refactor(apps-proxy): split kai-preview into endpoints sub-package and helpers

pepamartinec · pepamartinec · commit 7888c90702ed · 2026-05-15T07:29:34.000+02:00
Move the four endpoint handlers (handshake-token, bootstrap, exchange,
refresh), the composite Handler, and routing symbols (PathPrefix,
DevModeChecker, DevModeCheckerFunc) into a new
internal/…/kaipreview/endpoints sub-package (package name "endpoints").
The parent kaipreview package retains the pure helpers: JWT minting/
verification, cookie helpers, CORS, IsIframeDocumentLoad, and the
StorageTokenVerifier interface (moved to storage_token_verifier.go).

External callers (apphandler.go) import both packages: kaipreview for
helpers and kpendpoints alias for the handler/routing surface.
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/apphandler.go b/internal/pkg/service/appsproxy/proxy/apphandler/apphandler.go
@@ -15,6 +15,7 @@ import (
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/dataapps/api"
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/dataapps/auth/provider"
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
+	kpendpoints "github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints"
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/selector"
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/chain"
 	"github.com/keboola/keboola-as-code/internal/pkg/service/common/ctxattr"
@@ -31,14 +32,14 @@ type appHandler struct {
 	upstream           chain.Handler
 	allAuthHandlers    chain.Handler
 	authHandlerPerRule map[ruleIndex]chain.Handler
-	kaiPreview         *kaipreview.Handler
+	kaiPreview         *kpendpoints.Handler
 }
 
 type ruleIndex int
 
 func newAppHandler(manager *Manager, app api.AppConfig, appUpstream chain.Handler, authHandlers map[provider.ID]selector.Handler) (http.Handler, error) {
 	// DevModeChecker is backed by the live K8s state watcher: re-evaluates on every request.
-	devModeChecker := kaipreview.DevModeCheckerFunc(func(ctx context.Context, appID string) bool {
+	devModeChecker := kpendpoints.DevModeCheckerFunc(func(ctx context.Context, appID string) bool {
 		info, ok := manager.upstreamManager.AppInfo(ctx, api.AppID(appID))
 		return ok && info.DevMode
 	})
@@ -50,7 +51,7 @@ func newAppHandler(manager *Manager, app api.AppConfig, appUpstream chain.Handle
 		attrs:              app.Telemetry(),
 		upstream:           appUpstream,
 		authHandlerPerRule: make(map[ruleIndex]chain.Handler),
-		kaiPreview: kaipreview.NewHandler(kaipreview.HandlerDeps{
+		kaiPreview: kpendpoints.NewHandler(kpendpoints.HandlerDeps{
 			Clock:             manager.clock,
 			StorageTokenVerifier: manager.storageTokenVerifier,
 			DevMode:           devModeChecker,
@@ -171,7 +172,7 @@ func (h *appHandler) serveHTTPOrError(w http.ResponseWriter, req *http.Request)
 	// (routing decision documented in spec § "apps-proxy: routing decision for dev-mode apps")
 	if h.isDevMode(req.Context()) {
 		// 1. /_proxy/kai-preview/* routes go to the kai-preview composite handler.
-		if strings.HasPrefix(req.URL.Path, kaipreview.PathPrefix) {
+		if strings.HasPrefix(req.URL.Path, kpendpoints.PathPrefix) {
 			return h.kaiPreview.ServeHTTPOrError(w, req)
 		}
 		// 2. Valid session cookie → forward to upstream (skip AuthRules), with sliding refresh.
@@ -200,7 +201,7 @@ func (h *appHandler) serveHTTPOrError(w http.ResponseWriter, req *http.Request)
 		// 3. Iframe document load on a dev-mode app with no session → serve bootstrap shim.
 		if kaipreview.IsIframeDocumentLoad(req) {
 			bootstrapReq := req.Clone(req.Context())
-			bootstrapReq.URL.Path = kaipreview.PathPrefix + "/bootstrap"
+			bootstrapReq.URL.Path = kpendpoints.PathPrefix + "/bootstrap"
 			return h.kaiPreview.ServeHTTPOrError(w, bootstrapReq)
 		}
 	}
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/bootstrap.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/bootstrap.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"embed"
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/bootstrap_test.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/bootstrap_test.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"net/http"
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/exchange.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/exchange.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"encoding/json"
@@ -7,6 +7,7 @@ import (
 
 	"github.com/jonboulle/clockwork"
 
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 	"github.com/keboola/keboola-as-code/internal/pkg/utils/errors"
 )
 
@@ -48,7 +49,7 @@ func (h *ExchangeHandler) ServeHTTPOrError(w http.ResponseWriter, r *http.Reques
 		return nil
 	}
 
-	claims, err := VerifyHandshakeJWT(h.deps.HandshakeKey, h.deps.Clock, body.Token)
+	claims, err := kaipreview.VerifyHandshakeJWT(h.deps.HandshakeKey, h.deps.Clock, body.Token)
 	if err != nil {
 		http.Error(w, "invalid handshake token", http.StatusUnauthorized)
 		return nil
@@ -58,12 +59,12 @@ func (h *ExchangeHandler) ServeHTTPOrError(w http.ResponseWriter, r *http.Reques
 		return nil
 	}
 
-	sessionJWT, err := MintSessionJWT(h.deps.SessionKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID, h.deps.SessionTTL)
+	sessionJWT, err := kaipreview.MintSessionJWT(h.deps.SessionKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID, h.deps.SessionTTL)
 	if err != nil {
 		return errors.Errorf("kai-preview: mint session JWT: %w", err)
 	}
 
-	SetSessionCookie(w, sessionJWT, h.deps.SessionTTL)
+	kaipreview.SetSessionCookie(w, sessionJWT, h.deps.SessionTTL)
 	w.Header().Set("Cache-Control", "no-store")
 	w.WriteHeader(http.StatusOK)
 	return nil
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/exchange_test.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/exchange_test.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"bytes"
@@ -11,6 +11,8 @@ import (
 	"github.com/jonboulle/clockwork"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 )
 
 func newTestExchangeHandler(devMode bool) *ExchangeHandler {
@@ -28,7 +30,7 @@ func newTestExchangeHandler(devMode bool) *ExchangeHandler {
 func mintForTest(t *testing.T, appID, projectID string) string {
 	t.Helper()
 	clock := clockwork.NewFakeClock()
-	jwt, err := MintHandshakeJWT(testHandshakeKey, clock, appID, projectID)
+	jwt, err := kaipreview.MintHandshakeJWT(testHandshakeKey, clock, appID, projectID)
 	require.NoError(t, err)
 	return jwt
 }
@@ -49,7 +51,7 @@ func TestExchangeHandler_Success(t *testing.T) {
 
 	cookies := w.Result().Cookies()
 	require.Len(t, cookies, 1)
-	assert.Equal(t, SessionCookieName, cookies[0].Name)
+	assert.Equal(t, kaipreview.SessionCookieName, cookies[0].Name)
 	assert.True(t, cookies[0].Partitioned)
 }
 
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handler.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handler.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"context"
@@ -9,6 +9,7 @@ import (
 	"github.com/jonboulle/clockwork"
 
 	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/config"
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 )
 
 // PathPrefix is the URL prefix all kai-preview endpoints live under.
@@ -29,9 +30,9 @@ func (f DevModeCheckerFunc) IsDevMode(ctx context.Context, appID string) bool {
 
 type HandlerDeps struct {
 	Clock                clockwork.Clock
-	StorageTokenVerifier StorageTokenVerifier
+	StorageTokenVerifier kaipreview.StorageTokenVerifier
 	DevMode              DevModeChecker
-	CORS                 *CORS
+	CORS                 *kaipreview.CORS
 	HandshakeKey         string
 	SessionKey           string
 	SessionTTL           time.Duration
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handler_test.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handler_test.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"net/http"
@@ -9,14 +9,16 @@ import (
 	"github.com/jonboulle/clockwork"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 )
 
 func newTestCompositeHandler(devMode bool) *Handler {
 	return NewHandler(HandlerDeps{
 		Clock:             clockwork.NewFakeClock(),
 		StorageTokenVerifier: &stubStorageTokenVerifier{projectID: "proj-456"},
 		DevMode:           &stubDevModeChecker{devMode: devMode},
-		CORS:              NewCORS([]string{"https://connection.keboola.com"}),
+		CORS:              kaipreview.NewCORS([]string{"https://connection.keboola.com"}),
 		HandshakeKey:      testHandshakeKey,
 		SessionKey:        testSessionKey,
 		SessionTTL:        4 * time.Hour,
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handshake_token.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handshake_token.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"context"
@@ -7,14 +7,10 @@ import (
 
 	"github.com/jonboulle/clockwork"
 
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 	"github.com/keboola/keboola-as-code/internal/pkg/utils/errors"
 )
 
-// StorageTokenVerifier abstracts HTTPStorageTokenVerifier so tests can inject a stub without HTTP.
-type StorageTokenVerifier interface {
-	Verify(ctx context.Context, token string) (*StorageTokenVerifyResult, error)
-}
-
 // DevModeChecker tells the handler whether the current app is in dev mode.
 // Backed by the apps-proxy CRD watcher (AppInfo.DevMode).
 type DevModeChecker interface {
@@ -23,9 +19,9 @@ type DevModeChecker interface {
 
 type HandshakeTokenDeps struct {
 	Clock                clockwork.Clock
-	StorageTokenVerifier StorageTokenVerifier
+	StorageTokenVerifier kaipreview.StorageTokenVerifier
 	DevMode              DevModeChecker
-	CORS                 *CORS
+	CORS                 *kaipreview.CORS
 	HandshakeKey         string
 	AppID                string
 	AppProjectID         string
@@ -81,7 +77,7 @@ func (h *HandshakeTokenHandler) ServeHTTPOrError(w http.ResponseWriter, r *http.
 		return nil
 	}
 
-	jwt, err := MintHandshakeJWT(h.deps.HandshakeKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID)
+	jwt, err := kaipreview.MintHandshakeJWT(h.deps.HandshakeKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID)
 	if err != nil {
 		return errors.Errorf("kai-preview: mint handshake JWT: %w", err)
 	}
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handshake_token_test.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/handshake_token_test.go
@@ -1,4 +1,4 @@
-package kaipreview
+package endpoints
 
 import (
 	"context"
@@ -11,18 +11,25 @@ import (
 	"github.com/jonboulle/clockwork"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
+)
+
+const (
+	testHandshakeKey = "test-handshake-key-must-be-long-enough"
+	testSessionKey   = "test-session-key-also-long-enough"
 )
 
 type stubStorageTokenVerifier struct {
 	projectID string
 	err       error
 }
 
-func (s *stubStorageTokenVerifier) Verify(_ context.Context, _ string) (*StorageTokenVerifyResult, error) {
+func (s *stubStorageTokenVerifier) Verify(_ context.Context, _ string) (*kaipreview.StorageTokenVerifyResult, error) {
 	if s.err != nil {
 		return nil, s.err
 	}
-	return &StorageTokenVerifyResult{ProjectID: s.projectID}, nil
+	return &kaipreview.StorageTokenVerifyResult{ProjectID: s.projectID}, nil
 }
 
 type stubDevModeChecker struct{ devMode bool }
@@ -36,7 +43,7 @@ type stubErr struct{ msg string }
 func (e *stubErr) Error() string { return e.msg }
 
 func newTestHandshakeHandler(tokenValid bool, storageTokenProject string, devMode bool) *HandshakeTokenHandler {
-	var verifier StorageTokenVerifier
+	var verifier kaipreview.StorageTokenVerifier
 	if tokenValid {
 		verifier = &stubStorageTokenVerifier{projectID: storageTokenProject}
 	} else {
@@ -46,7 +53,7 @@ func newTestHandshakeHandler(tokenValid bool, storageTokenProject string, devMod
 		Clock:                clockwork.NewFakeClock(),
 		StorageTokenVerifier: verifier,
 		DevMode:              &stubDevModeChecker{devMode: devMode},
-		CORS:                 NewCORS([]string{"https://connection.keboola.com"}),
+		CORS:                 kaipreview.NewCORS([]string{"https://connection.keboola.com"}),
 		HandshakeKey:         testHandshakeKey,
 		AppID:                "app-123",
 		AppProjectID:         "proj-456",
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/refresh.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/refresh.go
@@ -1,11 +1,12 @@
-package kaipreview
+package endpoints
 
 import (
 	"net/http"
 	"time"
 
 	"github.com/jonboulle/clockwork"
 
+	"github.com/keboola/keboola-as-code/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview"
 	"github.com/keboola/keboola-as-code/internal/pkg/utils/errors"
 )
 
@@ -14,7 +15,7 @@ type RefreshDeps struct {
 	DevMode      DevModeChecker
 	SessionKey   string
 	SessionTTL   time.Duration
-	CORS         *CORS
+	CORS         *kaipreview.CORS
 	AppID        string
 	AppProjectID string
 }
@@ -50,13 +51,13 @@ func (h *RefreshHandler) ServeHTTPOrError(w http.ResponseWriter, r *http.Request
 		return nil
 	}
 
-	cookieValue := ReadSessionCookie(r)
+	cookieValue := kaipreview.ReadSessionCookie(r)
 	if cookieValue == "" {
 		http.Error(w, "no session", http.StatusUnauthorized)
 		return nil
 	}
 
-	claims, err := VerifySessionJWT(h.deps.SessionKey, h.deps.Clock, cookieValue)
+	claims, err := kaipreview.VerifySessionJWT(h.deps.SessionKey, h.deps.Clock, cookieValue)
 	if err != nil {
 		http.Error(w, "session expired", http.StatusUnauthorized)
 		return nil
@@ -66,11 +67,11 @@ func (h *RefreshHandler) ServeHTTPOrError(w http.ResponseWriter, r *http.Request
 		return nil
 	}
 
-	newJWT, err := MintSessionJWT(h.deps.SessionKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID, h.deps.SessionTTL)
+	newJWT, err := kaipreview.MintSessionJWT(h.deps.SessionKey, h.deps.Clock, h.deps.AppID, h.deps.AppProjectID, h.deps.SessionTTL)
 	if err != nil {
 		return errors.Errorf("kai-preview: re-mint session JWT: %w", err)
 	}
-	SetSessionCookie(w, newJWT, h.deps.SessionTTL)
+	kaipreview.SetSessionCookie(w, newJWT, h.deps.SessionTTL)
 
 	w.Header().Set("Cache-Control", "no-store")
 	w.WriteHeader(http.StatusNoContent)
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/refresh_test.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/refresh_test.go
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/template/bootstrap.gohtml b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/endpoints/template/bootstrap.gohtml
diff --git a/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/storage_token_verifier.go b/internal/pkg/service/appsproxy/proxy/apphandler/authproxy/kaipreview/storage_token_verifier.go

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-package kaipreview`
	`1`	`+package endpoints`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"embed"`