@Summary Issue signed workspace app token @ID issue-signed-workspace-app-token @Security CoderSessionToken @Accept json @Produce json @Tags Enterprise @Param request body workspaceapps.IssueTokenRequest true "Issue signed app token request" @Success 201 {object} wsproxysdk.IssueSignedAppTokenRespons
(rw http.ResponseWriter, r *http.Request)
| 464 | // @Router /api/v2/workspaceproxies/me/issue-signed-app-token [post] |
| 465 | // @x-apidocgen {"skip": true} |
| 466 | func (api *API) workspaceProxyIssueSignedAppToken(rw http.ResponseWriter, r *http.Request) { |
| 467 | ctx := r.Context() |
| 468 | |
| 469 | // NOTE: this endpoint will return JSON on success, but will (usually) |
| 470 | // return a self-contained HTML error page on failure. The external proxy |
| 471 | // should forward any non-201 response to the client. |
| 472 | |
| 473 | var req workspaceapps.IssueTokenRequest |
| 474 | if !httpapi.Read(ctx, rw, r, &req) { |
| 475 | return |
| 476 | } |
| 477 | |
| 478 | // userReq is a http request from the user on the other side of the proxy. |
| 479 | // Although the workspace proxy is making this call, we want to use the user's |
| 480 | // authorization context to create the token. |
| 481 | // |
| 482 | // We can use the existing request context for all tracing/logging purposes. |
| 483 | // Any workspace proxy auth uses different context keys so we don't need to |
| 484 | // worry about that. |
| 485 | userReq, err := http.NewRequestWithContext(ctx, "GET", req.AppRequest.BasePath, nil) |
| 486 | if err != nil { |
| 487 | // This should never happen |
| 488 | httpapi.InternalServerError(rw, xerrors.Errorf("[DEV ERROR] new request: %w", err)) |
| 489 | return |
| 490 | } |
| 491 | userReq.Header.Set(codersdk.SessionTokenHeader, req.SessionToken) |
| 492 | userReq.RemoteAddr = r.Header.Get(wsproxysdk.CoderWorkspaceProxyRealIPHeader) |
| 493 | |
| 494 | // Exchange the token. |
| 495 | token, tokenStr, ok := api.AGPL.WorkspaceAppsProvider.Issue(ctx, rw, userReq, req) |
| 496 | if !ok { |
| 497 | return |
| 498 | } |
| 499 | if token == nil { |
| 500 | httpapi.InternalServerError(rw, xerrors.New("nil token after calling token provider")) |
| 501 | return |
| 502 | } |
| 503 | |
| 504 | httpapi.Write(ctx, rw, http.StatusCreated, wsproxysdk.IssueSignedAppTokenResponse{ |
| 505 | SignedTokenStr: tokenStr, |
| 506 | }) |
| 507 | } |
| 508 | |
| 509 | // @Summary Report workspace app stats |
| 510 | // @ID report-workspace-app-stats |