Address code review feedback

- Use NewBearerAuthorizer constructor instead of manual initialization
- Remove unused CreateOAuth2Config helper function
- Remove unnecessary sleep calls from tests (faster and more reliable)
- Remove unused oauth2 import

Co-authored-by: rchincha <45800463+rchincha@users.noreply.github.com>

pkg/api/authn.go

@@ -498,11 +498,11 @@ func bearerAuthHandler(ctlr *Controller) mux.MiddlewareFunc {
 			ctlr.Log.Panic().Err(err).Msg("failed to load public key for bearer authentication")
 		}
 
-		traditionalAuthorizer = &BearerAuthorizer{
-			realm:   authConfig.Bearer.Realm,
-			service: authConfig.Bearer.Service,
-			key:     publicKey,
-		}
+		traditionalAuthorizer = NewBearerAuthorizer(
+			authConfig.Bearer.Realm,
+			authConfig.Bearer.Service,
+			publicKey,
+		)
 	}
 
 	// OIDC bearer auth for workload identity

pkg/api/bearer_oidc.go

@@ -7,7 +7,6 @@ import (
 	"time"
 
 	"github.com/coreos/go-oidc/v3/oidc"
-	"golang.org/x/oauth2"
 
 	zerr "zotregistry.dev/zot/v2/errors"
 	"zotregistry.dev/zot/v2/pkg/api/config"
@@ -200,21 +199,3 @@ func (a *OIDCBearerAuthorizer) AuthenticateRequest(ctx context.Context, authHead
 
 	return username, groups, true, nil
 }
-
-// CreateOAuth2Config creates an oauth2.Config for use with the OIDC provider.
-// This is a helper method for testing purposes.
-func CreateOAuth2Config(issuer string, clientID string, clientSecret string, redirectURL string, scopes []string) (*oauth2.Config, error) {
-	ctx := context.Background()
-	provider, err := oidc.NewProvider(ctx, issuer)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create OIDC provider: %w", err)
-	}
-
-	return &oauth2.Config{
-		ClientID:     clientID,
-		ClientSecret: clientSecret,
-		RedirectURL:  redirectURL,
-		Endpoint:     provider.Endpoint(),
-		Scopes:       scopes,
-	}, nil
-}

pkg/api/bearer_oidc_test.go

@@ -164,9 +164,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				// Give the server time to be ready
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, subject)
@@ -183,8 +180,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, extractedGroups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, subject)
@@ -198,8 +193,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldNotBeNil)
 				So(username, ShouldEqual, "")
@@ -225,8 +218,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + tokenString
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldNotBeNil)
 				So(username, ShouldEqual, "")
@@ -259,8 +250,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, customUsername)
@@ -274,8 +263,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, subject)
@@ -302,8 +289,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, subject)
@@ -317,8 +302,6 @@ func TestOIDCBearerAuthorizer(t *testing.T) {
 
 				authHeader := "Bearer " + token
 
-				time.Sleep(100 * time.Millisecond)
-
 				username, groups, err := authorizer.Authenticate(ctx, authHeader)
 				So(err, ShouldBeNil)
 				So(username, ShouldEqual, subject)