mirrors/at-container-registry
1
0
Fork 0
mirror of https://tangled.org/evan.jarrett.net/at-container-registry synced 2026-06-06 07:12:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix test

Browse Source
This commit is contained in:
Evan Jarrett
2025-10-25 01:17:35 -05:00
parent 2f27f22650
commit 2026780e11
3 changed files with 5 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/hold/pds/auth.go
View File

@@ -6,11 +6,11 @@ import (
"encoding/json"
"fmt"
"io"
"log"
"net/http"
"slices"
"strings"
"time"
"log"
"atcr.io/pkg/atproto"
"github.com/bluesky-social/indigo/atproto/atcrypto"

8
pkg/hold/pds/xrpc.go
View File

@@ -116,15 +116,15 @@ func (h *XRPCHandler) requireOwnerOrCrewAdmin(next http.Handler) http.Handler {
})
}
// requireAuth middleware - validates DPoP authentication
// requireAuth middleware - validates service token authentication
// Stores validated user in request context
func (h *XRPCHandler) requireAuth(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Service token authentication
user, err := ValidateServiceToken(r, h.pds.did, h.httpClient)
user, err := ValidateServiceToken(r, h.pds.did, h.httpClient)
if err != nil {
http.Error(w, fmt.Sprintf("unauthorized: %v", err), http.StatusForbidden)
return
http.Error(w, fmt.Sprintf("unauthorized: %v", err), http.StatusUnauthorized)
return
}
// Store user in context for handlers to access
ctx := context.WithValue(r.Context(), contextKeyUser, user)

29
pkg/hold/pds/xrpc_test.go
View File

@@ -2059,35 +2059,6 @@ func TestRequireOwnerOrCrewAdmin_Unauthorized(t *testing.T) {
}
}
// TestRequireAuth_ValidDPoP tests middleware allows valid DPoP token
func TestRequireAuth_ValidDPoP(t *testing.T) {
handler, _ := setupTestXRPCHandler(t)
r := chi.NewRouter()
handler.RegisterHandlers(r)
// requestCrew requires auth
dpopHelper, err := NewDPoPTestHelper("did:plc:newcrew123", "https://test.pds")
if err != nil {
t.Fatalf("Failed to create DPoP helper: %v", err)
}
req := httptest.NewRequest("POST", atproto.HoldRequestCrew, bytes.NewReader([]byte("{}")))
req.Header.Set("Content-Type", "application/json")
if err := dpopHelper.AddDPoPToRequest(req); err != nil {
t.Fatalf("Failed to add DPoP: %v", err)
}
w := httptest.NewRecorder()
r.ServeHTTP(w, req)
// Should not get auth error (may get other errors like "crew not allowed")
if w.Code == http.StatusUnauthorized {
t.Errorf("Expected valid DPoP to not get 401, got %d: %s", w.Code, w.Body.String())
}
}
// TestRequireAuth_MissingAuth tests middleware returns 401 without auth
func TestRequireAuth_MissingAuth(t *testing.T) {
handler, _ := setupTestXRPCHandler(t)