1 files changed, 1 insertions, 83 deletions

diff --git a/pkg/app/app.go b/pkg/app/app.go
index c55ecce5..a8dedc10 100644
--- a/pkg/app/app.go
+++ b/pkg/app/app.go
@@ -1,95 +1,13 @@
 package app
 
 import (
-	"encoding/json"
-	"fmt"
-	"net"
-	"net/http"
-	"os"
-
-	"github.com/casbin/casbin/v3"
-	cedar "github.com/cedar-policy/cedar-go"
-	"github.com/cedar-policy/cedar-go/types"
-	"github.com/xlgmokha/x/pkg/x"
 	"gitlab.com/mokhax/spike/pkg/authz"
 	"gitlab.com/mokhax/spike/pkg/cfg"
-	xlog "gitlab.com/mokhax/spike/pkg/log"
 	"gitlab.com/mokhax/spike/pkg/srv"
 )
 
-func WithCasbin() authz.Authorizer {
-	enforcer := x.Must(casbin.NewEnforcer("casbin.conf", "casbin.csv"))
-
-	return authz.AuthorizerFunc(func(r *http.Request) bool {
-		host, _, err := net.SplitHostPort(r.Host)
-		if err != nil {
-			xlog.WithFields(r, xlog.Fields{"error": err})
-			return false
-		}
-
-		subject, found := authz.TokenFrom(r).Subject()
-		if !found {
-			subject = "*"
-		}
-		ok, err := enforcer.Enforce(subject, host, r.Method, r.URL.Path)
-		if err != nil {
-			xlog.WithFields(r, xlog.Fields{"error": err})
-			return false
-		}
-
-		fmt.Printf("%v: %v -> %v %v%v\n", ok, subject, r.Method, host, r.URL.Path)
-		xlog.WithFields(r, xlog.Fields{
-			"ok":      ok,
-			"subject": subject,
-			"action":  r.Method,
-			"domain":  host,
-			"object":  r.URL.Path,
-		})
-		return ok
-	})
-}
-
-func WithCedar() authz.Authorizer {
-	var policy cedar.Policy
-	x.Check(policy.UnmarshalCedar(x.Must(os.ReadFile("cedar.conf"))))
-
-	policies := cedar.NewPolicySet()
-	policies.Add("cedar.conf", &policy)
-
-	var entities cedar.EntityMap
-	if err := json.Unmarshal(x.Must(os.ReadFile("cedar.json")), &entities); err != nil {
-		xlog.Logger.Error("Error", "error", err)
-		return nil
-	}
-
-	return authz.AuthorizerFunc(func(r *http.Request) bool {
-		host, _, err := net.SplitHostPort(r.Host)
-		if err != nil {
-			return false
-		}
-
-		subject, found := authz.TokenFrom(r).Subject()
-		if !found {
-			subject = "*"
-		}
-
-		req := cedar.Request{
-			Principal: cedar.NewEntityUID("Subject", cedar.String(subject)),
-			Action:    cedar.NewEntityUID("Action", cedar.String(r.Method)),
-			Resource:  cedar.NewEntityUID("Path", cedar.String(r.URL.Path)),
-			Context: cedar.NewRecord(cedar.RecordMap{
-				"Host": cedar.String(host),
-			}),
-		}
-
-		ok, diagnostic := policies.IsAuthorized(entities, req)
-		fmt.Printf("%v: %v -> %v %v%v %v\n", ok, subject, r.Method, host, r.URL.Path, diagnostic.Reasons)
-		return ok == types.Allow
-	})
-}
-
 func Start(bindAddr string) error {
-	mux := authz.HTTP(WithCasbin(), Routes())
+	mux := authz.HTTP(authz.WithCasbin(), Routes())
 	return srv.Run(cfg.New(
 		bindAddr,
 		cfg.WithMux(mux),