MCPcopy Index your code
hub / github.com/coder/coder / RequireAPIKeyOrWorkspaceProxyAuth

Function RequireAPIKeyOrWorkspaceProxyAuth

coderd/httpmw/actor.go:15–37  ·  view source on GitHub ↗

RequireAPIKeyOrWorkspaceProxyAuth is middleware that should be inserted after optional ExtractAPIKey and ExtractWorkspaceProxy middlewares to ensure one of the two authentication methods is provided. If both are provided, an error is returned to avoid misuse.

()

Source from the content-addressed store, hash-verified

13//
14// If both are provided, an error is returned to avoid misuse.
15func RequireAPIKeyOrWorkspaceProxyAuth() func(http.Handler) http.Handler {
16 return func(next http.Handler) http.Handler {
17 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
18 _, hasAPIKey := APIKeyOptional(r)
19 _, hasWorkspaceProxy := WorkspaceProxyOptional(r)
20
21 if hasAPIKey && hasWorkspaceProxy {
22 httpapi.Write(r.Context(), w, http.StatusBadRequest, codersdk.Response{
23 Message: "API key and external proxy authentication provided, but only one is allowed",
24 })
25 return
26 }
27 if !hasAPIKey && !hasWorkspaceProxy {
28 httpapi.Write(r.Context(), w, http.StatusUnauthorized, codersdk.Response{
29 Message: "API key or external proxy authentication required, but none provided",
30 })
31 return
32 }
33
34 next.ServeHTTP(w, r)
35 })
36 }
37}
38
39// RequireAPIKeyOrWorkspaceAgent is middleware that should be inserted after
40// optional ExtractAPIKey and ExtractWorkspaceAgent middlewares to ensure one of

Callers 1

Calls 5

WriteFunction · 0.92
APIKeyOptionalFunction · 0.85
WorkspaceProxyOptionalFunction · 0.85
ContextMethod · 0.65
ServeHTTPMethod · 0.45

Tested by 1