Merge branch 'main' into oauth-testing

controller/bootstrap.go

@@ -6,22 +6,23 @@ import (
 	"encoding/json"
 	"fmt"
 	"github.com/openziti/edge-api/rest_management_api_client"
-	"github.com/openziti/edge-api/rest_management_api_client/config"
+	restMgmtEdgeConfig "github.com/openziti/edge-api/rest_management_api_client/config"
 	"github.com/openziti/edge-api/rest_management_api_client/edge_router_policy"
 	"github.com/openziti/edge-api/rest_management_api_client/identity"
-	rest_model_edge "github.com/openziti/edge-api/rest_model"
+	restModelEdge "github.com/openziti/edge-api/rest_model"
+	"github.com/openziti/edge-api/rest_util"
 	"github.com/openziti/sdk-golang/ziti"
-	zrok_config "github.com/openziti/zrok/controller/config"
+	"github.com/openziti/zrok/controller/config"
 	"github.com/openziti/zrok/controller/store"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
-	"github.com/openziti/zrok/model"
-	"github.com/openziti/zrok/zrokdir"
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"time"
 )
 
-func Bootstrap(skipCtrl, skipFrontend bool, inCfg *zrok_config.Config) error {
+func Bootstrap(skipFrontend bool, inCfg *config.Config) error {
 	cfg = inCfg
 
 	if v, err := store.Open(cfg.Store); err == nil {
@@ -36,34 +37,19 @@ func Bootstrap(skipCtrl, skipFrontend bool, inCfg *zrok_config.Config) error {
 		return errors.Wrap(err, "error connecting to the ziti edge management api")
 	}
 
-	var ctrlZId string
-	if !skipCtrl {
-		logrus.Info("creating identity for controller ziti access")
-
-		if ctrlZId, err = getIdentityId("ctrl"); err == nil {
-			logrus.Infof("controller identity: %v", ctrlZId)
-		} else {
-			ctrlZId, err = bootstrapIdentity("ctrl", edge)
-			if err != nil {
-				panic(err)
-			}
-		}
-		if err := assertIdentity(ctrlZId, edge); err != nil {
-			panic(err)
-		}
-		if err := assertErpForIdentity("ctrl", ctrlZId, edge); err != nil {
-			panic(err)
-		}
+	env, err := environment.LoadRoot()
+	if err != nil {
+		return err
 	}
 
 	var frontendZId string
 	if !skipFrontend {
-		logrus.Info("creating identity for frontend ziti access")
+		logrus.Info("creating identity for public frontend access")
 
-		if frontendZId, err = getIdentityId("frontend"); err == nil {
+		if frontendZId, err = getIdentityId(env.PublicIdentityName()); err == nil {
 			logrus.Infof("frontend identity: %v", frontendZId)
 		} else {
-			frontendZId, err = bootstrapIdentity("frontend", edge)
+			frontendZId, err = bootstrapIdentity(env.PublicIdentityName(), edge)
 			if err != nil {
 				panic(err)
 			}
@@ -71,7 +57,7 @@ func Bootstrap(skipCtrl, skipFrontend bool, inCfg *zrok_config.Config) error {
 		if err := assertIdentity(frontendZId, edge); err != nil {
 			panic(err)
 		}
-		if err := assertErpForIdentity("frontend", frontendZId, edge); err != nil {
+		if err := assertErpForIdentity(env.PublicIdentityName(), frontendZId, edge); err != nil {
 			panic(err)
 		}
 
@@ -100,10 +86,10 @@ func Bootstrap(skipCtrl, skipFrontend bool, inCfg *zrok_config.Config) error {
 }
 
 func assertZrokProxyConfigType(edge *rest_management_api_client.ZitiEdgeManagement) error {
-	filter := fmt.Sprintf("name=\"%v\"", model.ZrokProxyConfig)
+	filter := fmt.Sprintf("name=\"%v\"", sdk.ZrokProxyConfig)
 	limit := int64(100)
 	offset := int64(0)
-	listReq := &config.ListConfigTypesParams{
+	listReq := &restMgmtEdgeConfig.ListConfigTypesParams{
 		Filter:  &filter,
 		Limit:   &limit,
 		Offset:  &offset,
@@ -115,27 +101,31 @@ func assertZrokProxyConfigType(edge *rest_management_api_client.ZitiEdgeManageme
 		return err
 	}
 	if len(listResp.Payload.Data) < 1 {
-		name := model.ZrokProxyConfig
-		ct := &rest_model_edge.ConfigTypeCreate{Name: &name}
-		createReq := &config.CreateConfigTypeParams{ConfigType: ct}
+		name := sdk.ZrokProxyConfig
+		ct := &restModelEdge.ConfigTypeCreate{Name: &name}
+		createReq := &restMgmtEdgeConfig.CreateConfigTypeParams{ConfigType: ct}
 		createReq.SetTimeout(30 * time.Second)
 		createResp, err := edge.Config.CreateConfigType(createReq, nil)
 		if err != nil {
 			return err
 		}
-		logrus.Infof("created '%v' config type with id '%v'", model.ZrokProxyConfig, createResp.Payload.Data.ID)
+		logrus.Infof("created '%v' config type with id '%v'", sdk.ZrokProxyConfig, createResp.Payload.Data.ID)
 	} else if len(listResp.Payload.Data) > 1 {
-		return errors.Errorf("found %d '%v' config types; expected 0 or 1", len(listResp.Payload.Data), model.ZrokProxyConfig)
+		return errors.Errorf("found %d '%v' config types; expected 0 or 1", len(listResp.Payload.Data), sdk.ZrokProxyConfig)
 	} else {
-		logrus.Infof("found '%v' config type with id '%v'", model.ZrokProxyConfig, *(listResp.Payload.Data[0].ID))
+		logrus.Infof("found '%v' config type with id '%v'", sdk.ZrokProxyConfig, *(listResp.Payload.Data[0].ID))
 	}
 	return nil
 }
 
 func getIdentityId(identityName string) (string, error) {
-	zif, err := zrokdir.ZitiIdentityFile(identityName)
+	env, err := environment.LoadRoot()
 	if err != nil {
-		return "", errors.Wrapf(err, "error opening identity '%v' from zrokdir", identityName)
+		return "", errors.Wrap(err, "error opening environment root")
+	}
+	zif, err := env.ZitiIdentityNamed(identityName)
+	if err != nil {
+		return "", errors.Wrapf(err, "error opening identity '%v' from environment", identityName)
 	}
 	zcfg, err := ziti.NewConfigFromFile(zif)
 	if err != nil {
@@ -177,15 +167,20 @@ func assertIdentity(zId string, edge *rest_management_api_client.ZitiEdgeManagem
 }
 
 func bootstrapIdentity(name string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
-	idc, err := zrokEdgeSdk.CreateIdentity(name, rest_model_edge.IdentityTypeDevice, nil, edge)
+	env, err := environment.LoadRoot()
 	if err != nil {
-		return "", errors.Wrapf(err, "error creating '%v' identity", name)
+		return "", errors.Wrap(err, "error loading environment root")
+	}
+
+	idc, err := zrokEdgeSdk.CreateIdentity(name, restModelEdge.IdentityTypeDevice, nil, edge)
+	if err != nil {
+		return "", errors.Wrapf(rest_util.WrapErr(err), "error creating '%v' identity", name)
 	}
 
 	zId := idc.Payload.Data.ID
 	cfg, err := zrokEdgeSdk.EnrollIdentity(zId, edge)
 	if err != nil {
-		return "", errors.Wrapf(err, "error enrolling '%v' identity", name)
+		return "", errors.Wrapf(rest_util.WrapErr(err), "error enrolling '%v' identity", name)
 	}
 
 	var out bytes.Buffer
@@ -195,7 +190,7 @@ func bootstrapIdentity(name string, edge *rest_management_api_client.ZitiEdgeMan
 	if err != nil {
 		return "", errors.Wrapf(err, "error encoding identity config '%v'", name)
 	}
-	if err := zrokdir.SaveZitiIdentity(name, out.String()); err != nil {
+	if err := env.SaveZitiIdentityNamed(name, out.String()); err != nil {
 		return "", errors.Wrapf(err, "error saving identity config '%v'", name)
 	}
 	return zId, nil

controller/controller.go

@@ -130,6 +130,7 @@ func Run(inCfg *config.Config) error {
 	defer func() { _ = server.Shutdown() }()
 	server.Host = cfg.Endpoint.Host
 	server.Port = cfg.Endpoint.Port
+	rest_server_zrok.HealthCheck = HealthCheckHTTP
 	server.ConfigureAPI()
 	if err := server.Serve(); err != nil {
 		return errors.Wrap(err, "api server error")
@@ -137,3 +138,7 @@ func Run(inCfg *config.Config) error {
 
 	return nil
 }
+
+func Store() *store.Store {
+	return str
+}

controller/health.go

@@ -0,0 +1,62 @@
+package controller
+
+import (
+	"context"
+	"fmt"
+	"github.com/sirupsen/logrus"
+	"net/http"
+)
+
+func HealthCheckHTTP(w http.ResponseWriter, _ *http.Request) {
+	if err := healthCheckStore(w); err != nil {
+		logrus.Error(err)
+		return
+	}
+	if err := healthCheckMetrics(w); err != nil {
+		logrus.Error(err)
+		return
+	}
+	w.Header().Set("Content-Type", "text/html; charset=utf-8")
+	w.Write([]byte("<html><body><h1>Healthy</h1></body></html>"))
+}
+
+func healthCheckStore(w http.ResponseWriter) error {
+	trx, err := str.Begin()
+	if err != nil {
+		http.Error(w, "error starting transaction", http.StatusInternalServerError)
+		return err
+	}
+	defer func() {
+		_ = trx.Rollback()
+	}()
+	count := -1
+	if err := trx.QueryRowx("select count(0) from migrations").Scan(&count); err != nil {
+		http.Error(w, "error selecting migration count", http.StatusInternalServerError)
+		return err
+	}
+	logrus.Debugf("%d migrations", count)
+	return nil
+}
+
+func healthCheckMetrics(w http.ResponseWriter) error {
+	if cfg.Metrics != nil && cfg.Metrics.Influx != nil {
+		queryApi := idb.QueryAPI(cfg.Metrics.Influx.Org)
+		query := fmt.Sprintf("from(bucket: \"%v\")\n", cfg.Metrics.Influx.Bucket) +
+			fmt.Sprintf("|> range(start: -5s)\n") +
+			"|> filter(fn: (r) => r[\"_measurement\"] == \"xfer\")\n" +
+			"|> filter(fn: (r) => r[\"_field\"] == \"rx\" or r[\"_field\"] == \"tx\")\n" +
+			"|> filter(fn: (r) => r[\"namespace\"] == \"backend\")\n" +
+			"|> sum()"
+		result, err := queryApi.Query(context.Background(), query)
+		if err != nil {
+			http.Error(w, "error querying influx", http.StatusInternalServerError)
+			return err
+		}
+		results := 0
+		for result.Next() {
+			results++
+		}
+		logrus.Debugf("%d results", results)
+	}
+	return nil
+}

controller/limits/accountRelaxAction.go

@@ -4,6 +4,7 @@ import (
 	"github.com/jmoiron/sqlx"
 	"github.com/openziti/zrok/controller/store"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -38,11 +39,11 @@ func (a *accountRelaxAction) HandleAccount(acct *store.Account, _, _ int64, _ *B
 
 		for _, shr := range shrs {
 			switch shr.ShareMode {
-			case "public":
+			case string(sdk.PublicShareMode):
 				if err := relaxPublicShare(a.str, edge, shr, trx); err != nil {
 					return errors.Wrap(err, "error relaxing public share")
 				}
-			case "private":
+			case string(sdk.PrivateShareMode):
 				if err := relaxPrivateShare(a.str, edge, shr, trx); err != nil {
 					return errors.Wrap(err, "error relaxing private share")
 				}

controller/limits/environmentRelaxAction.go

@@ -4,6 +4,7 @@ import (
 	"github.com/jmoiron/sqlx"
 	"github.com/openziti/zrok/controller/store"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -33,11 +34,11 @@ func (a *environmentRelaxAction) HandleEnvironment(env *store.Environment, rxByt
 	for _, shr := range shrs {
 		if !shr.Deleted {
 			switch shr.ShareMode {
-			case "public":
+			case string(sdk.PublicShareMode):
 				if err := relaxPublicShare(a.str, edge, shr, trx); err != nil {
 					return err
 				}
-			case "private":
+			case string(sdk.PrivateShareMode):
 				if err := relaxPrivateShare(a.str, edge, shr, trx); err != nil {
 					return err
 				}

controller/limits/shareRelaxAction.go

@@ -5,6 +5,7 @@ import (
 	"github.com/openziti/edge-api/rest_management_api_client"
 	"github.com/openziti/zrok/controller/store"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -28,11 +29,11 @@ func (a *shareRelaxAction) HandleShare(shr *store.Share, _, _ int64, _ *Bandwidt
 		}
 
 		switch shr.ShareMode {
-		case "public":
+		case string(sdk.PublicShareMode):
 			if err := relaxPublicShare(a.str, edge, shr, trx); err != nil {
 				return err
 			}
-		case "private":
+		case string(sdk.PrivateShareMode):
 			if err := relaxPrivateShare(a.str, edge, shr, trx); err != nil {
 				return err
 			}

controller/register.go

@@ -75,7 +75,7 @@ func (h *registerHandler) Handle(params account.RegisterParams) middleware.Respo
 		return account.NewRegisterInternalServerError()
 	}
 
-	logrus.Infof("created account '%v' with token '%v'", a.Email, a.Token)
+	logrus.Infof("created account '%v'", a.Email)
 
 	return account.NewRegisterOK().WithPayload(&rest_model_zrok.RegisterResponse{Token: a.Token})
 }

controller/share.go

@@ -7,6 +7,7 @@ import (
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti/zrok/rest_model_zrok"
 	"github.com/openziti/zrok/rest_server_zrok/operations/share"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -68,7 +69,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 	var shrZId string
 	var frontendEndpoints []string
 	switch params.Body.ShareMode {
-	case "public":
+	case string(sdk.PublicShareMode):
 		if len(params.Body.FrontendSelection) < 1 {
 			logrus.Info("no frontend selection provided")
 			return share.NewShareNotFound()
@@ -94,7 +95,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 			return share.NewShareInternalServerError()
 		}
 
-	case "private":
+	case string(sdk.PrivateShareMode):
 		logrus.Info("doing private")
 		shrZId, frontendEndpoints, err = newPrivateResourceAllocator().allocate(envZId, shrToken, params, edge)
 		if err != nil {
@@ -123,7 +124,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 	}
 	if len(frontendEndpoints) > 0 {
 		sshr.FrontendEndpoint = &frontendEndpoints[0]
-	} else if sshr.ShareMode == "private" {
+	} else if sshr.ShareMode == string(sdk.PrivateShareMode) {
 		sshr.FrontendEndpoint = &sshr.ShareMode
 	}
 

controller/sharePrivate.go

@@ -3,8 +3,8 @@ package controller
 import (
 	"github.com/openziti/edge-api/rest_management_api_client"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
-	"github.com/openziti/zrok/model"
 	"github.com/openziti/zrok/rest_server_zrok/operations/share"
+	"github.com/openziti/zrok/sdk"
 )
 
 type privateResourceAllocator struct{}
@@ -14,9 +14,9 @@ func newPrivateResourceAllocator() *privateResourceAllocator {
 }
 
 func (a *privateResourceAllocator) allocate(envZId, shrToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
-	var authUsers []*model.AuthUser
+	var authUsers []*sdk.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
-		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
+		authUsers = append(authUsers, &sdk.AuthUser{authUser.Username, authUser.Password})
 	}
 	cfgZId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, shrToken, params.Body.AuthScheme, authUsers, params.Body.OauthProvider, params.Body.OauthEmailDomains, edge)
 	if err != nil {

controller/sharePublic.go

@@ -3,8 +3,8 @@ package controller
 import (
 	"github.com/openziti/edge-api/rest_management_api_client"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
-	"github.com/openziti/zrok/model"
 	"github.com/openziti/zrok/rest_server_zrok/operations/share"
+	"github.com/openziti/zrok/sdk"
 )
 
 type publicResourceAllocator struct{}
@@ -14,9 +14,9 @@ func newPublicResourceAllocator() *publicResourceAllocator {
 }
 
 func (a *publicResourceAllocator) allocate(envZId, shrToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
-	var authUsers []*model.AuthUser
+	var authUsers []*sdk.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
-		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
+		authUsers = append(authUsers, &sdk.AuthUser{authUser.Username, authUser.Password})
 	}
 	cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, shrToken, params.Body.AuthScheme, authUsers, params.Body.OauthProvider, params.Body.OauthEmailDomains, edge)
 	if err != nil {

controller/startup.go

@@ -6,7 +6,7 @@ import (
 	"github.com/openziti/edge-api/rest_management_api_client"
 	"github.com/openziti/edge-api/rest_management_api_client/config"
 	"github.com/openziti/zrok/controller/zrokEdgeSdk"
-	"github.com/openziti/zrok/model"
+	"github.com/openziti/zrok/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"time"
@@ -36,7 +36,7 @@ func inspectZiti() error {
 }
 
 func findZrokProxyConfigType(edge *rest_management_api_client.ZitiEdgeManagement) error {
-	filter := fmt.Sprintf("name=\"%v\"", model.ZrokProxyConfig)
+	filter := fmt.Sprintf("name=\"%v\"", sdk.ZrokProxyConfig)
 	limit := int64(100)
 	offset := int64(0)
 	listReq := &config.ListConfigTypesParams{
@@ -53,7 +53,7 @@ func findZrokProxyConfigType(edge *rest_management_api_client.ZitiEdgeManagement
 	if len(listResp.Payload.Data) != 1 {
 		return errors.Errorf("expected 1 zrok proxy config type, found %d", len(listResp.Payload.Data))
 	}
-	logrus.Infof("found '%v' config type with id '%v'", model.ZrokProxyConfig, *(listResp.Payload.Data[0].ID))
+	logrus.Infof("found '%v' config type with id '%v'", sdk.ZrokProxyConfig, *(listResp.Payload.Data[0].ID))
 	zrokProxyConfigId = *(listResp.Payload.Data[0].ID)
 
 	return nil

controller/store/sql/postgresql/013_v0_4_6_backend_mode_caddy.sql

@@ -0,0 +1,3 @@
+-- +migrate Up
+
+alter type backend_mode add value 'caddy';

controller/store/sql/sqlite3/013_v0_4_6_backend_mode_caddy.sql

@@ -0,0 +1,54 @@
+-- +migrate Up
+
+alter table shares rename to shares_old;
+create table shares (
+    id                        integer             primary key,
+    environment_id            integer             constraint fk_environments_shares references environments on delete cascade,
+    z_id                      string              not null unique,
+    token                     string              not null unique,
+    share_mode                string              not null,
+    backend_mode              string              not null,
+    frontend_selection        string,
+    frontend_endpoint         string,
+    backend_proxy_endpoint    string,
+    reserved                  boolean             not null default(false),
+    created_at                datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at                datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')), deleted boolean not null default(false),
+
+    constraint chk_z_id check (z_id <> ''),
+    constraint chk_token check (token <> ''),
+    constraint chk_share_mode check (share_mode == 'public' or share_mode == 'private'),
+    constraint chk_backend_mode check (backend_mode == 'proxy' or backend_mode == 'web' or backend_mode == 'tcpTunnel' or backend_mode == 'udpTunnel' or backend_mode == 'caddy')
+);
+insert into shares select * from shares_old;
+drop table shares_old;
+
+alter table frontends rename to frontends_old;
+create table frontends (
+   id                    integer             primary key,
+   environment_id        integer             references environments(id),
+   token                 varchar(32)         not null unique,
+   z_id                  varchar(32)         not null,
+   public_name           varchar(64)         unique,
+   url_template          varchar(1024),
+   reserved              boolean             not null default(false),
+   created_at            datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+   updated_at            datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+   deleted               boolean             not null default(false),
+   private_share_id      integer             references shares(id)
+);
+insert into frontends select * from frontends_old;
+drop table frontends_old;
+
+alter table share_limit_journal rename to share_limit_journal_old;
+create table share_limit_journal (
+    id                  integer                 primary key,
+    share_id            integer                 references shares(id),
+    rx_bytes            bigint                  not null,
+    tx_bytes            bigint                  not null,
+    action              limit_action_type       not null,
+    created_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now'))
+);
+insert into share_limit_journal select * from share_limit_journal_old;
+drop table share_limit_journal_old;

controller/zrokEdgeSdk/config.go

@@ -6,24 +6,23 @@ import (
 	"github.com/openziti/edge-api/rest_management_api_client"
 	"github.com/openziti/edge-api/rest_management_api_client/config"
 	"github.com/openziti/edge-api/rest_model"
-	"github.com/openziti/zrok/model"
+	"github.com/openziti/zrok/sdk"
 	"github.com/sirupsen/logrus"
 	"time"
 )
 
-// TODO: Create options struct
-func CreateConfig(cfgTypeZId, envZId, shrToken string, authSchemeStr string, authUsers []*model.AuthUser, oauthProvider string, oauthEmailDomains []string, edge *rest_management_api_client.ZitiEdgeManagement) (cfgZId string, err error) {
-	authScheme, err := model.ParseAuthScheme(authSchemeStr)
+func CreateConfig(cfgTypeZId, envZId, shrToken string, authSchemeStr string, authUsers []*sdk.AuthUser, oauthProvider string, oauthEmailDomains []string, edge *rest_management_api_client.ZitiEdgeManagement) (cfgZId string, err error) {
+	authScheme, err := sdk.ParseAuthScheme(authSchemeStr)
 	if err != nil {
 		return "", err
 	}
-	cfg := &model.ProxyConfig{
+	cfg := &sdk.ProxyConfig{
 		AuthScheme: authScheme,
 	}
-	if cfg.AuthScheme == model.Basic {
-		cfg.BasicAuth = &model.BasicAuth{}
+	if cfg.AuthScheme == sdk.Basic {
+		cfg.BasicAuth = &sdk.BasicAuth{}
 		for _, authUser := range authUsers {
-			cfg.BasicAuth.Users = append(cfg.BasicAuth.Users, &model.AuthUser{Username: authUser.Username, Password: authUser.Password})
+			cfg.BasicAuth.Users = append(cfg.BasicAuth.Users, &sdk.AuthUser{Username: authUser.Username, Password: authUser.Password})
 		}
 	}
 	if cfg.AuthScheme == model.Oauth {