MCPcopy Index your code
hub / github.com/coder/coder / ExtractAuthToken

Function ExtractAuthToken

coderd/aibridge/aibridge.go:48–62  ·  view source on GitHub ↗

ExtractAuthToken extracts a token from HTTP headers. It checks the BYOK header first (set by clients opting into BYOK), then falls back to Authorization: Bearer and X-Api-Key for direct centralized mode. If none are present, an empty string is returned.

(header http.Header)

Source from the content-addressed store, hash-verified

46// then falls back to Authorization: Bearer and X-Api-Key for direct
47// centralized mode. If none are present, an empty string is returned.
48func ExtractAuthToken(header http.Header) string {
49 if token := strings.TrimSpace(header.Get(HeaderCoderToken)); token != "" {
50 return token
51 }
52 if auth := strings.TrimSpace(header.Get("Authorization")); auth != "" {
53 fields := strings.Fields(auth)
54 if len(fields) == 2 && strings.EqualFold(fields[0], "Bearer") {
55 return fields[1]
56 }
57 }
58 if apiKey := strings.TrimSpace(header.Get("X-Api-Key")); apiKey != "" {
59 return apiKey
60 }
61 return ""
62}

Callers 1

RateLimitByAuthTokenFunction · 0.92

Calls 2

GetMethod · 0.65
FieldsMethod · 0.65

Tested by

no test coverage detected