(_ context.Context, req *proto.CoordinateRequest)
| 46 | } |
| 47 | |
| 48 | func (c ClientCoordinateeAuth) Authorize(_ context.Context, req *proto.CoordinateRequest) error { |
| 49 | if tun := req.GetAddTunnel(); tun != nil { |
| 50 | uid, err := uuid.FromBytes(tun.Id) |
| 51 | if err != nil { |
| 52 | return xerrors.Errorf("parse add tunnel id: %w", err) |
| 53 | } |
| 54 | |
| 55 | if c.AgentID != uid { |
| 56 | return xerrors.Errorf("invalid agent id, expected %s, got %s", c.AgentID.String(), uid.String()) |
| 57 | } |
| 58 | } |
| 59 | |
| 60 | return handleClientNodeRequests(req) |
| 61 | } |
| 62 | |
| 63 | // AgentCoordinateeAuth disallows all tunnels, since agents are not allowed to initiate their own tunnels |
| 64 | type AgentCoordinateeAuth struct { |
nothing calls this directly
no test coverage detected