refactoring: config struct & pipelines

server/openid/config.go

@@ -14,24 +14,27 @@ var (
 )
 
 func Configure() {
-	if !config.Instance().UseOpenId {
+	if !config.Instance().OpenId.UseOpenId {
 		return
 	}
 
-	provider, err := oidc.NewProvider(context.Background(), config.Instance().OpenIdProviderURL)
+	provider, err := oidc.NewProvider(
+		context.Background(),
+		config.Instance().OpenId.ProviderURL,
+	)
 	if err != nil {
 		panic(err)
 	}
 
 	oauth2Config = oauth2.Config{
-		ClientID:     config.Instance().OpenIdClientId,
-		ClientSecret: config.Instance().OpenIdClientSecret,
-		RedirectURL:  config.Instance().OpenIdRedirectURL,
+		ClientID:     config.Instance().OpenId.ClientId,
+		ClientSecret: config.Instance().OpenId.ClientSecret,
+		RedirectURL:  config.Instance().OpenId.RedirectURL,
 		Endpoint:     provider.Endpoint(),
 		Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
 	}
 
 	verifier = provider.Verifier(&oidc.Config{
-		ClientID: config.Instance().OpenIdClientId,
+		ClientID: config.Instance().OpenId.ClientId,
 	})
 }

server/openid/handler.go

@@ -87,7 +87,7 @@ func doAuthentification(r *http.Request, setCookieCallback func(t *oauth2.Token)
 		return nil, err
 	}
 
-	whitelist := config.Instance().OpenIdEmailWhitelist
+	whitelist := config.Instance().OpenId.EmailWhitelist
 
 	if len(whitelist) > 0 && !slices.Contains(whitelist, claims.Email) {
 		return nil, errors.New("email address not found in ACL")