chore: rabbit comments

steveiliop56 · steveiliop56 · commit 8426db306d6e · 2026-06-14T18:20:17.000+03:00
diff --git a/go.mod b/go.mod
@@ -21,6 +21,7 @@ require (
 	github.com/stretchr/testify v1.11.1
 	github.com/tinyauthapp/paerser v0.0.0-20260410140347-85c3740d6298
 	github.com/weppos/publicsuffix-go v0.50.3
+	go.uber.org/dig v1.19.0
 	golang.org/x/crypto v0.52.0
 	golang.org/x/oauth2 v0.36.0
 	golang.org/x/tools v0.45.0
@@ -152,7 +153,6 @@ require (
 	go.opentelemetry.io/otel/sdk v1.43.0 // indirect
 	go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
 	go.opentelemetry.io/otel/trace v1.43.0 // indirect
-	go.uber.org/dig v1.19.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go4.org/mem v0.0.0-20240501181205-ae6ca9944745 // indirect
 	go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
diff --git a/internal/bootstrap/app_bootstrap.go b/internal/bootstrap/app_bootstrap.go
@@ -163,12 +163,6 @@ func (app *BootstrapApp) Setup() error {
 		app.runtime.OAuthProviders[id] = provider
 	}
 
-	// setup oidc clients
-	for id, client := range app.config.OIDC.Clients {
-		client.ID = id
-		app.runtime.OIDCClients = append(app.runtime.OIDCClients, client)
-	}
-
 	// cookie domain
 	cookieDomainResolver := utils.GetCookieDomain
 
diff --git a/internal/bootstrap/service_bootstrap.go b/internal/bootstrap/service_bootstrap.go
@@ -71,13 +71,11 @@ func (app *BootstrapApp) setupServices() error {
 	}
 
 	err = app.dig.Invoke(func(i svcInput) error {
-		app.services = Services{
-			accessControlService: i.AccessControlService,
-			authService:          i.AuthService,
-			ldapService:          i.LDAPService,
-			oauthBrokerService:   i.OAuthBrokerService,
-			tailscaleService:     i.TailscaleService,
-		}
+		app.services.accessControlService = i.AccessControlService
+		app.services.authService = i.AuthService
+		app.services.ldapService = i.LDAPService
+		app.services.oauthBrokerService = i.OAuthBrokerService
+		app.services.tailscaleService = i.TailscaleService
 		return nil
 	})
 
diff --git a/internal/controller/well_known_controller.go b/internal/controller/well_known_controller.go
@@ -35,7 +35,7 @@ type WellKnownControllerInput struct {
 	dig.In
 
 	OIDCService *service.OIDCService
-	RouterGroup *gin.RouterGroup `name:"apiRouterGroup"`
+	RouterGroup *gin.RouterGroup `name:"mainRouterGroup"`
 }
 
 func NewWellKnownController(i WellKnownControllerInput) *WellKnownController {
diff --git a/internal/model/runtime.go b/internal/model/runtime.go
@@ -12,7 +12,6 @@ type RuntimeConfig struct {
 	OAuthProviders         map[string]OAuthServiceConfig
 	OAuthWhitelist         []string
 	ConfiguredProviders    []Provider
-	OIDCClients            []OIDCClientConfig
 	TrustedDomains         []string
 }
 
diff --git a/internal/service/auth_service_test.go b/internal/service/auth_service_test.go
@@ -4,6 +4,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/tinyauthapp/tinyauth/internal/model"
 	"github.com/tinyauthapp/tinyauth/internal/utils/logger"
 )
@@ -12,6 +13,19 @@ func TestIsEmailWhitelistedUsesProviderSpecificList(t *testing.T) {
 	log := logger.NewLogger().WithTestConfig()
 	log.Init()
 
+	policyEngine, err := NewPolicyEngine(PolicyEngineInput{
+		Log: log,
+		Config: &model.Config{
+			Auth: model.AuthConfig{
+				ACLs: model.ACLsConfig{
+					Policy: string(PolicyAllow),
+				},
+			},
+		},
+	})
+
+	require.NoError(t, err)
+
 	auth := &AuthService{
 		log: log,
 		runtime: &model.RuntimeConfig{
@@ -28,6 +42,7 @@ func TestIsEmailWhitelistedUsesProviderSpecificList(t *testing.T) {
 				},
 			},
 		},
+		policyEngine: policyEngine,
 	}
 
 	assert.True(t, auth.IsEmailWhitelisted("github", "github@example.com"))
diff --git a/internal/service/oidc_service.go b/internal/service/oidc_service.go
@@ -163,7 +163,7 @@ type OIDCServiceInput struct {
 
 func NewOIDCService(i OIDCServiceInput) (*OIDCService, error) {
 	// If not configured, skip init
-	if len(i.Runtime.OIDCClients) == 0 {
+	if len(i.Config.OIDC.Clients) == 0 {
 		return nil, nil
 	}
 
diff --git a/internal/test/test.go b/internal/test/test.go
@@ -121,14 +121,6 @@ func CreateTestConfigs(t *testing.T) (model.Config, model.RuntimeConfig) {
 		CookieDomain:      "example.com",
 		AppURL:            "https://tinyauth.example.com",
 		SessionCookieName: "tinyauth-session",
-		OIDCClients: func() []model.OIDCClientConfig {
-			var clients []model.OIDCClientConfig
-			for id, client := range config.OIDC.Clients {
-				client.ID = id
-				clients = append(clients, client)
-			}
-			return clients
-		}(),
 	}
 
 	return config, runtime

Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ type WellKnownControllerInput struct {`
`35`	`35`	`dig.In`
`36`	`36`
`37`	`37`	`OIDCService *service.OIDCService`
`38`		- RouterGroup *gin.RouterGroup `name:"apiRouterGroup"`
	`38`	+ RouterGroup *gin.RouterGroup `name:"mainRouterGroup"`
`39`	`39`	`}`
`40`	`40`
`41`	`41`	`func NewWellKnownController(i WellKnownControllerInput) *WellKnownController {`
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,6 @@ type RuntimeConfig struct {`
`12`	`12`	`OAuthProviders map[string]OAuthServiceConfig`
`13`	`13`	`OAuthWhitelist []string`
`14`	`14`	`ConfiguredProviders []Provider`
`15`		`- OIDCClients []OIDCClientConfig`
`16`	`15`	`TrustedDomains []string`
`17`	`16`	`}`
`18`	`17`
Original file line number	Diff line number	Diff line change
`@@ -163,7 +163,7 @@ type OIDCServiceInput struct {`
`163`	`163`
`164`	`164`	`func NewOIDCService(i OIDCServiceInput) (*OIDCService, error) {`
`165`	`165`	`// If not configured, skip init`
`166`		`- if len(i.Runtime.OIDCClients) == 0 {`
	`166`	`+ if len(i.Config.OIDC.Clients) == 0 {`
`167`	`167`	`return nil, nil`
`168`	`168`	`}`
`169`	`169`