···
"Coves/internal/api/handlers/oauth"
"Coves/internal/api/middleware"
"Coves/internal/api/routes"
7
-
"Coves/internal/atproto/did"
"Coves/internal/atproto/identity"
"Coves/internal/atproto/jetstream"
"Coves/internal/core/communities"
···
r.Use(rateLimiter.Middleware)
// Initialize identity resolver
85
+
// IMPORTANT: In dev mode, identity resolution MUST use the same local PLC
86
+
// directory as DID registration to ensure E2E tests work without hitting
87
+
// the production plc.directory
identityConfig := identity.DefaultConfig()
87
-
// Override from environment if set
88
-
if plcURL := os.Getenv("IDENTITY_PLC_URL"); plcURL != "" {
89
-
identityConfig.PLCURL = plcURL
90
+
isDevEnv := os.Getenv("IS_DEV_ENV") == "true"
91
+
plcDirectoryURL := os.Getenv("PLC_DIRECTORY_URL")
92
+
if plcDirectoryURL == "" {
93
+
plcDirectoryURL = "https://plc.directory" // Default to production PLC
96
+
// In dev mode, use PLC_DIRECTORY_URL for identity resolution
97
+
// In prod mode, use IDENTITY_PLC_URL if set, otherwise PLC_DIRECTORY_URL
99
+
identityConfig.PLCURL = plcDirectoryURL
100
+
log.Printf("🧪 DEV MODE: Identity resolver will use local PLC: %s", plcDirectoryURL)
102
+
// Production: Allow separate IDENTITY_PLC_URL for read operations
103
+
if identityPLCURL := os.Getenv("IDENTITY_PLC_URL"); identityPLCURL != "" {
104
+
identityConfig.PLCURL = identityPLCURL
106
+
identityConfig.PLCURL = plcDirectoryURL
108
+
log.Printf("✅ PRODUCTION MODE: Identity resolver using PLC: %s", identityConfig.PLCURL)
if cacheTTL := os.Getenv("IDENTITY_CACHE_TTL"); cacheTTL != "" {
if duration, parseErr := time.ParseDuration(cacheTTL); parseErr == nil {
identityConfig.CacheTTL = duration
···
identityResolver := identity.NewResolver(db, identityConfig)
98
-
log.Println("Identity resolver initialized with PLC:", identityConfig.PLCURL)
// Initialize OAuth session store
sessionStore := oauthCore.NewPostgresSessionStore(db)
···
communityRepo := postgresRepo.NewCommunityRepository(db)
110
-
// Initialize DID generator for communities
111
-
// IS_DEV_ENV=true: Generate did:plc:xxx without registering to PLC directory
112
-
// IS_DEV_ENV=false: Generate did:plc:xxx and register with PLC_DIRECTORY_URL
113
-
isDevEnv := os.Getenv("IS_DEV_ENV") == "true"
114
-
plcDirectoryURL := os.Getenv("PLC_DIRECTORY_URL")
115
-
if plcDirectoryURL == "" {
116
-
plcDirectoryURL = "https://plc.directory" // Default to Bluesky's PLC
118
-
didGenerator := did.NewGenerator(isDevEnv, plcDirectoryURL)
119
-
log.Printf("DID generator initialized (dev_mode=%v, plc_url=%s)", isDevEnv, plcDirectoryURL)
129
+
// V2.0: PDS-managed DID generation
130
+
// Community DIDs and keys are generated entirely by the PDS
131
+
// No Coves-side DID generator needed (reserved for future V2.1 hybrid approach)
instanceDID := os.Getenv("INSTANCE_DID")
···
log.Printf("Instance domain: %s (extracted from DID: %s)", instanceDomain, instanceDID)
151
-
// V2: Initialize PDS account provisioner for communities
152
-
provisioner := communities.NewPDSAccountProvisioner(userService, instanceDomain, defaultPDS)
163
+
// V2.0: Initialize PDS account provisioner for communities (simplified)
164
+
// PDS handles all DID and key generation - no Coves-side cryptography needed
165
+
provisioner := communities.NewPDSAccountProvisioner(instanceDomain, defaultPDS)
166
+
log.Printf("✅ Community provisioner initialized (PDS-managed keys)")
167
+
log.Printf(" - Communities will be created at: %s", defaultPDS)
168
+
log.Printf(" - PDS will generate and manage all DIDs and keys")
154
-
communityService := communities.NewCommunityService(communityRepo, didGenerator, defaultPDS, instanceDID, instanceDomain, provisioner)
170
+
// Initialize community service (no longer needs didGenerator directly)
171
+
communityService := communities.NewCommunityService(communityRepo, defaultPDS, instanceDID, instanceDomain, provisioner)
// Authenticate Coves instance with PDS to enable community record writes
// The instance needs a PDS account to write community records it owns
bretton.dev