static_authz_plugin/
module.rs

1//! Static `AuthZ` resolver plugin module.
2
3use std::sync::{Arc, OnceLock};
4
5use async_trait::async_trait;
6use authz_resolver_sdk::{AuthZResolverPluginClient, AuthZResolverPluginSpecV1};
7use modkit::Module;
8use modkit::client_hub::ClientScope;
9use modkit::context::ModuleCtx;
10use modkit::gts::BaseModkitPluginV1;
11use tracing::info;
12use types_registry_sdk::{RegisterResult, TypesRegistryClient};
13
14use crate::config::StaticAuthZPluginConfig;
15use crate::domain::Service;
16
17/// Static `AuthZ` resolver plugin module.
18#[modkit::module(
19    name = "static-authz-plugin",
20    deps = ["types-registry"]
21)]
22pub struct StaticAuthZPlugin {
23    service: OnceLock<Arc<Service>>,
24}
25
26impl Default for StaticAuthZPlugin {
27    fn default() -> Self {
28        Self {
29            service: OnceLock::new(),
30        }
31    }
32}
33
34#[async_trait]
35impl Module for StaticAuthZPlugin {
36    async fn init(&self, ctx: &ModuleCtx) -> anyhow::Result<()> {
37        info!("Initializing static_authz_plugin");
38
39        let cfg: StaticAuthZPluginConfig = ctx.config()?;
40        info!(
41            vendor = %cfg.vendor,
42            priority = cfg.priority,
43            "Loaded plugin configuration"
44        );
45
46        // Generate plugin instance ID
47        let instance_id = AuthZResolverPluginSpecV1::gts_make_instance_id(
48            "hyperspot.builtin.static_authz_resolver.plugin.v1",
49        );
50
51        // Register plugin instance in types-registry
52        let registry = ctx.client_hub().get::<dyn TypesRegistryClient>()?;
53        let instance = BaseModkitPluginV1::<AuthZResolverPluginSpecV1> {
54            id: instance_id.clone(),
55            vendor: cfg.vendor.clone(),
56            priority: cfg.priority,
57            properties: AuthZResolverPluginSpecV1,
58        };
59        let instance_json = serde_json::to_value(&instance)?;
60
61        let results = registry.register(vec![instance_json]).await?;
62        RegisterResult::ensure_all_ok(&results)?;
63
64        // Create service
65        let service = Arc::new(Service::new());
66        self.service
67            .set(service.clone())
68            .map_err(|_| anyhow::anyhow!("Service already initialized"))?;
69
70        // Register scoped client in ClientHub
71        let api: Arc<dyn AuthZResolverPluginClient> = service;
72        ctx.client_hub()
73            .register_scoped::<dyn AuthZResolverPluginClient>(
74                ClientScope::gts_id(&instance_id),
75                api,
76            );
77
78        info!(instance_id = %instance_id, "Static authz plugin initialized");
79        Ok(())
80    }
81}
static_authz_plugin/module.rs

static_authz_plugin/
module.rs
