Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refine user header code #816

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Refine user header code #816

wants to merge 1 commit into from

Conversation

binwiederhier
Copy link
Owner

Refined #812

@codecov-commenter
Copy link

Codecov Report

Patch coverage: 42.30% and project coverage change: -0.11 ⚠️

Comparison is base (6a93dc9) 65.83% compared to head (7126af6) 65.72%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #816      +/-   ##
==========================================
- Coverage   65.83%   65.72%   -0.11%     
==========================================
  Files          53       53              
  Lines        7671     7691      +20     
==========================================
+ Hits         5050     5055       +5     
- Misses       1781     1794      +13     
- Partials      840      842       +2     
Impacted Files Coverage Δ
server/server.go 63.64% <38.09%> (-0.59%) ⬇️
cmd/serve.go 59.92% <50.00%> (-0.15%) ⬇️
server/config.go 100.00% <100.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

}
if s.config.AuthUserHeader != "" && s.config.BehindProxy {
username := r.Header.Get(s.config.AuthUserHeader) // Do not allow a query param, only a header!
if username != "" {

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Up to you, but shouldn't this be located inside authenticateViaUserDefinedHeader(), to keep the abstraction layer more consistent (i.e. for the auth header authn, the header is alos read in authenticateViaUserDefinedHeader(), not in the caller function)?

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did realize, that if the username is not provided, you will fall back to the default authorization, so ignore my comment.

Copy link

@Nanowires Nanowires left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment above, but looks good, from my perspective :-)

BTW: What about tests, if I find time, should I add them here, or to my orginal PR?

@Nanowires
Copy link

I've added the tests to the brnch of the original PR, together with your changes in #812

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants