4 files changed, 0 insertions, 130 deletions

diff --git a/pkg/authz/authz.go b/pkg/authz/authz.go
deleted file mode 100644
index 5a93a29c..00000000
--- a/pkg/authz/authz.go
+++ /dev/null
@@ -1,23 +0,0 @@
-package authz
-
-import "net/http"
-
-type Authorizer interface {
-	Authorize(*http.Request) bool
-}
-
-type AuthorizerFunc func(*http.Request) bool
-
-func (f AuthorizerFunc) Authorize(r *http.Request) bool {
-	return f(r)
-}
-
-func HTTP(authorizer Authorizer, h http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if authorizer.Authorize(r) {
-			h.ServeHTTP(w, r)
-		} else {
-			w.WriteHeader(http.StatusForbidden)
-		}
-	})
-}
diff --git a/pkg/authz/casbin.go b/pkg/authz/casbin.go
deleted file mode 100644
index 140bdb98..00000000
--- a/pkg/authz/casbin.go
+++ /dev/null
@@ -1,43 +0,0 @@
-package authz
-
-import (
-	"fmt"
-	"net"
-	"net/http"
-
-	"github.com/casbin/casbin/v3"
-	"github.com/xlgmokha/x/pkg/log"
-	"github.com/xlgmokha/x/pkg/x"
-)
-
-func WithCasbin() Authorizer {
-	enforcer := x.Must(casbin.NewEnforcer("casbin.conf", "casbin.csv"))
-
-	return AuthorizerFunc(func(r *http.Request) bool {
-		host, _, err := net.SplitHostPort(r.Host)
-		if err != nil {
-			log.WithFields(r.Context(), log.Fields{"error": err})
-			return false
-		}
-
-		subject, found := TokenFrom(r).Subject()
-		if !found {
-			subject = "*"
-		}
-		ok, err := enforcer.Enforce(subject, host, r.Method, r.URL.Path)
-		if err != nil {
-			log.WithFields(r.Context(), log.Fields{"error": err})
-			return false
-		}
-
-		fmt.Printf("%v: %v -> %v %v%v\n", ok, subject, r.Method, host, r.URL.Path)
-		log.WithFields(r.Context(), log.Fields{
-			"authz":   ok,
-			"subject": subject,
-			"action":  r.Method,
-			"domain":  host,
-			"object":  r.URL.Path,
-		})
-		return ok
-	})
-}
diff --git a/pkg/authz/cedar.go b/pkg/authz/cedar.go
deleted file mode 100644
index 18674c74..00000000
--- a/pkg/authz/cedar.go
+++ /dev/null
@@ -1,34 +0,0 @@
-package authz
-
-import (
-	"net"
-	"net/http"
-
-	cedar "github.com/cedar-policy/cedar-go"
-	"github.com/xlgmokha/x/pkg/log"
-	"gitlab.com/mokhax/spike/pkg/gid"
-	"gitlab.com/mokhax/spike/pkg/policies"
-)
-
-func WithCedar() Authorizer {
-	return AuthorizerFunc(func(r *http.Request) bool {
-		host, _, err := net.SplitHostPort(r.Host)
-		if err != nil {
-			log.WithFields(r.Context(), log.Fields{"error": err})
-			return false
-		}
-		subject, found := TokenFrom(r).Subject()
-		if !found {
-			subject = "gid://example/User/*"
-		}
-
-		return policies.Allowed(cedar.Request{
-			Principal: gid.NewEntityUID(subject),
-			Action:    cedar.NewEntityUID("HttpMethod", cedar.String(r.Method)),
-			Resource:  cedar.NewEntityUID("HttpPath", cedar.String(r.URL.Path)),
-			Context: cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String(host),
-			}),
-		})
-	})
-}
diff --git a/pkg/authz/token.go b/pkg/authz/token.go
deleted file mode 100644
index 2794bf4a..00000000
--- a/pkg/authz/token.go
+++ /dev/null
@@ -1,30 +0,0 @@
-package authz
-
-import (
-	"net/http"
-	"strings"
-
-	"github.com/lestrrat-go/jwx/v3/jwt"
-	"github.com/xlgmokha/x/pkg/log"
-)
-
-func TokenFrom(r *http.Request) jwt.Token {
-	authorization := r.Header.Get("Authorization")
-	if authorization == "" || !strings.Contains(authorization, "Bearer") {
-		return jwt.New()
-	}
-
-	token, err := jwt.ParseRequest(r,
-		jwt.WithContext(r.Context()),
-		jwt.WithHeaderKey("Authorization"),
-		jwt.WithValidate(false), // TODO:: Connect this to a JSON Web Key Set
-		jwt.WithVerify(false),   // TODO:: Connect this to a JSON Web Key Set
-	)
-
-	if err != nil {
-		log.WithFields(r.Context(), log.Fields{"error": err})
-		return jwt.New()
-	}
-
-	return token
-}