From 9ba5788d208019b9ef9574b3ea422b7ab8923b06 Mon Sep 17 00:00:00 2001
From: Morten Olsen <fbtijfdq@void.black>
Date: Thu, 16 Oct 2025 16:43:44 +0200
Subject: [PATCH] refact: cleanup

---
 src/access/access.provider.ts                 |  9 ---------
 src/access/access.ts                          |  2 --
 .../access.token.ts => auth/auth.jwt.ts}      |  9 +++++----
 src/{k8s/k8s.clients.ts => auth/auth.k8s.ts}  | 14 +++++++-------
 .../oidc.handler.ts => auth/auth.oidc.ts}     |  9 +++++----
 src/auth/auth.provider.ts                     |  9 +++++++++
 .../auth.schemas.ts}                          |  2 +-
 src/backbone.ts                               | 19 ++++++++++---------
 src/config/config.ts                          |  4 ++++
 src/{ => services}/k8s/k8s.config.ts          |  0
 src/{ => services}/k8s/k8s.crd.ts             |  4 +++-
 src/{ => services}/k8s/k8s.resources.ts       |  3 ++-
 src/{ => services}/k8s/k8s.schemas.ts         |  2 +-
 src/{ => services}/k8s/k8s.ts                 |  7 -------
 src/{ => services}/k8s/k8s.watcher.ts         |  0
 .../sessions/sessions.provider.ts}            | 10 +++++-----
 .../sessions/sessions.session.ts}             |  5 +++--
 .../sessions/sessions.utils.ts}               |  2 +-
 tests/utils/utils.world.ts                    | 16 +++++-----------
 19 files changed, 61 insertions(+), 65 deletions(-)
 delete mode 100644 src/access/access.provider.ts
 delete mode 100644 src/access/access.ts
 rename src/{access/access.token.ts => auth/auth.jwt.ts} (84%)
 rename src/{k8s/k8s.clients.ts => auth/auth.k8s.ts} (83%)
 rename src/{oidc/oidc.handler.ts => auth/auth.oidc.ts} (88%)
 create mode 100644 src/auth/auth.provider.ts
 rename src/{access/access.schemas.ts => auth/auth.schemas.ts} (91%)
 rename src/{ => services}/k8s/k8s.config.ts (100%)
 rename src/{ => services}/k8s/k8s.crd.ts (99%)
 rename src/{ => services}/k8s/k8s.resources.ts (99%)
 rename src/{ => services}/k8s/k8s.schemas.ts (87%)
 rename src/{ => services}/k8s/k8s.ts (84%)
 rename src/{ => services}/k8s/k8s.watcher.ts (100%)
 rename src/{access/access.handler.ts => services/sessions/sessions.provider.ts} (60%)
 rename src/{access/access.session.ts => services/sessions/sessions.session.ts} (81%)
 rename src/{access/access.utils.ts => services/sessions/sessions.utils.ts} (90%)

diff --git a/src/access/access.provider.ts b/src/access/access.provider.ts
deleted file mode 100644
index 569ff47..0000000
--- a/src/access/access.provider.ts
+++ /dev/null
@@ -1,9 +0,0 @@
-import type { Statement } from './access.schemas.ts';
-
-type AccessProvider = {
-  getAccess: (token: string) => Promise<{
-    statements: Statement[];
-  }>;
-};
-
-export type { AccessProvider };
diff --git a/src/access/access.ts b/src/access/access.ts
deleted file mode 100644
index 614b775..0000000
--- a/src/access/access.ts
+++ /dev/null
@@ -1,2 +0,0 @@
-export * from './access.session.ts';
-export * from './access.token.ts';
diff --git a/src/access/access.token.ts b/src/auth/auth.jwt.ts
similarity index 84%
rename from src/access/access.token.ts
rename to src/auth/auth.jwt.ts
index a60b864..dda8080 100644
--- a/src/access/access.token.ts
+++ b/src/auth/auth.jwt.ts
@@ -1,8 +1,9 @@
 import { z } from 'zod';
 import jwt from 'jsonwebtoken';
 
-import { statementSchema } from './access.schemas.ts';
-import type { AccessProvider } from './access.provider.ts';
+import { statementSchema } from './auth.schemas.ts';
+import type { AuthProvider } from './auth.provider.ts';
+
 import type { Services } from '#root/utils/services.ts';
 import { Config } from '#root/config/config.ts';
 
@@ -12,7 +13,7 @@ const tokenBodySchema = z.object({
 
 type TokenBody = z.infer<typeof tokenBodySchema>;
 
-class AccessTokens implements AccessProvider {
+class JwtAuth implements AuthProvider {
   #services: Services;
 
   constructor(services: Services) {
@@ -41,4 +42,4 @@ class AccessTokens implements AccessProvider {
   };
 }
 
-export { AccessTokens };
+export { JwtAuth };
diff --git a/src/k8s/k8s.clients.ts b/src/auth/auth.k8s.ts
similarity index 83%
rename from src/k8s/k8s.clients.ts
rename to src/auth/auth.k8s.ts
index 3a043fe..50dc86c 100644
--- a/src/k8s/k8s.clients.ts
+++ b/src/auth/auth.k8s.ts
@@ -1,18 +1,18 @@
 import { KubernetesObjectApi, type KubernetesObject } from '@kubernetes/client-node';
 
-import { K8sResources } from './k8s.resources.ts';
-import type { K8sBackboneClient } from './k8s.schemas.ts';
+import type { AuthProvider } from './auth.provider.ts';
+import type { Statement } from './auth.schemas.ts';
 
-import type { AccessProvider } from '#root/access/access.provider.ts';
-import type { Statement } from '#root/access/access.schemas.ts';
 import type { Services } from '#root/utils/services.ts';
-import { K8sConfig } from './k8s.config.ts';
+import { K8sResources } from '#root/services/k8s/k8s.resources.ts';
+import type { K8sBackboneClient } from '#root/services/k8s/k8s.schemas.ts';
+import { K8sConfig } from '#root/services/k8s/k8s.config.ts';
 
 type K8sClient = {
   statements: Statement[];
 };
 
-class K8sClients implements AccessProvider {
+class K8sAuth implements AuthProvider {
   #services: Services;
   #clients: Map<string, K8sClient>;
 
@@ -65,4 +65,4 @@ class K8sClients implements AccessProvider {
   };
 }
 
-export { K8sClients };
+export { K8sAuth };
diff --git a/src/oidc/oidc.handler.ts b/src/auth/auth.oidc.ts
similarity index 88%
rename from src/oidc/oidc.handler.ts
rename to src/auth/auth.oidc.ts
index 6d2a839..fd9c040 100644
--- a/src/oidc/oidc.handler.ts
+++ b/src/auth/auth.oidc.ts
@@ -1,8 +1,9 @@
 import jwt from 'jsonwebtoken';
 
-import type { AccessProvider } from '#root/access/access.provider.ts';
+import type { Statement } from './auth.schemas.ts';
+import type { AuthProvider } from './auth.provider.ts';
+
 import type { Services } from '#root/utils/services.ts';
-import type { Statement } from '#root/access/access.schemas.ts';
 import { Config } from '#root/config/config.ts';
 
 const adminStatements: Statement[] = [
@@ -27,7 +28,7 @@ const readerStatements: Statement[] = [
   },
 ];
 
-class OidcHandler implements AccessProvider {
+class OidcAuth implements AuthProvider {
   #services: Services;
 
   constructor(services: Services) {
@@ -63,4 +64,4 @@ class OidcHandler implements AccessProvider {
   };
 }
 
-export { OidcHandler };
+export { OidcAuth };
diff --git a/src/auth/auth.provider.ts b/src/auth/auth.provider.ts
new file mode 100644
index 0000000..1df4e28
--- /dev/null
+++ b/src/auth/auth.provider.ts
@@ -0,0 +1,9 @@
+import type { Statement } from './auth.schemas.ts';
+
+type AuthProvider = {
+  getAccess: (token: string) => Promise<{
+    statements: Statement[];
+  }>;
+};
+
+export type { AuthProvider };
diff --git a/src/access/access.schemas.ts b/src/auth/auth.schemas.ts
similarity index 91%
rename from src/access/access.schemas.ts
rename to src/auth/auth.schemas.ts
index fbe72cd..09aa1e1 100644
--- a/src/access/access.schemas.ts
+++ b/src/auth/auth.schemas.ts
@@ -1,4 +1,4 @@
-import z from 'zod';
+import { z } from 'zod';
 
 const statementSchema = z.object({
   effect: z.enum(['allow', 'disallow']),
diff --git a/src/backbone.ts b/src/backbone.ts
index 3a13d9d..02f54de 100644
--- a/src/backbone.ts
+++ b/src/backbone.ts
@@ -1,9 +1,10 @@
-import { AccessHandler } from './access/access.handler.ts';
-import { AccessTokens } from './access/access.token.ts';
+import { JwtAuth } from './auth/auth.jwt.ts';
+import { K8sAuth } from './auth/auth.k8s.ts';
+import { OidcAuth } from './auth/auth.oidc.ts';
 import { Config } from './config/config.ts';
-import { K8sService } from './k8s/k8s.ts';
-import { OidcHandler } from './oidc/oidc.handler.ts';
 import { MqttServer } from './server/server.ts';
+import { K8sService } from './services/k8s/k8s.ts';
+import { SessionProvider } from './services/sessions/sessions.provider.ts';
 import { TopicsHandler } from './topics/topics.handler.ts';
 import { Services } from './utils/services.ts';
 
@@ -26,8 +27,8 @@ class Backbone {
     return this.#services.get(MqttServer);
   }
 
-  public get accessHandler() {
-    return this.#services.get(AccessHandler);
+  public get sessionProvider() {
+    return this.#services.get(SessionProvider);
   }
 
   public get topicsHandler() {
@@ -41,7 +42,7 @@ class Backbone {
   public start = async () => {
     if (this.config.k8s.enabled) {
       await this.k8s.setup();
-      this.accessHandler.register('k8s', this.k8s.clients);
+      this.sessionProvider.register('k8s', this.#services.get(K8sAuth));
     }
     if (this.config.http.enabled) {
       console.log('starting http');
@@ -53,10 +54,10 @@ class Backbone {
       tcp.listen(this.config.tcp.port);
     }
     if (this.config.oidc.enabled) {
-      this.accessHandler.register('oidc', this.#services.get(OidcHandler));
+      this.sessionProvider.register('oidc', this.#services.get(OidcAuth));
     }
     if (this.config.tokenSecret) {
-      this.accessHandler.register('token', this.#services.get(AccessTokens));
+      this.sessionProvider.register('token', this.#services.get(JwtAuth));
     }
   };
 
diff --git a/src/config/config.ts b/src/config/config.ts
index b8a95e3..2a7226c 100644
--- a/src/config/config.ts
+++ b/src/config/config.ts
@@ -3,6 +3,10 @@ class Config {
     return process.env.TOKEN_SECRET;
   }
 
+  public get adminToken() {
+    return process.env.ADMIN_TOKEN;
+  }
+
   public get oidc() {
     const enabled = process.env.OIDC_ENABLED === 'true';
     const discoveryUrl = process.env.OIDC_DISCOVERY_URL;
diff --git a/src/k8s/k8s.config.ts b/src/services/k8s/k8s.config.ts
similarity index 100%
rename from src/k8s/k8s.config.ts
rename to src/services/k8s/k8s.config.ts
diff --git a/src/k8s/k8s.crd.ts b/src/services/k8s/k8s.crd.ts
similarity index 99%
rename from src/k8s/k8s.crd.ts
rename to src/services/k8s/k8s.crd.ts
index 340a70e..d286624 100644
--- a/src/k8s/k8s.crd.ts
+++ b/src/services/k8s/k8s.crd.ts
@@ -1,8 +1,10 @@
-import type { Services } from '#root/utils/services.ts';
 import { ApiException, ApiextensionsV1Api } from '@kubernetes/client-node';
 import { z, type ZodType } from 'zod';
+
 import { K8sConfig } from './k8s.config.ts';
 
+import type { Services } from '#root/utils/services.ts';
+
 type CreateCrdOptions = {
   kind: string;
   apiVersion: string;
diff --git a/src/k8s/k8s.resources.ts b/src/services/k8s/k8s.resources.ts
similarity index 99%
rename from src/k8s/k8s.resources.ts
rename to src/services/k8s/k8s.resources.ts
index a2bbe9c..d35555d 100644
--- a/src/k8s/k8s.resources.ts
+++ b/src/services/k8s/k8s.resources.ts
@@ -2,9 +2,10 @@ import { V1Secret, type KubernetesObject } from '@kubernetes/client-node';
 
 import { K8sWatcher } from './k8s.watcher.ts';
 import type { K8sBackboneClient, K8sBackboneTopic } from './k8s.schemas.ts';
-import type { Services } from '#root/utils/services.ts';
 import { K8sConfig } from './k8s.config.ts';
 
+import type { Services } from '#root/utils/services.ts';
+
 class K8sResources {
   #services: Services;
   #secrets?: K8sWatcher<V1Secret>;
diff --git a/src/k8s/k8s.schemas.ts b/src/services/k8s/k8s.schemas.ts
similarity index 87%
rename from src/k8s/k8s.schemas.ts
rename to src/services/k8s/k8s.schemas.ts
index 87ef51b..6b99e6c 100644
--- a/src/k8s/k8s.schemas.ts
+++ b/src/services/k8s/k8s.schemas.ts
@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { statementSchema } from '#root/access/access.schemas.ts';
+import { statementSchema } from '#root/auth/auth.schemas.ts';
 
 const k8sBackboneClientSchema = z.object({
   statements: z.array(statementSchema),
diff --git a/src/k8s/k8s.ts b/src/services/k8s/k8s.ts
similarity index 84%
rename from src/k8s/k8s.ts
rename to src/services/k8s/k8s.ts
index 459459e..25315fa 100644
--- a/src/k8s/k8s.ts
+++ b/src/services/k8s/k8s.ts
@@ -1,9 +1,6 @@
-import { KubeConfig } from '@kubernetes/client-node';
-
 import { K8sResources } from './k8s.resources.ts';
 import { K8sCrds } from './k8s.crd.ts';
 import { k8sBackboneClientSchema, k8sBackboneTopicSchema } from './k8s.schemas.ts';
-import { K8sClients } from './k8s.clients.ts';
 
 import { API_VERSION } from '#root/utils/consts.ts';
 import type { Services } from '#root/utils/services.ts';
@@ -19,10 +16,6 @@ class K8sService {
     return this.#services.get(K8sResources);
   }
 
-  public get clients() {
-    return this.#services.get(K8sClients);
-  }
-
   public setup = async () => {
     const crds = this.#services.get(K8sCrds);
     await crds.install({
diff --git a/src/k8s/k8s.watcher.ts b/src/services/k8s/k8s.watcher.ts
similarity index 100%
rename from src/k8s/k8s.watcher.ts
rename to src/services/k8s/k8s.watcher.ts
diff --git a/src/access/access.handler.ts b/src/services/sessions/sessions.provider.ts
similarity index 60%
rename from src/access/access.handler.ts
rename to src/services/sessions/sessions.provider.ts
index c20bb03..e692826 100644
--- a/src/access/access.handler.ts
+++ b/src/services/sessions/sessions.provider.ts
@@ -1,13 +1,13 @@
-import type { AccessProvider } from './access.provider.ts';
+import type { AuthProvider } from '#root/auth/auth.provider.ts';
 
-class AccessHandler {
-  #handlers: Map<string, AccessProvider>;
+class SessionProvider {
+  #handlers: Map<string, AuthProvider>;
 
   constructor() {
     this.#handlers = new Map();
   }
 
-  public register = (name: string, provider: AccessProvider) => {
+  public register = (name: string, provider: AuthProvider) => {
     this.#handlers.set(name, provider);
   };
 
@@ -20,4 +20,4 @@ class AccessHandler {
   };
 }
 
-export { AccessHandler };
+export { SessionProvider };
diff --git a/src/access/access.session.ts b/src/services/sessions/sessions.session.ts
similarity index 81%
rename from src/access/access.session.ts
rename to src/services/sessions/sessions.session.ts
index 5c06cfd..b7d2134 100644
--- a/src/access/access.session.ts
+++ b/src/services/sessions/sessions.session.ts
@@ -1,5 +1,6 @@
-import type { Statement } from './access.schemas.ts';
-import { validate } from './access.utils.ts';
+import { validate } from './sessions.utils.ts';
+
+import type { Statement } from '#root/auth/auth.schemas.ts';
 
 type SessionOptions = {
   statements: Statement[];
diff --git a/src/access/access.utils.ts b/src/services/sessions/sessions.utils.ts
similarity index 90%
rename from src/access/access.utils.ts
rename to src/services/sessions/sessions.utils.ts
index 417a101..292a49b 100644
--- a/src/access/access.utils.ts
+++ b/src/services/sessions/sessions.utils.ts
@@ -1,6 +1,6 @@
 import micromatch from 'micromatch';
 
-import type { Statement } from './access.schemas.ts';
+import type { Statement } from '#root/auth/auth.schemas.ts';
 
 type ValidateOptions = {
   action: string;
diff --git a/tests/utils/utils.world.ts b/tests/utils/utils.world.ts
index 8a19faf..af425cd 100644
--- a/tests/utils/utils.world.ts
+++ b/tests/utils/utils.world.ts
@@ -1,14 +1,11 @@
-import mqtt, { connectAsync, MqttClient } from 'mqtt';
+import { connectAsync, MqttClient } from 'mqtt';
 import getPort from 'get-port';
 
-import { AccessHandler } from '#root/access/access.handler.ts';
-import { type Statement } from '#root/access/access.schemas.ts';
-import { AccessTokens } from '#root/access/access.token.ts';
-import { MqttServer } from '#root/server/server.ts';
 import type { TopicDefinition } from '#root/topics/topcis.schemas.ts';
-import { TopicsHandler } from '#root/topics/topics.handler.ts';
 import { TopicsStore } from '#root/topics/topics.store.ts';
 import { Backbone } from '#root/backbone.ts';
+import { JwtAuth } from '#root/auth/auth.jwt.ts';
+import type { Statement } from '#root/auth/auth.schemas.ts';
 
 type CreateSocketOptions = {
   port: number;
@@ -32,11 +29,8 @@ type WorldOptions = {
 const createWorld = async (options: WorldOptions) => {
   const { topics = [] } = options;
   const backbone = new Backbone();
-  const secret = 'test';
-  const accessTokens = new AccessTokens({
-    secret,
-  });
-  backbone.accessHandler.register('token', accessTokens);
+  const accessTokens = backbone.services.get(JwtAuth);
+  backbone.sessionProvider.register('token', accessTokens);
   const topicsStore = new TopicsStore();
   topicsStore.register(...topics);
   backbone.topicsHandler.register(topicsStore);