feature: basic auth0 support (#78)

* feature: basic auth0 support * refactor: improve auth flow * refactor: extract HttpServer config * feature: merge HTTP API layer with Let's Encrypt
2025-08-08 23:05:28 +02:00 · 2021-08-07 12:26:07 +02:00
parent 11982d6dde
commit 1f29975737
16 changed files with 500 additions and 37 deletions
--- a/encryption/letsencrypt.go
+++ b/encryption/letsencrypt.go
@ -1,17 +1,14 @@
 package encryption

 import (
-	"crypto/tls"
 	log "github.com/sirupsen/logrus"
 	"golang.org/x/crypto/acme/autocert"
-	"net/http"
 	"os"
 	"path/filepath"
 )

-// EnableLetsEncrypt wraps common logic of generating Let's encrypt certificate.
-// Includes a HTTP handler and listener to solve the Let's encrypt challenge
-func EnableLetsEncrypt(datadir string, letsencryptDomain string) *tls.Config {
+// CreateCertManager wraps common logic of generating Let's encrypt certificate.
+func CreateCertManager(datadir string, letsencryptDomain string) *autocert.Manager {
 	certDir := filepath.Join(datadir, "letsencrypt")

 	if _, err := os.Stat(certDir); os.IsNotExist(err) {
@ -23,18 +20,11 @@ func EnableLetsEncrypt(datadir string, letsencryptDomain string) *tls.Config {

 	log.Infof("running with Let's encrypt with domain %s. Cert will be stored in %s", letsencryptDomain, certDir)

-	certManager := autocert.Manager{
+	certManager := &autocert.Manager{
 		Prompt:     autocert.AcceptTOS,
 		Cache:      autocert.DirCache(certDir),
 		HostPolicy: autocert.HostWhitelist(letsencryptDomain),
 	}

-	// listener to handle Let's encrypt certificate challenge
-	go func() {
-		if err := http.Serve(certManager.Listener(), certManager.HTTPHandler(nil)); err != nil {
-			log.Fatalf("failed to serve letsencrypt handler: %v", err)
-		}
-	}()
-
-	return &tls.Config{GetCertificate: certManager.GetCertificate}
+	return certManager
 }