More changes for Caddy's documentation generator

It turns out that Caddy's documentation generator also looks at fields
tagged with `json:"-"`, for which it doesn't generate documentation.

Author: liujed

client_policy.go

@@ -18,7 +18,7 @@ type ClientPolicy struct {
 	// largely follows Smallstep's domain name rules:
 	// https://smallstep.com/docs/step-ca/policies/#domain-names
 	//
-	// Due to a limitation in ACME and DNS-01, allowing a domain alsow allows
+	// Due to a limitation in ACME and DNS-01, allowing a domain also allows
 	// wildcard certificates for that domain.
 	AllowDomainsRaw []string `json:"allow_domains,omitempty"`
 	DenyDomainsRaw  []string `json:"deny_domains,omitempty"`

client_registry.go

@@ -6,7 +6,6 @@ import (
 	"strings"
 
 	"github.com/caddyserver/caddy/v2"
-	"github.com/liujed/goutil/maps"
 	"github.com/liujed/goutil/optionals"
 	"github.com/smallstep/certificates/policy"
 )
@@ -36,29 +35,29 @@ const challengeDomainPrefix = "_acme-challenge."
 // A registry of known users and their corresponding policy configuration.
 type ClientRegistry struct {
 	// Maps each client's user ID to its policy configuration.
-	Clients maps.Map[string, *ClientPolicy]
+	clients map[string]*ClientPolicy
 }
 
 func (c *ClientRegistry) Provision(
 	ctx caddy.Context,
 	accountsRaw []RawAccount,
 ) error {
 	// Convert accountsRaw into a map keyed on user ID.
-	c.Clients = maps.NewHashMap[string, *ClientPolicy]()
+	c.clients = map[string]*ClientPolicy{}
 	for i, rawAccount := range accountsRaw {
-		if c.Clients.ContainsKey(rawAccount.UserID) {
+		if _, containsKey := c.clients[rawAccount.UserID]; containsKey {
 			return fmt.Errorf(
 				"account %d: user ID is not unique: %q",
 				i,
 				rawAccount.UserID,
 			)
 		}
 
-		c.Clients.Put(rawAccount.UserID, &rawAccount.ClientPolicy)
+		c.clients[rawAccount.UserID] = &rawAccount.ClientPolicy
 	}
 
 	// Provision the ClientPolicy instances.
-	for userID, ca := range c.Clients.Entries() {
+	for userID, ca := range c.clients {
 		err := ca.Provision(ctx)
 		if err != nil {
 			return fmt.Errorf(
@@ -88,7 +87,7 @@ func (r *ClientRegistry) AuthorizeUserChallengeDomain(
 			fmt.Errorf("unable to determine user ID (is authentication configured?)")
 	}
 
-	config, exists := r.Clients.Get(userID).Get()
+	config, exists := r.clients[userID]
 	if !exists {
 		return optionals.Some(DenyUnknownUser), nil
 	}

handler.go

@@ -44,7 +44,10 @@ type Handler struct {
 	// Specifies how clients should be authenticated. If absent, then clients must
 	// be authenticated by an `http.handlers.authentication` instance earlier in
 	// the handler chain. Derived from [AccountsRaw].
-	Authentication optionals.Optional[*caddyauth.Authentication] `json:"-"`
+	//
+	// XXX This should be an Optional[*caddyauth.Authentication], but Caddy's
+	// documentation generator doesn't work with generics.
+	Authentication *caddyauth.Authentication `json:"-"`
 
 	// Identifies the domains at which each client is allowed to answer DNS-01
 	// challenges. Derived from [AccountsRaw].
@@ -111,7 +114,7 @@ func (h *Handler) Provision(ctx caddy.Context) error {
 			return fmt.Errorf("unable to provision authenticaiton: %w", err)
 		}
 
-		h.Authentication = optionals.Some(auth)
+		h.Authentication = auth
 	}
 
 	// Normally, we expect either all users or no users to have a password
@@ -158,8 +161,8 @@ func (h *Handler) ServeHTTP(
 	}
 
 	handlerImpl := jsonutil.WrapHandler(h.handleDNSRequest(mode))
-	if auth, exists := h.Authentication.Get(); exists {
-		return auth.ServeHTTP(w, req, handlerImpl)
+	if h.Authentication != nil {
+		return h.Authentication.ServeHTTP(w, req, handlerImpl)
 	}
 	return handlerImpl.ServeHTTP(w, req)
 }