refactor(db): use new store interface

[scottmckendry]

lays the groundwork for adding more storage drivers in the future (postgres, redis) with slightly lower effort and easier maintainability in the future.

moves sqlite specific queries, migrations and generated go code into subdirs.

Summary by CodeRabbit

• New Features

  • Configurable database driver (defaults to SQLite); pluggable storage backend.

• Chores

  • CI now verifies generated repository code is up to date.
  • Dev compose updated to enable HTTPS/TLS for local Traefik.
  • Updated Go tooling dependencies; changed codegen entrypoint.

• Tests

  • Added comprehensive in-memory repository unit tests.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: c8c0e61b-e6fb-4776-8992-d07041810bef

📥 Commits

Reviewing files that changed from the base of the PR and between 2c03874 and d29bff1.

📒 Files selected for processing (1)

• internal/bootstrap/app_bootstrap.go

🚧 Files skipped from review as they are similar to previous changes (1)

• internal/bootstrap/app_bootstrap.go

---

📝 Walkthrough

Walkthrough

Adds a repository.Store abstraction with parameter types, implements SQLite and in-memory Stores, refactors Auth/OIDC services to use Store, updates bootstrap to select and return a Store (SQLite migrations narrowed), migrates tests to the in-memory Store, and adds codegen checks and tooling updates.

Changes

Persistence Abstraction & Full Integration

Layer / File(s)	Summary
Store Interface, Parameters, and Data Models internal/repository/store.go, internal/repository/models.go, internal/model/config.go	repository.Store interface, ErrNotFound sentinel, and explicit parameter structs added; DatabaseConfig gains Driver with default sqlite.
SQLite Backend: Package Reorganization, Models, and Store Adapter internal/repository/sqlite/db.go, internal/repository/sqlite/models.go, internal/repository/sqlite/oidc_queries.sql.go, internal/repository/sqlite/session_queries.sql.go, internal/repository/sqlite/store.go, internal/repository/sqlite/generate.go	sqlc output moved to sqlite package; sqlite Store wraps generated Queries, maps sql.ErrNoRows→repository.ErrNotFound, and delegates CRUD.
In-Memory Backend: Store, OIDC, and Session Implementations internal/repository/memory/store.go, internal/repository/memory/oidc_queries.go, internal/repository/memory/session_queries.go, internal/repository/memory/memory_test.go	Thread-safe in-memory Store with destructive reads for OIDC codes, uniqueness checks, session CRUD and expiry cleanup; unit tests added.
Service Layer Refactoring: Auth and OIDC Services internal/service/auth_service.go, internal/service/oidc_service.go	Services now accept repository.Store and use repository.ErrNotFound for missing-record handling.
Bootstrap Wiring: SetupStore Selection and Service Initialization internal/bootstrap/app_bootstrap.go, internal/bootstrap/db_bootstrap.go, internal/assets/assets.go	SetupStore() added to select memory/sqlite backends by Database.Driver; SQLite migrations load from migrations/sqlite/*.sql; app wires returned store into services and closes DB only when non-nil.
Test Migration: Controllers and Middleware to In-Memory Store internal/controller/*_test.go, internal/middleware/context_middleware_test.go	Controller and middleware tests replaced DB bootstrap with memory.New(); DB cleanup removed; session seeding updated to store.CreateSession().
Build Configuration: Code Generation Pipeline and Tooling sqlc.yml, Makefile, .github/workflows/ci.yml, go.mod	sqlc configured to generate sqlite package under internal/repository/sqlite; go:generate added; Makefile now runs go generate ./internal/repository/...; CI checks codegen freshness; new go.mod deps added.
Docker Compose Configuration: HTTPS and TLS Support docker-compose.dev.yml	Traefik configured with websecure entrypoint, 443:443 exposed, and frontend router TLS enabled.

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• tinyauthapp/tinyauth#605: Refactors OIDCService usage of concrete *repository.Queries, which this PR generalizes to repository.Store.
• tinyauthapp/tinyauth#326: Related SQLite migration and assets changes; narrowing embedded migrations here affects files added by that PR.
• tinyauthapp/tinyauth#777: Migration file placement and availability may conflict with the narrowed migrations/sqlite/*.sql embed path introduced here.

Suggested labels

size:XXL, lgtm

Suggested reviewers

• steveiliop56
• Rycochet

"I hop with joy across the store,
sqlite and memory, who could ask for more?
Services speak to one gentle face,
Tests run faster, no DB to chase.
Bravo — this rabbit leaves a tiny paw-print trace!"

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 10.64% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: refactoring the database layer to use a new store interface abstraction instead of concrete implementations.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch store-refactor

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

internal/bootstrap/db_bootstrap.go (1)

19-69: ⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Preserve DB cleanup when hiding the concrete SQLite store.

SetupStore / NewSQLiteStore now return only repository.Store, so callers can no longer close the underlying *sql.DB. The controller tests used to db.Close(), but after this refactor those handles stay open until process exit, which can leak file descriptors and leave temp SQLite files locked on some platforms. setupSQLite also leaks the opened DB on migration/setup error paths. Please return a closer alongside the store, or wrap the store in a type that also exposes Close() and use it in the tests/startup cleanup path.

🧹 Nitpick comments (1)

internal/repository/models.go (1)

8-19: 🏗️ Heavy lift

Define canonical repository models instead of aliasing SQLite types.

Aliasing repository.* directly to sqlite.* keeps the abstraction coupled to one backend. If you want multi-driver support to stay clean, define canonical types in repository and map in each driver implementation.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@internal/repository/models.go` around lines 8 - 19, The current file defines
repository models as direct aliases to sqlite types (e.g., Session, OidcCode,
OidcToken, OidcUserinfo and param types like CreateSessionParams,
UpdateSessionParams, CreateOidcCodeParams, etc.), which couples the repository
API to one driver; replace these type aliases with canonical repository types
(structs/interfaces) in internal/repository/models.go and remove the "type X =
sqlite.X" lines, then implement conversion helpers in the sqlite driver (e.g.,
functions to convert between repository.Session <-> sqlite.Session and
repository.CreateSessionParams <-> sqlite.CreateSessionParams) so other drivers
can map their native types to the repository canonical types without depending
on sqlite symbols.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@internal/controller/proxy_controller_test.go`:
- Around line 395-396: The Store returned by NewSQLiteStore leaks the underlying
*sql.DB because setupSQLite opens the DB but neither Store nor sqlite.Queries
expose a Close; update the API so tests can close the DB: either add Close()
error to the Store interface and implement Close on sqlite.Queries to call the
underlying *sql.DB.Close(), or change setupSQLite/NewSQLiteStore to return the
*sql.DB alongside the Store so callers (tests like proxy_controller_test,
oidc_controller_test, user_controller_test, well_known_controller_test) can
explicitly defer db.Close(); update all call sites and implementations (Store
interface, sqlite.Queries, setupSQLite, NewSQLiteStore) consistently.

---

Nitpick comments:
In `@internal/repository/models.go`:
- Around line 8-19: The current file defines repository models as direct aliases
to sqlite types (e.g., Session, OidcCode, OidcToken, OidcUserinfo and param
types like CreateSessionParams, UpdateSessionParams, CreateOidcCodeParams,
etc.), which couples the repository API to one driver; replace these type
aliases with canonical repository types (structs/interfaces) in
internal/repository/models.go and remove the "type X = sqlite.X" lines, then
implement conversion helpers in the sqlite driver (e.g., functions to convert
between repository.Session <-> sqlite.Session and repository.CreateSessionParams
<-> sqlite.CreateSessionParams) so other drivers can map their native types to
the repository canonical types without depending on sqlite symbols.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: c386e1b5-70c0-4440-93d8-eec72b28f642

📥 Commits

Reviewing files that changed from the base of the PR and between 956d2f5 and 1d0a462.

📒 Files selected for processing (40)

• internal/assets/assets.go
• internal/assets/migrations/sqlite/000001_init_sqlite.down.sql
• internal/assets/migrations/sqlite/000001_init_sqlite.up.sql
• internal/assets/migrations/sqlite/000002_oauth_name.down.sql
• internal/assets/migrations/sqlite/000002_oauth_name.up.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.down.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.up.sql
• internal/assets/migrations/sqlite/000004_created_at.down.sql
• internal/assets/migrations/sqlite/000004_created_at.up.sql
• internal/assets/migrations/sqlite/000005_oidc_session.down.sql
• internal/assets/migrations/sqlite/000005_oidc_session.up.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.down.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.up.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.down.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.up.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.down.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.up.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.down.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.up.sql
• internal/bootstrap/app_bootstrap.go
• internal/bootstrap/db_bootstrap.go
• internal/bootstrap/service_bootstrap.go
• internal/config/config.go
• internal/controller/oidc_controller_test.go
• internal/controller/proxy_controller_test.go
• internal/controller/user_controller_test.go
• internal/controller/well_known_controller_test.go
• internal/repository/models.go
• internal/repository/sqlite/db.go
• internal/repository/sqlite/models.go
• internal/repository/sqlite/oidc_queries.sql.go
• internal/repository/sqlite/session_queries.sql.go
• internal/repository/store.go
• internal/service/auth_service.go
• internal/service/oidc_service.go
• sql/sqlite/oidc_queries.sql
• sql/sqlite/oidc_schemas.sql
• sql/sqlite/session_queries.sql
• sql/sqlite/session_schemas.sql
• sqlc.yml

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

internal/bootstrap/db_bootstrap.go (1)

37-69: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Close the SQLite handle on every failure after sql.Open.

If iofs.New, sqlite3.WithInstance, or migrate.NewWithInstance fails, the opened *sql.DB is never closed. That leaks a live connection/file handle on startup failures and in test helpers.

♻️ Proposed fix

 func (app *BootstrapApp) setupSQLite(databasePath string) (repository.Store, error) {
 	dir := filepath.Dir(databasePath)
@@
 	db, err := sql.Open("sqlite", databasePath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to open database: %w", err)
 	}
+	closeOnError := true
+	defer func() {
+		if closeOnError {
+			_ = db.Close()
+		}
+	}()
@@
 	if err != nil {
 		return nil, fmt.Errorf("failed to migrate database: %w", err)
 	}
 
+	closeOnError = false
 	return sqlite.NewStore(sqlite.New(db)), nil
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@internal/bootstrap/db_bootstrap.go` around lines 37 - 69, After sql.Open
succeeds, ensure the opened *sql.DB is closed on any subsequent failure to avoid
leaking handles: either add a deferred close that only runs when the function
will return an error (e.g., capture the returned err via a named return or a
closure checking a local err variable) or explicitly call db.Close() before
every early return after calls to iofs.New, sqlite3.WithInstance,
migrate.NewWithInstance, and migrator.Up; update the error return paths around
iofs.New, sqlite3.WithInstance, migrate.NewWithInstance, and migrator.Up so they
close db before returning, while leaving the final successful return
(sqlite.NewStore/sqlite.New) untouched.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 29-32: The CI step "Check store codegen is up to date" currently
runs "go generate ./internal/repository/..." then "git diff --exit-code --
internal/repository/" which misses brand-new untracked files; after running go
generate, run "git add -N internal/repository || true" (or "git add -N
./internal/repository || true") to stage intent for new files so they show up in
diffs, then run "git diff --exit-code -- internal/repository/" as before; update
the step commands in the "Check store codegen is up to date" job to include that
git add -N command between the generate and diff commands.

---

Outside diff comments:
In `@internal/bootstrap/db_bootstrap.go`:
- Around line 37-69: After sql.Open succeeds, ensure the opened *sql.DB is
closed on any subsequent failure to avoid leaking handles: either add a deferred
close that only runs when the function will return an error (e.g., capture the
returned err via a named return or a closure checking a local err variable) or
explicitly call db.Close() before every early return after calls to iofs.New,
sqlite3.WithInstance, migrate.NewWithInstance, and migrator.Up; update the error
return paths around iofs.New, sqlite3.WithInstance, migrate.NewWithInstance, and
migrator.Up so they close db before returning, while leaving the final
successful return (sqlite.NewStore/sqlite.New) untouched.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 2a1c97b5-1768-4f54-8215-b27651cd4eb8

📥 Commits

Reviewing files that changed from the base of the PR and between 1d0a462 and 14c1027.

⛔ Files ignored due to path filters (1)

• cmd/gen/sqlc-wrapper/main.go is excluded by !**/gen/**

📒 Files selected for processing (6)

• .github/workflows/ci.yml
• go.mod
• internal/bootstrap/db_bootstrap.go
• internal/repository/models.go
• internal/repository/sqlite/generate.go
• internal/repository/sqlite/store.go

✅ Files skipped from review due to trivial changes (2)

• internal/repository/sqlite/generate.go
• internal/repository/sqlite/store.go

[scottmckendry]

The code gen added in the most recent commit was largely written by an LLM. I have vetted to the best of my ability, but this is a new concept to me - hence this disclaimer.

that out of the way, the generate code satisfies the store interface and correctly wraps all of the sqlc-generated code.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

internal/bootstrap/db_bootstrap.go (1)

38-68: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Close the opened DB on sqlite bootstrap failures.

After Line 38 opens the DB, failures on Lines 48–67 return early without db.Close(). Repeated failed startups can leak file descriptors/locks.

🔧 Suggested patch

 func (app *BootstrapApp) setupSQLite(databasePath string) (repository.Store, error) {
@@
 	db, err := sql.Open("sqlite", databasePath)
 
 	if err != nil {
 		return nil, fmt.Errorf("failed to open database: %w", err)
 	}
+	closeOnErr := func(err error) (repository.Store, error) {
+		_ = db.Close()
+		return nil, err
+	}
@@
 	migrations, err := iofs.New(assets.Migrations, "migrations/sqlite")
 
 	if err != nil {
-		return nil, fmt.Errorf("failed to create migrations: %w", err)
+		return closeOnErr(fmt.Errorf("failed to create migrations: %w", err))
 	}
@@
 	target, err := sqlite3.WithInstance(db, &sqlite3.Config{})
 
 	if err != nil {
-		return nil, fmt.Errorf("failed to create sqlite3 instance: %w", err)
+		return closeOnErr(fmt.Errorf("failed to create sqlite3 instance: %w", err))
 	}
@@
 	migrator, err := migrate.NewWithInstance("iofs", migrations, "sqlite3", target)
 
 	if err != nil {
-		return nil, fmt.Errorf("failed to create migrator: %w", err)
+		return closeOnErr(fmt.Errorf("failed to create migrator: %w", err))
 	}
@@
 	if err := migrator.Up(); err != nil && err != migrate.ErrNoChange {
-		return nil, fmt.Errorf("failed to migrate database: %w", err)
+		return closeOnErr(fmt.Errorf("failed to migrate database: %w", err))
 	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@internal/bootstrap/db_bootstrap.go` around lines 38 - 68, The DB opened by
sql.Open is never closed on subsequent error paths (iofs.New,
sqlite3.WithInstance, migrate.NewWithInstance, migrator.Up), leaking file
descriptors; ensure the DB is closed before every early return after opening
(either call db.Close() immediately before each error return or add a defer that
closes db only on error using a named return or an "opened" flag and clear it on
success), referencing the db variable and the failing expressions iofs.New,
sqlite3.WithInstance, migrate.NewWithInstance, and migrator.Up so all those
error branches are covered.

🧹 Nitpick comments (1)

internal/repository/memory/oidc_queries.go (1)

13-17: 🏗️ Heavy lift

Normalize unique-conflict errors via a shared repository sentinel.

Returning hardcoded SQL-style strings here couples service behavior to backend-specific text. Consider adding a shared repository.ErrConflict (or equivalent) and returning wrapped sentinel errors from all drivers.

♻️ Directional patch (memory side)

-			return repository.OidcCode{}, fmt.Errorf("UNIQUE constraint failed: oidc_codes.sub")
+			return repository.OidcCode{}, fmt.Errorf("%w: oidc_codes.sub", repository.ErrConflict)
@@
-			return repository.OidcToken{}, fmt.Errorf("UNIQUE constraint failed: oidc_tokens.sub")
+			return repository.OidcToken{}, fmt.Errorf("%w: oidc_tokens.sub", repository.ErrConflict)

And define/map the same sentinel in internal/repository/store.go + sqlite wrapper so behavior stays backend-agnostic.

Also applies to: 106-110

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@internal/repository/memory/oidc_queries.go` around lines 13 - 17, Replace the
hardcoded SQL-style UNIQUE error string returned from the in-memory OIDC code
check (the loop over s.oidcCodes in oidc_queries.go that currently returns
fmt.Errorf("UNIQUE constraint failed: oidc_codes.sub")) with the shared
repository sentinel error (e.g., repository.ErrConflict) wrapped or returned
directly; update the Create/Insert OIDC methods that reference s.oidcCodes /
repository.OidcCode to use this sentinel for uniqueness conflicts. Also add or
map the same repository.ErrConflict sentinel in the store abstraction
(internal/repository/store.go) and ensure the sqlite driver wrapper maps its
DB-specific UNIQUE errors to repository.ErrConflict so all backends return the
same sentinel.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@internal/controller/oidc_controller_test.go`:
- Around line 850-853: The test currently creates a shared store via
memory.New() and a shared OIDC service via service.NewOIDCService(...) with
oidcService.Init() before running multiple t.Run subtests, which can cause state
bleed; move the creation and initialization of the memory store and oidcService
into each subtest (or a per-subtest setup helper) so each t.Run gets its own
memory.New() and service.NewOIDCService(...)+oidcService.Init() instance,
ensuring codes/tokens/sessions are isolated and tests are order-independent.

---

Outside diff comments:
In `@internal/bootstrap/db_bootstrap.go`:
- Around line 38-68: The DB opened by sql.Open is never closed on subsequent
error paths (iofs.New, sqlite3.WithInstance, migrate.NewWithInstance,
migrator.Up), leaking file descriptors; ensure the DB is closed before every
early return after opening (either call db.Close() immediately before each error
return or add a defer that closes db only on error using a named return or an
"opened" flag and clear it on success), referencing the db variable and the
failing expressions iofs.New, sqlite3.WithInstance, migrate.NewWithInstance, and
migrator.Up so all those error branches are covered.

---

Nitpick comments:
In `@internal/repository/memory/oidc_queries.go`:
- Around line 13-17: Replace the hardcoded SQL-style UNIQUE error string
returned from the in-memory OIDC code check (the loop over s.oidcCodes in
oidc_queries.go that currently returns fmt.Errorf("UNIQUE constraint failed:
oidc_codes.sub")) with the shared repository sentinel error (e.g.,
repository.ErrConflict) wrapped or returned directly; update the Create/Insert
OIDC methods that reference s.oidcCodes / repository.OidcCode to use this
sentinel for uniqueness conflicts. Also add or map the same
repository.ErrConflict sentinel in the store abstraction
(internal/repository/store.go) and ensure the sqlite driver wrapper maps its
DB-specific UNIQUE errors to repository.ErrConflict so all backends return the
same sentinel.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 421b1e3a-4a34-4570-b12f-b189f5afaa46

📥 Commits

Reviewing files that changed from the base of the PR and between 0244f39 and 04b8e98.

⛔ Files ignored due to path filters (1)

• cmd/gen/sqlc-wrapper/main.go is excluded by !**/gen/**

📒 Files selected for processing (13)

• internal/bootstrap/db_bootstrap.go
• internal/config/config.go
• internal/controller/oidc_controller_test.go
• internal/controller/proxy_controller_test.go
• internal/controller/user_controller_test.go
• internal/controller/well_known_controller_test.go
• internal/repository/memory/oidc_queries.go
• internal/repository/memory/session_queries.go
• internal/repository/memory/store.go
• internal/repository/sqlite/store.go
• internal/repository/store.go
• internal/service/auth_service.go
• internal/service/oidc_service.go

✅ Files skipped from review due to trivial changes (1)

• internal/config/config.go

🚧 Files skipped from review as they are similar to previous changes (2)

• internal/service/auth_service.go
• internal/repository/sqlite/store.go

[codecov]

Codecov Report

❌ Patch coverage is 33.49593% with 409 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
gen/sqlc-wrapper/sqlc_wrapper.go	0.00%	260 Missing ⚠️
internal/repository/sqlite/store.go	0.00%	114 Missing ⚠️
internal/bootstrap/db_bootstrap.go	0.00%	19 Missing ⚠️
internal/service/oidc_service.go	0.00%	9 Missing ⚠️
internal/bootstrap/app_bootstrap.go	0.00%	4 Missing ⚠️
internal/model/config.go	0.00%	2 Missing ⚠️
internal/service/auth_service.go	0.00%	1 Missing ⚠️

📢 Thoughts on this report? Let us know!

[scottmckendry]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

internal/middleware/context_middleware_test.go (1)

273-313: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Avoid sharing one in-memory store across all subtests.

Using a single memory.New() instance for the whole suite allows session data to leak across test cases, which can make tests order-dependent over time.

Suggested isolation pattern

- store := memory.New()
-
- ldap := service.NewLdapService(service.LdapServiceConfig{})
- err := ldap.Init()
- require.NoError(t, err)
-
- broker := service.NewOAuthBrokerService(oauthBrokerCfgs)
- err = broker.Init()
- require.NoError(t, err)
-
- authService := service.NewAuthService(authServiceCfg, ldap, store, broker)
- err = authService.Init()
- require.NoError(t, err)
-
- contextMiddleware := middleware.NewContextMiddleware(middlewareCfg, authService, broker)
- err = contextMiddleware.Init()
- require.NoError(t, err)
-
 for _, test := range tests {
-	authService.ClearRateLimitsTestingOnly()
 	t.Run(test.description, func(t *testing.T) {
+		store := memory.New()
+		ldap := service.NewLdapService(service.LdapServiceConfig{})
+		require.NoError(t, ldap.Init())
+		broker := service.NewOAuthBrokerService(oauthBrokerCfgs)
+		require.NoError(t, broker.Init())
+		authService := service.NewAuthService(authServiceCfg, ldap, store, broker)
+		require.NoError(t, authService.Init())
+		contextMiddleware := middleware.NewContextMiddleware(middlewareCfg, authService, broker)
+		require.NoError(t, contextMiddleware.Init())
+		authService.ClearRateLimitsTestingOnly()
+
 		gin.SetMode(gin.TestMode)
 		...
 		test.run(t, runArgs{do: do, queries: store})
 	})
 }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/middleware/context_middleware_test.go` around lines 273 - 313, Tests
currently share a single in-memory store (memory.New()) across all subtests
which allows session data to leak; to fix, create a fresh store per subtest and
re-initialize the services that depend on it: move the memory.New() call into
the t.Run loop and recreate the auth service and context middleware there (use
service.NewAuthService(...) and middleware.NewContextMiddleware(...), then call
Init() and require.NoError for each), while keeping reusable services like
ldap/broker outside if desired; ensure authService.ClearRateLimitsTestingOnly()
still operates on the per-test instance.

🧹 Nitpick comments (1)

internal/service/auth_service.go (1)

423-425: ⚡ Quick win

Preserve the not-found sentinel when remapping the error.

Returning errors.New("session not found") drops type information and prevents upstream errors.Is(..., repository.ErrNotFound) checks.

Proposed adjustment

 	if err != nil {
 		if errors.Is(err, repository.ErrNotFound) {
-			return nil, errors.New("session not found")
+			return nil, fmt.Errorf("session not found: %w", repository.ErrNotFound)
 		}
 		return nil, err
 	}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/service/auth_service.go` around lines 423 - 425, The current
remapping returns a new error via errors.New("session not found") which drops
the sentinel; instead wrap the original not-found error so upstream
errors.Is(..., repository.ErrNotFound) still matches. Replace the return in the
errors.Is(err, repository.ErrNotFound) branch to return a wrapped error that
includes context and the original error (use fmt.Errorf with %w or
errors.Wrap-style wrapping) so repository.ErrNotFound is preserved when checking
later.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@internal/middleware/context_middleware_test.go`:
- Around line 273-313: Tests currently share a single in-memory store
(memory.New()) across all subtests which allows session data to leak; to fix,
create a fresh store per subtest and re-initialize the services that depend on
it: move the memory.New() call into the t.Run loop and recreate the auth service
and context middleware there (use service.NewAuthService(...) and
middleware.NewContextMiddleware(...), then call Init() and require.NoError for
each), while keeping reusable services like ldap/broker outside if desired;
ensure authService.ClearRateLimitsTestingOnly() still operates on the per-test
instance.

---

Nitpick comments:
In `@internal/service/auth_service.go`:
- Around line 423-425: The current remapping returns a new error via
errors.New("session not found") which drops the sentinel; instead wrap the
original not-found error so upstream errors.Is(..., repository.ErrNotFound)
still matches. Replace the return in the errors.Is(err, repository.ErrNotFound)
branch to return a wrapped error that includes context and the original error
(use fmt.Errorf with %w or errors.Wrap-style wrapping) so repository.ErrNotFound
is preserved when checking later.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 8d40c9d4-416c-4970-aef0-32255fea7eaa

📥 Commits

Reviewing files that changed from the base of the PR and between 0244f39 and db911a4.

⛔ Files ignored due to path filters (2)

• cmd/gen/sqlc-wrapper/sqlc_wrapper.go is excluded by !**/gen/**
• cmd/gen/sqlc-wrapper/store.tmpl is excluded by !**/gen/**

📒 Files selected for processing (49)

• .github/workflows/ci.yml
• Makefile
• go.mod
• internal/assets/assets.go
• internal/assets/migrations/sqlite/000001_init_sqlite.down.sql
• internal/assets/migrations/sqlite/000001_init_sqlite.up.sql
• internal/assets/migrations/sqlite/000002_oauth_name.down.sql
• internal/assets/migrations/sqlite/000002_oauth_name.up.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.down.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.up.sql
• internal/assets/migrations/sqlite/000004_created_at.down.sql
• internal/assets/migrations/sqlite/000004_created_at.up.sql
• internal/assets/migrations/sqlite/000005_oidc_session.down.sql
• internal/assets/migrations/sqlite/000005_oidc_session.up.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.down.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.up.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.down.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.up.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.down.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.up.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.down.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.up.sql
• internal/bootstrap/app_bootstrap.go
• internal/bootstrap/db_bootstrap.go
• internal/bootstrap/service_bootstrap.go
• internal/controller/oidc_controller_test.go
• internal/controller/proxy_controller_test.go
• internal/controller/user_controller_test.go
• internal/controller/well_known_controller_test.go
• internal/middleware/context_middleware_test.go
• internal/model/config.go
• internal/repository/memory/oidc_queries.go
• internal/repository/memory/session_queries.go
• internal/repository/memory/store.go
• internal/repository/models.go
• internal/repository/sqlite/db.go
• internal/repository/sqlite/generate.go
• internal/repository/sqlite/models.go
• internal/repository/sqlite/oidc_queries.sql.go
• internal/repository/sqlite/session_queries.sql.go
• internal/repository/sqlite/store.go
• internal/repository/store.go
• internal/service/auth_service.go
• internal/service/oidc_service.go
• sql/sqlite/oidc_queries.sql
• sql/sqlite/oidc_schemas.sql
• sql/sqlite/session_queries.sql
• sql/sqlite/session_schemas.sql
• sqlc.yml

✅ Files skipped from review due to trivial changes (3)

• internal/repository/sqlite/generate.go
• sqlc.yml
• internal/repository/sqlite/models.go

🚧 Files skipped from review as they are similar to previous changes (20)

• internal/repository/sqlite/db.go
• internal/repository/sqlite/oidc_queries.sql.go
• internal/assets/assets.go
• internal/repository/sqlite/session_queries.sql.go
• internal/bootstrap/db_bootstrap.go
• go.mod
• .github/workflows/ci.yml
• internal/repository/memory/session_queries.go
• internal/repository/memory/store.go
• internal/bootstrap/service_bootstrap.go
• internal/controller/well_known_controller_test.go
• internal/repository/store.go
• internal/service/oidc_service.go
• internal/repository/sqlite/store.go
• internal/controller/proxy_controller_test.go
• internal/controller/user_controller_test.go
• internal/bootstrap/app_bootstrap.go
• internal/controller/oidc_controller_test.go
• internal/repository/memory/oidc_queries.go
• internal/repository/models.go

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

internal/bootstrap/app_bootstrap.go (1)

173-177: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Nil pointer dereference when using in-memory store.

The defer unconditionally calls app.db.Close() on line 176, but app.db will be nil when the in-memory driver is selected via SetupStore(). This will cause a runtime panic during cleanup.

🛡️ Proposed fix to guard the Close call

 defer func() {
 	app.cancel()
 	app.wg.Wait()
-	app.db.Close()
+	if app.db != nil {
+		app.db.Close()
+	}
 }()

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/bootstrap/app_bootstrap.go` around lines 173 - 177, The deferred
cleanup unconditionally calls app.db.Close(), which panics when SetupStore
selected the in-memory driver and app.db is nil; change the defer to guard the
Close call (check that app.db != nil before calling app.db.Close()) so the
cleanup sequence via app.cancel(), app.wg.Wait(), and conditional app.db.Close()
runs safely when the in-memory store is used.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@internal/bootstrap/app_bootstrap.go`:
- Around line 173-177: The deferred cleanup unconditionally calls
app.db.Close(), which panics when SetupStore selected the in-memory driver and
app.db is nil; change the defer to guard the Close call (check that app.db !=
nil before calling app.db.Close()) so the cleanup sequence via app.cancel(),
app.wg.Wait(), and conditional app.db.Close() runs safely when the in-memory
store is used.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: ff832682-3b4e-4481-8567-db4250b6c779

📥 Commits

Reviewing files that changed from the base of the PR and between db911a4 and 2c03874.

⛔ Files ignored due to path filters (2)

• gen/sqlc-wrapper/sqlc_wrapper.go is excluded by !**/gen/**
• gen/sqlc-wrapper/store.tmpl is excluded by !**/gen/**

📒 Files selected for processing (50)

• .github/workflows/ci.yml
• Makefile
• docker-compose.dev.yml
• go.mod
• internal/assets/assets.go
• internal/assets/migrations/sqlite/000001_init_sqlite.down.sql
• internal/assets/migrations/sqlite/000001_init_sqlite.up.sql
• internal/assets/migrations/sqlite/000002_oauth_name.down.sql
• internal/assets/migrations/sqlite/000002_oauth_name.up.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.down.sql
• internal/assets/migrations/sqlite/000003_oauth_sub.up.sql
• internal/assets/migrations/sqlite/000004_created_at.down.sql
• internal/assets/migrations/sqlite/000004_created_at.up.sql
• internal/assets/migrations/sqlite/000005_oidc_session.down.sql
• internal/assets/migrations/sqlite/000005_oidc_session.up.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.down.sql
• internal/assets/migrations/sqlite/000006_oidc_nonce.up.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.down.sql
• internal/assets/migrations/sqlite/000007_oidc_pkce.up.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.down.sql
• internal/assets/migrations/sqlite/000008_oidc_code_reuse.up.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.down.sql
• internal/assets/migrations/sqlite/000009_oidc_userinfo_profile.up.sql
• internal/bootstrap/app_bootstrap.go
• internal/bootstrap/db_bootstrap.go
• internal/controller/oidc_controller_test.go
• internal/controller/proxy_controller_test.go
• internal/controller/user_controller_test.go
• internal/controller/well_known_controller_test.go
• internal/middleware/context_middleware_test.go
• internal/model/config.go
• internal/repository/memory/memory_test.go
• internal/repository/memory/oidc_queries.go
• internal/repository/memory/session_queries.go
• internal/repository/memory/store.go
• internal/repository/models.go
• internal/repository/sqlite/db.go
• internal/repository/sqlite/generate.go
• internal/repository/sqlite/models.go
• internal/repository/sqlite/oidc_queries.sql.go
• internal/repository/sqlite/session_queries.sql.go
• internal/repository/sqlite/store.go
• internal/repository/store.go
• internal/service/auth_service.go
• internal/service/oidc_service.go
• sql/sqlite/oidc_queries.sql
• sql/sqlite/oidc_schemas.sql
• sql/sqlite/session_queries.sql
• sql/sqlite/session_schemas.sql
• sqlc.yml

✅ Files skipped from review due to trivial changes (4)

• docker-compose.dev.yml
• internal/repository/sqlite/generate.go
• internal/repository/sqlite/models.go
• internal/repository/sqlite/store.go

🚧 Files skipped from review as they are similar to previous changes (19)

• .github/workflows/ci.yml
• internal/repository/sqlite/oidc_queries.sql.go
• go.mod
• internal/repository/memory/store.go
• internal/assets/assets.go
• internal/middleware/context_middleware_test.go
• Makefile
• sqlc.yml
• internal/bootstrap/db_bootstrap.go
• internal/controller/oidc_controller_test.go
• internal/repository/memory/session_queries.go
• internal/model/config.go
• internal/repository/sqlite/session_queries.sql.go
• internal/repository/models.go
• internal/controller/user_controller_test.go
• internal/repository/store.go
• internal/service/auth_service.go
• internal/service/oidc_service.go
• internal/repository/memory/oidc_queries.go

[steveiliop56]

Is it possible to do:

func mapErr(err error) error {
	merr, ok := errorMap[err]
    if ok { return merr }
    return err
}

Or are we limited by the "dynamic" nature of the errors (each time errors.New returns a slightly different error)?

[steveiliop56]

Why would the db be nil here? This defer is defined after the db is initialized.

[steveiliop56]

Would it make sense to test the memory driver in the same why as we test services and controllers?