUVDFINklvbDhqS3VUSVBWTE0wNENnVzlQbEV5cE5SbVdsb29LRVhSOUhUMwpPYnp6aktZaWN6YjArMUt3VjJmTVRFMTh1dy82MXJVQ0JBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="
-	auth, err := New(*o)
+	auth, err := New(o)
 	if err != nil {
 		t.Fatal(err)
 	}