refactor: group root packages by role (access, authz, http, proof)#60
Merged
Conversation
Free the package name "jwt" so accessjwt can move under access/ without colliding with the lestrrat-go/jwx/v3/jwt import inside the package. Mirrors the existing precedent in casbin/authorizer_test.go where github.com/casbin/casbin/v2 is aliased as casbinv3. No behavior change. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Group the three external-proof primitives (OIDC JWT verifier, WebAuthn passkey ceremonies, opaque API tokens) under proof/ so the layout telegraphs their shared role: producing authkit.Identity from raw credentials. Package names are unchanged; only import paths shift. No behavior change. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Group the two authorizer adapters under authz/. roleauth becomes authz/role (package roleauth -> role) so the parent path carries the "authorization" signal and the leaf no longer repeats it. casbin moves to authz/casbin with its package name unchanged. Internal error-prefix strings in the role package are updated from "roleauth: ..." to "role: ...". No consumer matches on these strings (everything uses errors.Is + sentinels). No behavior change. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Group the access-token primitive and its HTTP authenticator under
access/. Package renames:
- accessjwt -> access/jwt (package accessjwt -> jwt)
- accessjwtauth -> access/middleware (package accessjwtauth -> middleware)
Symbol prefixes change at consumer call sites (accessjwt. -> jwt.,
accessjwtauth. -> middleware.). Internal error-prefix strings updated
to match the new package names ("jwt: ...", "middleware: ...").
compose/http_test.go assertion strings updated for the new wrapped
prefixes.
testkit/internal/httpui/server_test.go aliases the third-party
github.com/lestrrat-go/jwx/v3/jwt import as jwxjwt to avoid colliding
with our github.com/meigma/authkit/access/jwt import in the same file.
No behavior change.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Group HTTP plumbing under http/. Package renames: - httpauth -> http/auth (package httpauth -> auth) - httpfacts -> http/facts (package httpfacts -> facts) - compose -> http/compose (package unchanged) Symbol prefixes change at consumer call sites (httpauth. -> auth., httpfacts. -> facts.). Internal error-prefix in http/auth/middleware.go updated to "auth: ...". compose's package name and error prefixes unchanged. http/facts/facts_test.go: renamed the local merged-result variable from `facts` to `got` to avoid shadowing the package name after the httpfacts -> facts rename. No behavior change. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Refresh the root package overview, http/compose/doc.go, proof/passkey/doc.go, and the Docusaurus pages so package names and symbol prefixes match the new hierarchy. The root doc.go now lists the four subgroups (access, authz, http, proof) and the standalone bridge/management packages so newcomers can scan the layout at a glance. Docusaurus prose now references full subpaths (`access/jwt`, `http/auth`, etc.) and code snippets use the new symbol prefixes (`jwt.NewVerifier`, `role.NewAuthorizer`, `auth.NewMiddleware`, etc.). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
goimports -local github.com/meigma/authkit reorders the authkit import group alphabetically. Mechanical follow-up to the four move commits. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Reorganize the 17 flat root packages into four conceptual buckets so the layout telegraphs each package's role:
There are no external consumers; this is the cheapest moment to do this. The change is purely mechanical: no logic, no schema, no port, no exported-symbol changes beyond their package qualifiers.
What changes
accessjwt->access/jwt(packageaccessjwt->jwt)accessjwtauth->access/middleware(packageaccessjwtauth->middleware)roleauth->authz/role(packageroleauth->role)httpauth->http/auth(packagehttpauth->auth)httpfacts->http/facts(packagehttpfacts->facts)compose,oidc,passkey,passkey/session,apikey,casbin) keep their package names; only the import path changes."accessjwt: ..."->"jwt: ..."etc.). No consumer matches these via string comparison.e3879f1) introduces ajwxjwtalias forgithub.com/lestrrat-go/jwx/v3/jwtinsideaccessjwt/to free thejwtpackage name without colliding with the third-party import. Same trick was needed intestkit/internal/httpui/server_test.go.http/facts/facts_test.go's local merged-result variable renamedfacts->gotto avoid shadowing the newly-renamed package.doc.gonow lists the four subgroups so newcomers can scan the layout at a glance. Docusaurus pages and per-package sibling-mentioningdoc.gofiles updated.Verification
moon run root:check --summary minimal— green (format, lint, build, unit tests).moon run root:integration— green (Testcontainers postgres exercises the storage suite against the relocatedproof/*packages).moon run docs:typecheck && moon run docs:build— green.go list -fexports againstmaster.git grepfor old import paths and symbol prefixes in*.goanddocs/docs/**/*.md: clean.Out of scope
internal/authtest,internal/storetest— internal helpers, left at root.store/memory,store/postgres— already grouped, untouched.testkit/— internal validation app, left at root.management/,exchange/,onboarding/,provisioning/— already meaningful top-level names; no parent buys clarity.CHANGELOG.md,PLAN.md— historical artifacts, left alone.Test plan
go build ./...clean.moon run root:check --summary minimalclean.moon run root:integrationclean.moon run docs:buildclean.go doc github.com/meigma/authkit/access/jwt(and friends) shows the same symbol surface as the old packages.feat/httpapi-auth-flowwill need a one-time rebase after this merges.🤖 Generated with Claude Code