support client credentials

2023-07-17 22:05:23 +00:00
parent df0cc4aa58
commit fee4cf94ab
6 changed files with 79 additions and 38 deletions
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -5,6 +5,7 @@ import (
 	"go.infratographer.com/x/echox"
 	"go.infratographer.com/x/events"
 	"go.infratographer.com/x/loggingx"
+	"go.infratographer.com/x/oauth2x"
 	"go.infratographer.com/x/otelx"

 	"go.equinixmetal.net/infra9-metal-bridge/internal/metal"
@@ -15,6 +16,7 @@ import (
 // AppConfig is the main application configuration.
 var AppConfig struct {
 	Logging      loggingx.Config
+	OIDC         OIDCClientConfig
 	EquinixMetal metal.Config
 	OTel         otelx.Config
 	Server       echox.Config
@@ -29,3 +31,8 @@ type EventsConfig struct {
 	Publisher  events.PublisherConfig
 	Subscriber events.SubscriberConfig
 }
+
+// OIDCClientConfig defines the configuration for OIDC Client Credentials.
+type OIDCClientConfig struct {
+	Client oauth2x.Config
+}
--- a/internal/permissions/client.go
+++ b/internal/permissions/client.go
@@ -15,10 +15,14 @@ import (
 	"go.uber.org/zap"
 )

-const defaultPermissionsURL = "https://permissions-api.hollow-a.sv15.metalkube.net"
+const (
+	defaultPermissionsURL = "https://permissions-api.hollow-a.sv15.metalkube.net"

-var defaultHTTPClient = &http.Client{
-	Timeout: 5 * time.Second, // nolint:gomnd // unexported
+	DefaultHTTPClientTimeout = 5 * time.Second
+)
+
+var DefaultHTTPClient = &http.Client{
+	Timeout: DefaultHTTPClientTimeout,
 }

 // Client is the permissions client.
@@ -108,7 +112,7 @@ func encodeJSON(v any) (*bytes.Buffer, error) {
 func NewClient(token string, options ...Option) (*Client, error) {
 	client := &Client{
 		logger:     zap.NewNop().Sugar(),
-		httpClient: defaultHTTPClient,
+		httpClient: DefaultHTTPClient,
 		token:      token,
 	}

--- a/internal/permissions/options.go
+++ b/internal/permissions/options.go
@@ -1,6 +1,8 @@
 package permissions

 import (
+	"net/http"
+
 	"go.uber.org/zap"
 )

@@ -15,3 +17,12 @@ func WithLogger(logger *zap.SugaredLogger) Option {
 		return nil
 	}
 }
+
+// WithHTTPClient sets the http client to be used by the client.
+func WithHTTPClient(client *http.Client) Option {
+	return func(c *Client) error {
+		c.httpClient = client
+
+		return nil
+	}
+}