2024-01 fixes

go
- fix context functions to use generics
- remove Apple OIDC authentication

hugo
- change links to use ref pointers

web
- fix views/Calendar not using the correct color in picker
- fix views/BudgetTransaction not redrawing correctly

yaml8n
- remove unused translations

.github/workflows/integration.yaml

@@ -48,6 +48,9 @@ jobs:
       - name: Lint Go
         if: steps.setup.outputs.change_go == 'true' || github.ref_name == 'main'
         run: ./m lint-go
+      - name: Lint Hugo
+        if: steps.setup.outputs.change_hugo == 'true' || github.ref_name == 'main'
+        run: ./m lint-hugo
       - name: Lint Shell
         if: steps.setup.outputs.change_shell == 'true' || github.ref_name == 'main'
         run: ./m lint-shell

go.mod

@@ -10,7 +10,6 @@ require (
 	github.com/candiddev/shared v0.0.0-00010101000000-000000000000
 	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/go-chi/chi/v5 v5.0.10
-	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.3.0
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/pquerna/otp v1.4.0

go.sum

@@ -86,8 +86,6 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
-github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
 github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE=

go/config/config.go

@@ -86,11 +86,6 @@ type OAuth struct {
 
 // OIDC contains config options.
 type OIDC struct {
-	AppleClientID string `json:"appleClientID,omitempty"` // AppleClientID is used for web-based sign ins and should have the right URL for the environment
-	AppleKeyID    string `json:"appleKeyID,omitempty"`
-	//nolint:tagliatelle
-	AppleKeyPEMBase64  string `json:"appleKeyPEMBase64,omitempty"` // openssl pkcs8 -nocrypt -in <key>.p8 | base64 -w0
-	AppleTeamID        string `json:"appleTeamID,omitempty"`
 	GoogleClientID     string `json:"googleClientID,omitempty"`
 	GoogleClientSecret string `json:"googleClientSecret,omitempty"`
 }

go/controllers/contexts.go

@@ -2,7 +2,6 @@ package controllers
 
 import (
 	"context"
-	"strconv"
 	"time"
 
 	"github.com/candiddev/homechart/go/models"
@@ -45,29 +44,19 @@ func setAuthAccountName(ctx context.Context, name string) context.Context {
 }
 
 func getAuthSessionAdmin(ctx context.Context) bool {
-	b, err := strconv.ParseBool(logger.GetAttribute(ctx, contextAuthSessionAdmin))
-	if err == nil && b {
-		return b
-	}
-
-	return false
+	return logger.GetAttribute[bool](ctx, contextAuthSessionAdmin)
 }
 
 func setAuthSessionAdmin(ctx context.Context, admin bool) context.Context {
-	return logger.SetAttribute(ctx, contextAuthSessionAdmin, strconv.FormatBool(admin))
+	return logger.SetAttribute(ctx, contextAuthSessionAdmin, admin)
 }
 
 func getAuthSessionID(ctx context.Context) uuid.UUID {
-	u, err := uuid.Parse(logger.GetAttribute(ctx, contextAuthSessionID))
-	if err == nil && u != uuid.Nil {
-		return u
-	}
-
-	return uuid.Nil
+	return logger.GetAttribute[uuid.UUID](ctx, contextAuthSessionID)
 }
 
 func setAuthSessionID(ctx context.Context, id uuid.UUID) context.Context {
-	return logger.SetAttribute(ctx, contextAuthSessionID, id.String())
+	return logger.SetAttribute(ctx, contextAuthSessionID, id)
 }
 
 func getChild(ctx context.Context) bool {
@@ -131,7 +120,7 @@ func setPermissions(ctx context.Context, p models.PermissionsOpts) context.Conte
 }
 
 func getRequestID(ctx context.Context) string {
-	return logger.GetAttribute(ctx, contextRequestID)
+	return logger.GetAttribute[string](ctx, contextRequestID)
 }
 
 func setRequestID(ctx context.Context, requestID string) context.Context {

go/models/context.go

@@ -20,17 +20,12 @@ const (
 
 // GetAuthAccountID returns the AuthAccountID attribute.
 func GetAuthAccountID(ctx context.Context) uuid.UUID {
-	u, err := uuid.Parse(logger.GetAttribute(ctx, contextAuthAccountID))
-	if err == nil && u != uuid.Nil {
-		return u
-	}
-
-	return uuid.Nil
+	return logger.GetAttribute[uuid.UUID](ctx, contextAuthAccountID)
 }
 
 // SetAuthAccountID sets the AuthAccountID attribute.
 func SetAuthAccountID(ctx context.Context, id uuid.UUID) context.Context {
-	return logger.SetAttribute(ctx, contextAuthAccountID, id.String())
+	return logger.SetAttribute(ctx, contextAuthAccountID, id)
 }
 
 // GetISO639Code returns the ISO639Code attribute.

go/models/seed.go

@@ -526,7 +526,7 @@ func Seed(ctx context.Context, demo bool) (*Data, errs.Err) { //nolint:gocognit,
 				{
 					Amount:           -10000,
 					BudgetCategoryID: &seed.BudgetCategories[0].ID,
-					YearMonth:        today.AddMonths(1).YearMonth(),
+					YearMonth:        nextMonth.YearMonth(),
 				},
 			},
 			Note: "Lunch",

go/oidc/oidc.go

@@ -3,18 +3,13 @@ package oidc
 
 import (
 	"context"
-	"crypto/x509"
-	"encoding/base64"
-	"encoding/pem"
 	"errors"
 	"fmt"
-	"time"
 
 	"github.com/candiddev/homechart/go/config"
 	"github.com/candiddev/shared/go/errs"
 	"github.com/candiddev/shared/go/logger"
 	"github.com/coreos/go-oidc"
-	"github.com/golang-jwt/jwt/v4"
 	"golang.org/x/oauth2"
 )
 
@@ -40,7 +35,6 @@ const (
 	ProviderTypeNone ProviderType = iota
 	ProviderTypeTest
 	ProviderTypeGoogle
-	ProviderTypeApple
 )
 
 type providerOpts struct {
@@ -84,85 +78,11 @@ func initProvider(ctx context.Context, opts *providerOpts) *Provider {
 	return &p
 }
 
-func initAppleProvider(ctx context.Context, c *config.Config) *Provider {
-	var baseURL string
-
-	var clientID string
-
-	baseURL = c.App.BaseURL
-	clientID = c.OIDC.AppleClientID
-
-	claims := &jwt.RegisteredClaims{
-		Audience:  jwt.ClaimStrings{"https://appleid.apple.com"},
-		Issuer:    c.OIDC.AppleTeamID,
-		IssuedAt:  jwt.NewNumericDate(time.Now()),
-		ExpiresAt: jwt.NewNumericDate(time.Now().Add(15777000 * time.Second)), // 6 months for Apple
-		Subject:   clientID,
-	}
-
-	token := jwt.NewWithClaims(jwt.SigningMethodES256, claims)
-
-	token.Header = map[string]any{
-		"alg": "ES256",
-		"kid": c.OIDC.AppleKeyID,
-		"typ": "JWT",
-	}
-
-	keyStr, err := base64.StdEncoding.DecodeString(c.OIDC.AppleKeyPEMBase64)
-	if err != nil {
-		logger.Error(ctx, ErrProvider.Wrap(err)) //nolint:errcheck
-
-		return nil
-	}
-
-	keyPEM, _ := pem.Decode(keyStr)
-
-	key, err := x509.ParsePKCS8PrivateKey(keyPEM.Bytes)
-	if err != nil {
-		logger.Error(ctx, ErrProvider.Wrap(err)) //nolint:errcheck
-
-		return nil
-	}
-
-	jwt, err := token.SignedString(key)
-	if err != nil {
-		logger.Error(ctx, ErrProvider.Wrap(err)) //nolint:errcheck
-
-		return nil
-	}
-
-	a := initProvider(ctx, &providerOpts{
-		BaseURL:      baseURL,
-		ClientID:     clientID,
-		ClientSecret: jwt,
-		IssuerURL:    "https://appleid.apple.com",
-		Name:         "apple",
-		Scopes: []string{
-			"email",
-		},
-		Type: ProviderTypeApple,
-	})
-	if a != nil {
-		a.Options = []oauth2.AuthCodeOption{
-			oauth2.SetAuthURLParam("response_mode", "form_post"),
-		}
-	}
-
-	return a
-}
-
 // Setup initializes OIDC providers and returns them.
 func Setup(ctx context.Context, c *config.Config) (*Providers, errs.Err) {
 	ctx = logger.Trace(ctx)
 	providers := Providers{}
 
-	if c.OIDC.AppleClientID != "" && c.OIDC.AppleKeyID != "" && c.OIDC.AppleKeyPEMBase64 != "" && c.OIDC.AppleTeamID != "" {
-		a := initAppleProvider(ctx, c)
-		if a != nil {
-			providers = append(providers, a)
-		}
-	}
-
 	if c.OIDC.GoogleClientID != "" && c.OIDC.GoogleClientSecret != "" {
 		g := initProvider(ctx, &providerOpts{
 			BaseURL:      c.App.BaseURL,