From dc73b7adf25529490ea390ff1fb2bbbad8cbd4f1 Mon Sep 17 00:00:00 2001
From: Valery Piashchynski <piashchynski.valery@gmail.com>
Date: Mon, 19 Jun 2023 20:48:16 +0200
Subject: [PATCH] chore: small CORS refactoring

Signed-off-by: Valery Piashchynski <piashchynski.valery@gmail.com>
---
 .github/workflows/linters.yml |  4 ++--
 .golangci.yml                 |  1 -
 config.go                     | 10 +++-------
 plugin.go                     | 29 ++++++++++++++---------------
 4 files changed, 19 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index c96264d..79294b8 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -13,11 +13,11 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4 # action page: <https://github.com/actions/setup-go>
         with:
-          go-version: 1.19
+          go-version: stable
 
       - name: Run linter
         uses: golangci/golangci-lint-action@v3.6.0 # Action page: <https://github.com/golangci/golangci-lint-action>
         with:
-          version: v1.50 # without patch version
+          version: v1.53 # without patch version
           only-new-issues: false # show only new issues if it's a pull request
           args: --timeout=10m --build-tags=race
diff --git a/.golangci.yml b/.golangci.yml
index 7e26a5d..8dbbc2b 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -44,7 +44,6 @@ linters: # All available linters list: <https://golangci-lint.run/usage/linters/
   enable:
     - asciicheck # Simple linter to check that your code does not contain non-ASCII identifiers
     - bodyclose # Checks whether HTTP response body is closed successfully
-    - depguard # Go linter that checks if package imports are in a list of acceptable packages
     - dogsled # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
     - dupl # Tool for code clone detection
     - errcheck # Errcheck is a program for checking for unchecked errors in go programs. These unchecked errors can be critical bugs in some cases
diff --git a/config.go b/config.go
index 6be064a..39705f1 100644
--- a/config.go
+++ b/config.go
@@ -16,22 +16,18 @@ type Config struct {
 type CORSConfig struct {
 	// AllowedOrigin: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
 	AllowedOrigin string `mapstructure:"allowed_origin"`
-
 	// AllowedHeaders: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
 	AllowedHeaders string `mapstructure:"allowed_headers"`
-
 	// AllowedMethods: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
 	AllowedMethods string `mapstructure:"allowed_methods"`
-
 	// AllowCredentials https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
-	AllowCredentials *bool `mapstructure:"allow_credentials"`
-
+	AllowCredentials bool `mapstructure:"allow_credentials"`
 	// ExposeHeaders:  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
 	ExposedHeaders string `mapstructure:"exposed_headers"`
-
 	// MaxAge of CORS headers in seconds/
 	MaxAge int `mapstructure:"max_age"`
-
 	// Status code to use for successful OPTIONS requests. Default value is http.StatusOK (200).
 	OptionsSuccessStatus int `mapstructure:"options_success_status"`
+	// Debug CORS requests
+	Debug bool `mapstructure:"debug"`
 }
diff --git a/plugin.go b/plugin.go
index f0d4677..38dae5d 100644
--- a/plugin.go
+++ b/plugin.go
@@ -31,11 +31,9 @@ type Configurer interface {
 // Plugin serves headers files. Potentially convert into middleware?
 type Plugin struct {
 	// server configuration (location, forbidden files and etc)
-	cfg *Config
-
+	cfg  *Config
 	prop propagation.TextMapPropagator
-
-	cors *cors.Options
+	cors *cors.Cors
 }
 
 // Init must return configure service and return true if service hasStatus enabled. Must return error in case of
@@ -60,38 +58,39 @@ func (p *Plugin) Init(cfg Configurer) error {
 
 	// Configure CORS options
 	if p.cfg.CORS != nil {
-		p.cors = &cors.Options{
+		opts := cors.Options{
 			// Keep BC with previous implementation
 			OptionsSuccessStatus: http.StatusOK,
+			Debug:                p.cfg.CORS.Debug,
 		}
 
 		if p.cfg.CORS.AllowedOrigin != "" {
-			p.cors.AllowedOrigins = strings.Split(p.cfg.CORS.AllowedOrigin, ",")
+			opts.AllowedOrigins = strings.Split(p.cfg.CORS.AllowedOrigin, ",")
 		}
 
 		if p.cfg.CORS.AllowedMethods != "" {
-			p.cors.AllowedMethods = strings.Split(p.cfg.CORS.AllowedMethods, ",")
+			opts.AllowedMethods = strings.Split(p.cfg.CORS.AllowedMethods, ",")
 		}
 
 		if p.cfg.CORS.AllowedHeaders != "" {
-			p.cors.AllowedHeaders = strings.Split(p.cfg.CORS.AllowedHeaders, ",")
+			opts.AllowedHeaders = strings.Split(p.cfg.CORS.AllowedHeaders, ",")
 		}
 
 		if p.cfg.CORS.ExposedHeaders != "" {
-			p.cors.ExposedHeaders = strings.Split(p.cfg.CORS.ExposedHeaders, ",")
+			opts.ExposedHeaders = strings.Split(p.cfg.CORS.ExposedHeaders, ",")
 		}
 
 		if p.cfg.CORS.MaxAge > 0 {
-			p.cors.MaxAge = p.cfg.CORS.MaxAge
+			opts.MaxAge = p.cfg.CORS.MaxAge
 		}
 
-		if p.cfg.CORS.AllowCredentials != nil {
-			p.cors.AllowCredentials = *p.cfg.CORS.AllowCredentials
-		}
+		opts.AllowCredentials = p.cfg.CORS.AllowCredentials
 
 		if p.cfg.CORS.OptionsSuccessStatus != 0 {
-			p.cors.OptionsSuccessStatus = p.cfg.CORS.OptionsSuccessStatus
+			opts.OptionsSuccessStatus = p.cfg.CORS.OptionsSuccessStatus
 		}
+
+		p.cors = cors.New(opts)
 	}
 
 	return nil
@@ -101,7 +100,7 @@ func (p *Plugin) Init(cfg Configurer) error {
 func (p *Plugin) Middleware(next http.Handler) http.Handler {
 	// Configure CORS handler
 	if p.cors != nil {
-		next = cors.New(*p.cors).Handler(next)
+		next = p.cors.Handler(next)
 	}
 
 	// Define the http.HandlerFunc