skybridge/cmd/server/main.go

package main

import (
	"context"
	"log"
	"net/http"
	"os"
	"os/signal"
	"syscall"
	"time"

	"github.com/gin-gonic/gin"
	"go.uber.org/zap"

	"github.com/kms/api-key-service/internal/config"
	"github.com/kms/api-key-service/internal/database"
	"github.com/kms/api-key-service/internal/handlers"
	"github.com/kms/api-key-service/internal/middleware"
	"github.com/kms/api-key-service/internal/repository/postgres"
	"github.com/kms/api-key-service/internal/services"
)

func main() {
	// Initialize configuration
	cfg := config.NewConfig()
	if err := cfg.Validate(); err != nil {
		log.Fatal("Configuration validation failed:", err)
	}

	// Initialize logger
	logger := initLogger(cfg)
	defer logger.Sync()

	logger.Info("Starting API Key Management Service",
		zap.String("version", cfg.GetString("APP_VERSION")),
		zap.String("environment", cfg.GetString("APP_ENV")),
	)

	// Initialize database
	db, err := database.NewPostgresProvider(
		cfg.GetDatabaseDSN(),
		cfg.GetInt("DB_MAX_OPEN_CONNS"),
		cfg.GetInt("DB_MAX_IDLE_CONNS"),
		cfg.GetString("DB_CONN_MAX_LIFETIME"),
	)
	if err != nil {
		logger.Fatal("Failed to initialize database", zap.Error(err))
	}

	// Run database migrations
	logger.Info("Running database migrations")
	if err := db.Migrate(context.Background(), cfg.GetString("MIGRATION_PATH")); err != nil {
		logger.Fatal("Failed to run migrations", zap.Error(err))
	}

	// Initialize repositories
	appRepo := postgres.NewApplicationRepository(db)
	tokenRepo := postgres.NewStaticTokenRepository(db)
	permRepo := postgres.NewPermissionRepository(db)
	grantRepo := postgres.NewGrantedPermissionRepository(db)

	// Initialize services
	appService := services.NewApplicationService(appRepo, logger)
	tokenService := services.NewTokenService(tokenRepo, appRepo, permRepo, grantRepo, logger)
	authService := services.NewAuthenticationService(cfg, logger)

	// Initialize handlers
	healthHandler := handlers.NewHealthHandler(db, logger)
	appHandler := handlers.NewApplicationHandler(appService, authService, logger)
	tokenHandler := handlers.NewTokenHandler(tokenService, authService, logger)
	authHandler := handlers.NewAuthHandler(authService, tokenService, logger)

	// Set up router
	router := setupRouter(cfg, logger, healthHandler, appHandler, tokenHandler, authHandler)

	// Create HTTP server
	srv := &http.Server{
		Addr:         cfg.GetServerAddress(),
		Handler:      router,
		ReadTimeout:  cfg.GetDuration("SERVER_READ_TIMEOUT"),
		WriteTimeout: cfg.GetDuration("SERVER_WRITE_TIMEOUT"),
		IdleTimeout:  cfg.GetDuration("SERVER_IDLE_TIMEOUT"),
	}

	// Initialize bootstrap data
	logger.Info("Initializing bootstrap data")
	if err := initializeBootstrapData(context.Background(), appService, tokenService, cfg, logger); err != nil {
		logger.Fatal("Failed to initialize bootstrap data", zap.Error(err))
	}

	// Start server in goroutine
	go func() {
		logger.Info("Starting HTTP server", zap.String("address", srv.Addr))
		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
			logger.Fatal("Failed to start server", zap.Error(err))
		}
	}()

	// Start metrics server if enabled
	var metricsSrv *http.Server
	if cfg.GetBool("METRICS_ENABLED") {
		metricsSrv = startMetricsServer(cfg, logger)
	}

	// Wait for interrupt signal to gracefully shutdown the server
	quit := make(chan os.Signal, 1)
	signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
	<-quit

	logger.Info("Shutting down server...")

	// Give outstanding requests time to complete
	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	// Shutdown main server
	if err := srv.Shutdown(ctx); err != nil {
		logger.Error("Server forced to shutdown", zap.Error(err))
	}

	// Shutdown metrics server
	if metricsSrv != nil {
		if err := metricsSrv.Shutdown(ctx); err != nil {
			logger.Error("Metrics server forced to shutdown", zap.Error(err))
		}
	}

	logger.Info("Server exited")
}

func initLogger(cfg config.ConfigProvider) *zap.Logger {
	var logger *zap.Logger
	var err error

	if cfg.IsProduction() {
		logger, err = zap.NewProduction()
	} else {
		logger, err = zap.NewDevelopment()
	}

	if err != nil {
		log.Fatal("Failed to initialize logger:", err)
	}

	return logger
}

func setupRouter(cfg config.ConfigProvider, logger *zap.Logger, healthHandler *handlers.HealthHandler, appHandler *handlers.ApplicationHandler, tokenHandler *handlers.TokenHandler, authHandler *handlers.AuthHandler) *gin.Engine {
	// Set Gin mode based on environment
	if cfg.IsProduction() {
		gin.SetMode(gin.ReleaseMode)
	}

	router := gin.New()

	// Add middleware
	router.Use(middleware.Logger(logger))
	router.Use(middleware.Recovery(logger))
	router.Use(middleware.CORS())
	router.Use(middleware.Security())
	router.Use(middleware.ValidateContentType())

	if cfg.GetBool("RATE_LIMIT_ENABLED") {
		router.Use(middleware.RateLimit(cfg.GetInt("RATE_LIMIT_RPS"), cfg.GetInt("RATE_LIMIT_BURST")))
	}

	// Health check endpoint (no authentication required)
	router.GET("/health", healthHandler.Health)
	router.GET("/ready", healthHandler.Ready)

	// API routes
	api := router.Group("/api")
	{
		// Authentication endpoints (no prior auth required)
		api.POST("/login", authHandler.Login)
		api.POST("/verify", authHandler.Verify)
		api.POST("/renew", authHandler.Renew)

		// Protected routes (require authentication)
		protected := api.Group("/")
		protected.Use(middleware.Authentication(cfg, logger))
		{
			// Application management
			protected.GET("/applications", appHandler.List)
			protected.POST("/applications", appHandler.Create)
			protected.GET("/applications/:id", appHandler.GetByID)
			protected.PUT("/applications/:id", appHandler.Update)
			protected.DELETE("/applications/:id", appHandler.Delete)

			// Token management
			protected.GET("/applications/:id/tokens", tokenHandler.ListByApp)
			protected.POST("/applications/:id/tokens", tokenHandler.Create)
			protected.DELETE("/tokens/:id", tokenHandler.Delete)

			// Documentation endpoint
			protected.GET("/docs", func(c *gin.Context) {
				c.JSON(http.StatusOK, gin.H{
					"service": "API Key Management Service",
					"version": cfg.GetString("APP_VERSION"),
					"documentation": "See README.md and docs/ directory",
					"endpoints": map[string]interface{}{
						"authentication": []string{
							"POST /api/login",
							"POST /api/verify",
							"POST /api/renew",
						},
						"applications": []string{
							"GET /api/applications",
							"POST /api/applications",
							"GET /api/applications/:id",
							"PUT /api/applications/:id",
							"DELETE /api/applications/:id",
						},
						"tokens": []string{
							"GET /api/applications/:id/tokens",
							"POST /api/applications/:id/tokens",
							"DELETE /api/tokens/:id",
						},
					},
				})
			})
		}
	}

	return router
}

func startMetricsServer(cfg config.ConfigProvider, logger *zap.Logger) *http.Server {
	metricsRouter := gin.New()
	metricsRouter.Use(middleware.Logger(logger))
	metricsRouter.Use(middleware.Recovery(logger))

	// Basic metrics endpoint
	metricsRouter.GET("/metrics", func(c *gin.Context) {
		c.String(http.StatusOK, "# HELP api_key_service_info Information about the API Key Service\n# TYPE api_key_service_info gauge\napi_key_service_info{version=\"%s\"} 1\n", cfg.GetString("APP_VERSION"))
	})

	srv := &http.Server{
		Addr:    cfg.GetMetricsAddress(),
		Handler: metricsRouter,
	}

	go func() {
		logger.Info("Starting metrics server", zap.String("address", srv.Addr))
		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
			logger.Error("Failed to start metrics server", zap.Error(err))
		}
	}()

	return srv
}

func initializeBootstrapData(ctx context.Context, appService services.ApplicationService, tokenService services.TokenService, cfg config.ConfigProvider, logger *zap.Logger) error {
	// Check if internal application already exists
	internalAppID := cfg.GetString("INTERNAL_APP_ID")
	_, err := appService.GetByID(ctx, internalAppID)
	if err == nil {
		logger.Info("Internal application already exists, skipping bootstrap")
		return nil
	}

	logger.Info("Creating internal application for bootstrap", zap.String("app_id", internalAppID))

	// This will be implemented when we create the services
	// For now, we'll just log that we need to do this
	logger.Warn("Bootstrap data initialization not yet implemented - will be added when services are ready")

	return nil
}