refactor: split Ory permissions and authentication modules and config

apps/auth/src/app/env/index.ts

@@ -4,7 +4,8 @@ import {
   JWTEnvironmentVariables,
   MongoEnvironmentVariables,
   OryActionEnvironmentVariables,
-  OryEnvironmentVariables,
+  OryHydraEnvironmentVariables,
+  OryKratosEnvironmentVariables,
 } from '@ticketing/microservices/shared/env';
 import { Exclude } from 'class-transformer';
 import { readFileSync } from 'node:fs';
@@ -17,6 +18,11 @@ export type AppConfigService = ConfigService<EnvironmentVariables, true>;
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const pkgPath = join(__dirname, '..', '..', '..', '..', '..', 'package.json');
 
+class OryEnvironmentVariables extends Mixin(
+  OryHydraEnvironmentVariables,
+  OryKratosEnvironmentVariables,
+) {}
+
 export class EnvironmentVariables extends Mixin(
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,

apps/auth/src/app/users/users.module.ts

@@ -2,12 +2,12 @@ import { Module } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { JwtModule } from '@nestjs/jwt';
 import { MongooseModule } from '@nestjs/mongoose';
-import { OryModule } from '@ticketing/microservices/ory-client';
+import { OryAuthenticationModule } from '@ticketing/microservices/ory-client';
 import { PassportModule } from '@ticketing/microservices/shared/fastify-passport';
 import { JwtStrategy } from '@ticketing/microservices/shared/guards';
 import { CURRENT_USER_KEY } from '@ticketing/shared/constants';
 
-import { AppConfigService } from '../env';
+import { EnvironmentVariables } from '../env';
 import { User, UserSchema } from './schemas/user.schema';
 import { UsersController } from './users.controller';
 import { UsersService } from './users.service';
@@ -28,7 +28,9 @@ import { UsersService } from './users.service';
       session: true,
     }),
     JwtModule.registerAsync({
-      useFactory: (configService: AppConfigService) => ({
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
         privateKey: configService.get('JWT_PRIVATE_KEY'),
         publicKey: configService.get('JWT_PUBLIC_KEY'),
         signOptions: {
@@ -40,11 +42,17 @@ import { UsersService } from './users.service';
       }),
       inject: [ConfigService],
     }),
-    OryModule.forRootAsync({
+    OryAuthenticationModule.forRootAsync({
       inject: [ConfigService],
-      useFactory: (configService: AppConfigService) => ({
-        accessToken: configService.get('ORY_API_KEY'),
-        basePath: configService.get('ORY_BASE_PATH'),
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        kratosAccessToken: configService.get('ORY_KRATOS_API_KEY'),
+        kratosPublicApiPath: configService.get('ORY_KRATOS_PUBLIC_URL'),
+        kratosAdminApiPath: configService.get('ORY_KRATOS_ADMIN_URL'),
+        hydraAccessToken: configService.get('ORY_HYDRA_API_KEY'),
+        hydraAdminApiPath: configService.get('ORY_HYDRA_ADMIN_URL'),
+        hydraPublicApiPath: configService.get('ORY_HYDRA_PUBLIC_URL'),
       }),
     }),
   ],

apps/auth/src/app/users/users.service.ts

@@ -1,12 +1,5 @@
-import {
-  HttpException,
-  HttpStatus,
-  Inject,
-  Injectable,
-  Logger,
-} from '@nestjs/common';
+import { HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common';
 import { InjectModel } from '@nestjs/mongoose';
-import { OryService } from '@ticketing/microservices/ory-client';
 import { Model } from 'mongoose';
 
 import { User, UserCredentials } from './models';
@@ -19,7 +12,6 @@ export class UsersService {
 
   constructor(
     @InjectModel(UserSchema.name) private userModel: Model<UserDocument>,
-    @Inject(OryService) private readonly oryService: OryService,
   ) {}
 
   /**

apps/orders/src/app/env/index.ts

@@ -3,7 +3,9 @@ import {
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,
   MongoEnvironmentVariables,
-  OryEnvironmentVariables,
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
   RmqEnvironmentVariables,
 } from '@ticketing/microservices/shared/env';
 import { Exclude, Expose } from 'class-transformer';
@@ -18,6 +20,12 @@ export type AppConfigService = ConfigService<EnvironmentVariables, true>;
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const pkgPath = join(__dirname, '..', '..', '..', '..', '..', 'package.json');
 
+class OryEnvironmentVariables extends Mixin(
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
+) {}
+
 export class EnvironmentVariables extends Mixin(
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,

apps/orders/src/app/orders/orders.module.ts

@@ -7,14 +7,17 @@ import {
   Transport,
 } from '@nestjs/microservices';
 import { AmqpClient, AmqpOptions } from '@s1seven/nestjs-tools-amqp-transport';
-import { OryModule } from '@ticketing/microservices/ory-client';
+import {
+  OryAuthenticationModule,
+  OryPermissionsModule,
+} from '@ticketing/microservices/ory-client';
 import { PassportModule } from '@ticketing/microservices/shared/fastify-passport';
 import { GlobalErrorFilter } from '@ticketing/microservices/shared/filters';
 import { JwtStrategy } from '@ticketing/microservices/shared/guards';
 import { getReplyQueueName } from '@ticketing/microservices/shared/rmq';
 import { CURRENT_USER_KEY, Services } from '@ticketing/shared/constants';
 
-import { AppConfigService } from '../env';
+import { AppConfigService, EnvironmentVariables } from '../env';
 import {
   EXPIRATION_CLIENT,
   PAYMENTS_CLIENT,
@@ -103,11 +106,28 @@ const clientFactory = (
         },
       },
     ]),
-    OryModule.forRootAsync({
+    OryAuthenticationModule.forRootAsync({
+      inject: [ConfigService],
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        kratosAccessToken: configService.get('ORY_KRATOS_API_KEY'),
+        kratosPublicApiPath: configService.get('ORY_KRATOS_PUBLIC_URL'),
+        kratosAdminApiPath: configService.get('ORY_KRATOS_ADMIN_URL'),
+
+        hydraAccessToken: configService.get('ORY_HYDRA_API_KEY'),
+        hydraPublicApiPath: configService.get('ORY_HYDRA_PUBLIC_URL'),
+        hydraAdminApiPath: configService.get('ORY_HYDRA_ADMIN_URL'),
+      }),
+    }),
+    OryPermissionsModule.forRootAsync({
       inject: [ConfigService],
-      useFactory: (configService: AppConfigService) => ({
-        basePath: configService.get('ORY_BASE_PATH'),
-        accessToken: configService.get('ORY_API_KEY'),
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        ketoAccessToken: configService.get('ORY_KETO_API_KEY'),
+        ketoPublicApiPath: configService.get('ORY_KETO_PUBLIC_URL'),
+        ketoAdminApiPath: configService.get('ORY_KETO_ADMIN_URL'),
       }),
     }),
   ],

apps/payments/src/app/env/index.ts

@@ -3,7 +3,9 @@ import {
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,
   MongoEnvironmentVariables,
-  OryEnvironmentVariables,
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
   RmqEnvironmentVariables,
   StripeEnvironmentVariables,
 } from '@ticketing/microservices/shared/env';
@@ -18,6 +20,12 @@ export type AppConfigService = ConfigService<EnvironmentVariables, true>;
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const pkgPath = join(__dirname, '..', '..', '..', '..', '..', 'package.json');
 
+class OryEnvironmentVariables extends Mixin(
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
+) {}
+
 export class EnvironmentVariables extends Mixin(
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,

apps/payments/src/app/payments/payments.module.ts

@@ -8,15 +8,18 @@ import {
 } from '@nestjs/microservices';
 import { MongooseModule } from '@nestjs/mongoose';
 import { AmqpClient, AmqpOptions } from '@s1seven/nestjs-tools-amqp-transport';
-import { OryModule } from '@ticketing/microservices/ory-client';
+import {
+  OryAuthenticationModule,
+  OryPermissionsModule,
+} from '@ticketing/microservices/ory-client';
 import { PassportModule } from '@ticketing/microservices/shared/fastify-passport';
 import { GlobalErrorFilter } from '@ticketing/microservices/shared/filters';
 import { JwtStrategy } from '@ticketing/microservices/shared/guards';
 import { getReplyQueueName } from '@ticketing/microservices/shared/rmq';
 import { CURRENT_USER_KEY, Services } from '@ticketing/shared/constants';
 import { updateIfCurrentPlugin } from 'mongoose-update-if-current';
 
-import { AppConfigService } from '../env';
+import { AppConfigService, EnvironmentVariables } from '../env';
 import { Order, OrderSchema } from '../orders/schemas';
 import { ORDERS_CLIENT } from '../shared/constants';
 import { PaymentsController } from './payments.controller';
@@ -86,11 +89,27 @@ const MongooseFeatures = MongooseModule.forFeatureAsync([
         },
       },
     ]),
-    OryModule.forRootAsync({
+    OryAuthenticationModule.forRootAsync({
+      inject: [ConfigService],
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        kratosAccessToken: configService.get('ORY_KRATOS_API_KEY'),
+        kratosPublicApiPath: configService.get('ORY_KRATOS_PUBLIC_URL'),
+        kratosAdminApiPath: configService.get('ORY_KRATOS_ADMIN_URL'),
+        hydraAccessToken: configService.get('ORY_HYDRA_API_KEY'),
+        hydraPublicApiPath: configService.get('ORY_HYDRA_PUBLIC_URL'),
+        hydraAdminApiPath: configService.get('ORY_HYDRA_ADMIN_URL'),
+      }),
+    }),
+    OryPermissionsModule.forRootAsync({
       inject: [ConfigService],
-      useFactory: (configService: AppConfigService) => ({
-        basePath: configService.get('ORY_BASE_PATH'),
-        accessToken: configService.get('ORY_API_KEY'),
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        ketoAccessToken: configService.get('ORY_KETO_API_KEY'),
+        ketoPublicApiPath: configService.get('ORY_KETO_PUBLIC_URL'),
+        ketoAdminApiPath: configService.get('ORY_KETO_ADMIN_URL'),
       }),
     }),
   ],

apps/tickets/src/app/env/index.ts

@@ -3,7 +3,9 @@ import {
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,
   MongoEnvironmentVariables,
-  OryEnvironmentVariables,
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
   RmqEnvironmentVariables,
 } from '@ticketing/microservices/shared/env';
 import { Exclude } from 'class-transformer';
@@ -17,6 +19,12 @@ export type AppConfigService = ConfigService<EnvironmentVariables, true>;
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const pkgPath = join(__dirname, '..', '..', '..', '..', '..', 'package.json');
 
+class OryEnvironmentVariables extends Mixin(
+  OryHydraEnvironmentVariables,
+  OryKetoEnvironmentVariables,
+  OryKratosEnvironmentVariables,
+) {}
+
 export class EnvironmentVariables extends Mixin(
   BaseEnvironmentVariables,
   JWTEnvironmentVariables,

apps/tickets/src/app/tickets/tickets.module.ts

@@ -8,15 +8,18 @@ import {
 } from '@nestjs/microservices';
 import { MongooseModule } from '@nestjs/mongoose';
 import { AmqpClient, AmqpOptions } from '@s1seven/nestjs-tools-amqp-transport';
-import { OryModule } from '@ticketing/microservices/ory-client';
+import {
+  OryAuthenticationModule,
+  OryPermissionsModule,
+} from '@ticketing/microservices/ory-client';
 import { PassportModule } from '@ticketing/microservices/shared/fastify-passport';
 import { GlobalErrorFilter } from '@ticketing/microservices/shared/filters';
 import { JwtStrategy } from '@ticketing/microservices/shared/guards';
 import { getReplyQueueName } from '@ticketing/microservices/shared/rmq';
 import { CURRENT_USER_KEY, Services } from '@ticketing/shared/constants';
 import { updateIfCurrentPlugin } from 'mongoose-update-if-current';
 
-import { AppConfigService } from '../env';
+import { AppConfigService, EnvironmentVariables } from '../env';
 import { ORDERS_CLIENT } from '../shared/constants';
 import { Ticket, TicketSchema } from './schemas/ticket.schema';
 import { TicketsController } from './tickets.controller';
@@ -78,11 +81,27 @@ const OrdersClient = ClientsModule.registerAsync([
       session: true,
     }),
     OrdersClient,
-    OryModule.forRootAsync({
+    OryAuthenticationModule.forRootAsync({
+      inject: [ConfigService],
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        kratosAccessToken: configService.get('ORY_KRATOS_API_KEY'),
+        kratosPublicApiPath: configService.get('ORY_KRATOS_PUBLIC_URL'),
+        kratosAdminApiPath: configService.get('ORY_KRATOS_ADMIN_URL'),
+        hydraAccessToken: configService.get('ORY_HYDRA_API_KEY'),
+        hydraPublicApiPath: configService.get('ORY_HYDRA_PUBLIC_URL'),
+        hydraAdminApiPath: configService.get('ORY_HYDRA_ADMIN_URL'),
+      }),
+    }),
+    OryPermissionsModule.forRootAsync({
       inject: [ConfigService],
-      useFactory: (configService: AppConfigService) => ({
-        basePath: configService.get('ORY_BASE_PATH'),
-        accessToken: configService.get('ORY_API_KEY'),
+      useFactory: (
+        configService: ConfigService<EnvironmentVariables, true>,
+      ) => ({
+        ketoAccessToken: configService.get('ORY_KETO_API_KEY'),
+        ketoPublicApiPath: configService.get('ORY_KETO_PUBLIC_URL'),
+        ketoAdminApiPath: configService.get('ORY_KETO_ADMIN_URL'),
       }),
     }),
   ],

libs/microservices/ory-client/src/index.ts

@@ -1,4 +1,5 @@
 export * from './lib/ory.interfaces';
-export * from './lib/ory.module';
-export * from './lib/ory.service';
+export * from './lib/ory-authentication.module';
+export * from './lib/ory-authentication.service';
+export * from './lib/ory-permissions.module';
 export * from './lib/ory-permissions.service';