feat: port reduction (#323)

* move mgmt pkg

* begin package restructure

* rename auth package to authz

* begin start api

* move auth

* move admin

* fix merge

* configs and interceptors

* interceptor

* revert generate-grpc.sh

* some cleanups

* console

* move console

* fix tests and merging

* js linting

* merge

* merging and configs

* change k8s base to current ports

* fixes

* cleanup

* regenerate proto

* remove unnecessary whitespace

* missing param

* go mod tidy

* fix merging

* move login pkg

* cleanup

* move api pkgs again

* fix pkg naming

* fix generate-static.sh for login

* update workflow

* fixes

* logging

* remove duplicate

* comment for optional gateway interfaces

* regenerate protos

* fix proto imports for grpc web

* protos

* grpc web generate

* grpc web generate

* fix changes

* add translation interceptor

* fix merging

* regenerate mgmt proto

internal/api/http/middleware/cache_interceptor.go

@@ -7,7 +7,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/caos/zitadel/internal/api"
+	http_utils "github.com/caos/zitadel/internal/api/http"
 	"github.com/caos/zitadel/internal/config/types"
 )
 
@@ -120,9 +120,9 @@ func (c *Cache) serializeHeaders(w http.ResponseWriter) {
 		control = append(control, string(c.Revalidation))
 	}
 
-	w.Header().Set(api.CacheControl, strings.Join(control, ", "))
-	w.Header().Set(api.Expires, expires)
+	w.Header().Set(http_utils.CacheControl, strings.Join(control, ", "))
+	w.Header().Set(http_utils.Expires, expires)
 	if pragma {
-		w.Header().Set(api.Pragma, "no-cache")
+		w.Header().Set(http_utils.Pragma, "no-cache")
 	}
 }

internal/api/http/middleware/cors_interceptor.go

@@ -5,19 +5,19 @@ import (
 
 	"github.com/rs/cors"
 
-	"github.com/caos/zitadel/internal/api"
+	http_utils "github.com/caos/zitadel/internal/api/http"
 )
 
 var (
 	DefaultCORSOptions = cors.Options{
 		AllowCredentials: true,
 		AllowedHeaders: []string{
-			api.Origin,
-			api.ContentType,
-			api.Accept,
-			api.AcceptLanguage,
-			api.Authorization,
-			api.ZitadelOrgID,
+			http_utils.Origin,
+			http_utils.ContentType,
+			http_utils.Accept,
+			http_utils.AcceptLanguage,
+			http_utils.Authorization,
+			http_utils.ZitadelOrgID,
 		},
 		AllowedMethods: []string{
 			http.MethodOptions,
@@ -29,7 +29,7 @@ var (
 			http.MethodDelete,
 		},
 		ExposedHeaders: []string{
-			api.Location,
+			http_utils.Location,
 		},
 		AllowedOrigins: []string{
 			"http://localhost:*",

internal/api/http/middleware/security_headers.go

@@ -6,7 +6,7 @@ import (
 	"encoding/base64"
 	"net/http"
 
-	"github.com/caos/zitadel/internal/api"
+	http_utils "github.com/caos/zitadel/internal/api/http"
 )
 
 type key int
@@ -63,13 +63,13 @@ func (h *headers) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		r = saveContext(r, nonceKey, nonce)
 	}
 	headers := w.Header()
-	headers.Set(api.ContentSecurityPolicy, h.csp.Value(nonce))
-	headers.Set(api.XXSSProtection, "1; mode=block")
-	headers.Set(api.StrictTransportSecurity, "max-age=31536000; includeSubDomains")
-	headers.Set(api.XFrameOptions, "DENY")
-	headers.Set(api.XContentTypeOptions, "nosniff")
-	headers.Set(api.ReferrerPolicy, "same-origin")
-	headers.Set(api.FeaturePolicy, "payment 'none'")
+	headers.Set(http_utils.ContentSecurityPolicy, h.csp.Value(nonce))
+	headers.Set(http_utils.XXSSProtection, "1; mode=block")
+	headers.Set(http_utils.StrictTransportSecurity, "max-age=31536000; includeSubDomains")
+	headers.Set(http_utils.XFrameOptions, "DENY")
+	headers.Set(http_utils.XContentTypeOptions, "nosniff")
+	headers.Set(http_utils.ReferrerPolicy, "same-origin")
+	headers.Set(http_utils.FeaturePolicy, "payment 'none'")
 	//PLANNED: add expect-ct
 
 	h.handler.ServeHTTP(w, r)

internal/api/http/middleware/trace_interceptor.go

@@ -3,10 +3,10 @@ package middleware
 import (
 	"net/http"
 
-	"github.com/caos/zitadel/internal/api"
+	http_utils "github.com/caos/zitadel/internal/api/http"
 	"github.com/caos/zitadel/internal/tracing"
 )
 
 func DefaultTraceHandler(handler http.Handler) http.Handler {
-	return tracing.TraceHandler(handler, api.Probes...)
+	return tracing.TraceHandler(handler, http_utils.Probes...)
 }