shiny/authz_client
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 10 Activity

Compare commits

base: shiny:v0.4.0
Branches Tags
shiny:main shiny:next-release
shiny:v0.5.0 shiny:v0.4.1 shiny:v0.4.0 shiny:v0.3.1 shiny:v0.3.0 shiny:v0.2.0 shiny:v0.1.4 shiny:v0.1.3 shiny:v0.1.2 shiny:v0.1.1 shiny:v0.1.0 shiny:v0.0.8 shiny:v0.0.7 shiny:v0.0.6 shiny:v0.0.5 shiny:v0.0.4 shiny:v0.0.3 shiny:v0.0.1 shiny:v0.0.2
...
compare: shiny:main
Branches Tags
shiny:next-release shiny:main
shiny:v0.5.0 shiny:v0.4.1 shiny:v0.4.0 shiny:v0.3.1 shiny:v0.3.0 shiny:v0.2.0 shiny:v0.1.4 shiny:v0.1.3 shiny:v0.1.2 shiny:v0.1.1 shiny:v0.1.0 shiny:v0.0.8 shiny:v0.0.7 shiny:v0.0.6 shiny:v0.0.5 shiny:v0.0.4 shiny:v0.0.3 shiny:v0.0.1 shiny:v0.0.2

29 Commits
v0.4.0 ... main

Author SHA1 Message Date
renovate 775d25cb59 chore(deps): update dependency go to v1.26.2 (#300)
Release / release (push) Successful in 1m0s
Details
authz_client / vulnerabilities (push) Successful in 1m46s
Details
authz_client / test (push) Successful in 2m10s
Details
pre-commit / pre-commit (push) Successful in 6m1s
Details
2026-04-10 00:13:25 +00:00
renovate ef992cb9db chore(deps): update pre-commit hook golangci/golangci-lint to v2.11.4 (#298)
Release / release (push) Successful in 1m6s
Details
authz_client / vulnerabilities (push) Successful in 1m38s
Details
authz_client / test (push) Successful in 2m18s
Details
pre-commit / pre-commit (push) Successful in 6m1s
Details
2026-03-22 18:11:14 +00:00
renovate c3b8a3f1ce chore(deps): update pre-commit hook gitleaks/gitleaks to v8.30.1 (#296)
Release / release (push) Successful in 1m29s
Details
authz_client / vulnerabilities (push) Successful in 2m10s
Details
authz_client / test (push) Successful in 3m0s
Details
pre-commit / pre-commit (push) Successful in 7m11s
Details
2026-03-12 16:09:43 +00:00
releaser 45512115c5 chore(release): prepare for v0.5.0 (#295)
Release / release (push) Successful in 40s
Details
authz_client / vulnerabilities (push) Successful in 1m23s
Details
authz_client / test (push) Successful in 2m1s
Details
pre-commit / pre-commit (push) Successful in 4m10s
Details 
## [0.5.0] - 2026-03-12

### 🚀 Features

- *(client)* Add API key authentication for /authz endpoint (#294)

### ⚙️ Miscellaneous Tasks

- *(deps)* Update golang:1.25.5 docker digest to 3a01526 (#271)
- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.24.0 (#273)
- *(deps)* Update dependency go to v1.25.6 (#274)
- *(deps)* Update golang docker tag to v1.25.6 (#275)
- Remove GitLab CI configuration
- Add code coverage integration
- *(deps)* Update dependency go to v1.25.7 (#279)
- *(deps)* Update dependency go to v1.26.0 (#280)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.9.0 (#281)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.10.0 (#282)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.10.1 (#283)
- *(deps)* Update dependency go to v1.26.1 (#286)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.1 (#288)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.2 (#290)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.3 (#292)

<!-- generated by git-cliff -->

---

**Note:** Please use **Squash Merge** when merging this PR.

Reviewed-on: #295
Co-authored-by: Unbound Releaser <releaser@unbound.se>
Co-committed-by: Unbound Releaser <releaser@unbound.se>
 2026-03-12 07:39:47 +00:00
argoyle fe0abd62c8 feat(client): add API key authentication for /authz endpoint (#294)
Release / release (push) Successful in 1m15s
Details
authz_client / vulnerabilities (push) Successful in 2m9s
Details
authz_client / test (push) Successful in 2m21s
Details
pre-commit / pre-commit (push) Successful in 4m46s
Details 
## Summary

- Add `WithAPIKey(key string)` option to `PrivilegeHandler`
- When set, `Fetch()` sends `Authorization: Bearer <key>` header
- Backward compatible: no key = no header (existing behavior)

## Test plan

- [x] Unit test verifying Authorization header is sent
- [x] Unit test verifying no header without key
- [x] Existing tests still pass

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: #294
 2026-03-12 07:32:12 +00:00
renovate a54cf45a4b chore(deps): update pre-commit hook golangci/golangci-lint to v2.11.3 (#292)
Release / release (push) Successful in 1m21s
Details
authz_client / vulnerabilities (push) Successful in 2m9s
Details
authz_client / test (push) Successful in 4m40s
Details
pre-commit / pre-commit (push) Successful in 7m39s
Details
2026-03-10 11:12:34 +00:00
renovate f9a5ef7085 chore(deps): update pre-commit hook golangci/golangci-lint to v2.11.2 (#290)
pre-commit / pre-commit (push) Successful in 4m44s
Details
Release / release (push) Successful in 1m2s
Details
authz_client / vulnerabilities (push) Failing after 2h42m46s
Details
authz_client / test (push) Failing after 2h42m53s
Details
2026-03-07 22:09:47 +00:00
renovate 200e7cf963 chore(deps): update pre-commit hook golangci/golangci-lint to v2.11.1 (#288)
Release / release (push) Successful in 57s
Details
authz_client / vulnerabilities (push) Successful in 1m46s
Details
authz_client / test (push) Successful in 2m49s
Details
pre-commit / pre-commit (push) Successful in 5m49s
Details
2026-03-06 15:11:17 +00:00
renovate 110f6206f9 chore(deps): update dependency go to v1.26.1 (#286)
Release / release (push) Successful in 1m13s
Details
authz_client / vulnerabilities (push) Successful in 1m36s
Details
authz_client / test (push) Successful in 2m27s
Details
pre-commit / pre-commit (push) Successful in 10m39s
Details
2026-03-06 01:18:10 +00:00
renovate c53d80792c chore(deps): update pre-commit hook golangci/golangci-lint to v2.10.1 (#283)
Release / release (push) Successful in 1m31s
Details
authz_client / vulnerabilities (push) Successful in 2m39s
Details
authz_client / test (push) Successful in 3m54s
Details
pre-commit / pre-commit (push) Successful in 8m34s
Details
2026-02-17 17:01:30 +00:00
renovate ebc0c3bb8e chore(deps): update pre-commit hook golangci/golangci-lint to v2.10.0 (#282)
Release / release (push) Failing after 41s
Details
authz_client / vulnerabilities (push) Successful in 17m19s
Details
authz_client / test (push) Successful in 18m59s
Details
pre-commit / pre-commit (push) Successful in 52m24s
Details
2026-02-17 15:01:11 +00:00
renovate cb59762fc9 chore(deps): update pre-commit hook golangci/golangci-lint to v2.9.0 (#281)
authz_client / vulnerabilities (push) Successful in 2m12s
Details
Release / release (push) Successful in 1m55s
Details
authz_client / test (push) Successful in 4m10s
Details
pre-commit / pre-commit (push) Successful in 17m58s
Details
2026-02-11 07:13:35 +00:00
renovate a82466cb27 chore(deps): update dependency go to v1.26.0 (#280)
Release / release (push) Successful in 1m22s
Details
authz_client / vulnerabilities (push) Successful in 4m20s
Details
authz_client / test (push) Successful in 4m30s
Details
pre-commit / pre-commit (push) Successful in 9m2s
Details
2026-02-11 06:19:26 +00:00
renovate 29eab978f7 chore(deps): update dependency go to v1.25.7 (#279)
Release / release (push) Failing after 58s
Details
authz_client / test (push) Successful in 4m30s
Details
authz_client / vulnerabilities (push) Successful in 3m54s
Details
pre-commit / pre-commit (push) Successful in 12m54s
Details
2026-02-04 16:16:32 +00:00
argoyle f3166426b6 Merge pull request 'ci: add code coverage integration' (#277) from ci-coverage-integration into main
Release / release (push) Failing after 4m57s
Details
authz_client / vulnerabilities (push) Successful in 7m21s
Details
authz_client / test (push) Successful in 8m12s
Details
pre-commit / pre-commit (push) Successful in 14m37s
Details 
Reviewed-on: #277
 2026-01-28 12:38:20 +00:00
argoyle 3171c53393 ci: add code coverage integration
authz_client / test (pull_request) Successful in 6m57s
Details
authz_client / vulnerabilities (pull_request) Successful in 7m26s
Details
pre-commit / pre-commit (pull_request) Successful in 12m3s
Details 
Add go-test-coverage for coverage threshold enforcement. Coverage data
is uploaded as artifacts on main branch and compared against baseline
in PRs using shell script that gracefully handles first run without
baseline. PR comments show coverage percentage.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-28 13:03:07 +01:00
argoyle 7af8e00b4c Merge pull request 'chore: remove GitLab CI configuration' (#276) from remove-gitlab-ci into main
Release / release (push) Failing after 1m59s
Details
authz_client / test (push) Successful in 2m49s
Details
pre-commit / pre-commit (push) Successful in 7m12s
Details
authz_client / vulnerabilities (push) Successful in 10m29s
Details 
Reviewed-on: #276
 2026-01-18 20:15:35 +00:00
argoyle 0c0f321b33 chore: remove GitLab CI configuration
authz_client / test (pull_request) Successful in 6m42s
Details
authz_client / vulnerabilities (pull_request) Successful in 9m50s
Details
pre-commit / pre-commit (pull_request) Successful in 18m32s
Details
2026-01-18 20:36:13 +01:00
renovate 87805f1552 chore(deps): update golang docker tag to v1.25.6 (#275)
authz_client / vulnerabilities (push) Successful in 1m28s
Details
authz_client / test (push) Successful in 2m27s
Details
Release / release (push) Successful in 2m49s
Details
pre-commit / pre-commit (push) Successful in 5m23s
Details
2026-01-15 22:06:58 +00:00
renovate 74ee30bccc chore(deps): update dependency go to v1.25.6 (#274)
Release / release (push) Successful in 2m33s
Details
authz_client / test (push) Successful in 4m27s
Details
authz_client / vulnerabilities (push) Successful in 6m55s
Details
pre-commit / pre-commit (push) Successful in 15m1s
Details
2026-01-15 20:06:38 +00:00
renovate 646e4f31c4 chore(deps): update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.24.0 (#273)
Release / release (push) Successful in 2m12s
Details
authz_client / test (push) Successful in 5m48s
Details
authz_client / vulnerabilities (push) Successful in 6m17s
Details
pre-commit / pre-commit (push) Successful in 17m3s
Details
2026-01-13 21:08:37 +00:00
renovate 881fac379f chore(deps): update golang:1.25.5 docker digest to 3a01526 (#271)
authz_client / test (push) Successful in 2m23s
Details
authz_client / vulnerabilities (push) Successful in 2m32s
Details
Release / release (push) Successful in 1m57s
Details
pre-commit / pre-commit (push) Successful in 6m25s
Details
2026-01-13 14:35:12 +00:00
argoyle 2c2bd2798f Merge pull request 'chore(release): prepare for v0.4.1' (#270) from next-release into main
Release / release (push) Successful in 48s
Details
authz_client / test (push) Successful in 1m42s
Details
authz_client / vulnerabilities (push) Successful in 1m41s
Details
pre-commit / pre-commit (push) Successful in 4m20s
Details 
Reviewed-on: #270
 2026-01-09 14:05:17 +00:00
releaser 204b108ece chore(release): prepare for v0.4.1
authz_client / test (pull_request) Successful in 3m27s
Details
authz_client / vulnerabilities (pull_request) Successful in 3m36s
Details
pre-commit / pre-commit (pull_request) Successful in 5m37s
Details
2026-01-09 13:57:10 +00:00
releaser fa795a58cf chore(release): prepare for v0.4.1 2026-01-09 13:57:03 +00:00
argoyle 60650b9c04 Merge pull request 'chore: migrate module path to gitea.unbound.se' (#269) from migrate-to-gitea into main
authz_client / test (push) Successful in 4m45s
Details
authz_client / vulnerabilities (push) Successful in 4m55s
Details
Release / release (push) Successful in 4m58s
Details
pre-commit / pre-commit (push) Has been cancelled
Details 
Reviewed-on: #269
 2026-01-09 13:50:03 +00:00
argoyle 60d9eea9c9 chore: migrate module path to gitea.unbound.se
authz_client / test (pull_request) Successful in 1m56s
Details
authz_client / vulnerabilities (pull_request) Successful in 2m31s
Details
pre-commit / pre-commit (pull_request) Successful in 5m21s
Details 
Update module path from git.unbound.se to gitea.unbound.se for Go module
discovery over HTTPS.
 2026-01-09 14:30:26 +01:00
argoyle dd571f8d85 Merge pull request 'chore(deps): update actions/setup-python action to v6' (#268) from renovate/actions-setup-python-6.x into main
authz_client / vulnerabilities (push) Successful in 3m7s
Details
authz_client / test (push) Successful in 3m36s
Details
pre-commit / pre-commit (push) Successful in 5m22s
Details 
Reviewed-on: #268
 2026-01-09 09:28:58 +00:00
renovate 1f822b2957 chore(deps): update actions/setup-python action to v6
authz_client / test (pull_request) Successful in 5m50s
Details
authz_client / vulnerabilities (pull_request) Successful in 5m33s
Details
pre-commit / pre-commit (pull_request) Successful in 9m6s
Details
2026-01-09 09:01:53 +00:00
11 changed files with 162 additions and 56 deletions
Expand all files Collapse all files
.gitea/workflows/ci.yaml
+55
View File
@@ -17,6 +17,61 @@ jobs:
- name: Run tests - name: Run tests
run: go test -race -coverprofile=coverage.txt ./... run: go test -race -coverprofile=coverage.txt ./...
- name: Check coverage
uses: vladopajic/go-test-coverage@v2
with:
config: ./.testcoverage.yml
# Download baseline coverage from main branch (for PRs)
- name: Download baseline coverage
if: gitea.event_name == 'pull_request'
uses: actions/download-artifact@v3
with:
name: coverage-baseline
path: ./baseline
continue-on-error: true
# Compare coverage against baseline (for PRs)
- name: Compare coverage
if: gitea.event_name == 'pull_request'
run: |
CURRENT=$(go tool cover -func=coverage.txt | grep "^total:" | awk '{print $NF}' | tr -d '%')
if [ -f ./baseline/coverage.txt ]; then
BASE=$(go tool cover -func=./baseline/coverage.txt | grep "^total:" | awk '{print $NF}' | tr -d '%')
echo "Base coverage: ${BASE}%"
echo "Current coverage: ${CURRENT}%"
if [ "$(echo "$CURRENT < $BASE" | bc -l)" -eq 1 ]; then
echo "::error::Coverage decreased from ${BASE}% to ${CURRENT}%"
exit 1
fi
echo "Coverage maintained or improved: ${BASE}% -> ${CURRENT}%"
else
echo "No baseline coverage found, skipping comparison"
echo "Current coverage: ${CURRENT}%"
fi
# Upload coverage as baseline (only on main)
- name: Upload coverage baseline
if: gitea.ref == 'refs/heads/main'
uses: actions/upload-artifact@v3
with:
name: coverage-baseline
path: coverage.txt
retention-days: 90
# Post coverage to PR comment
- name: Post coverage comment
if: gitea.event_name == 'pull_request'
env:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
GITEA_URL: ${{ gitea.server_url }}
run: |
COVERAGE=$(go tool cover -func=coverage.txt | grep "^total:" | awk '{print $NF}')
curl -X POST "${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/issues/${{ gitea.event.pull_request.number }}/comments" \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "{\"body\": \"## Coverage Report\n\nTotal coverage: **${COVERAGE}**\"}"
vulnerabilities: vulnerabilities:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
.gitea/workflows/pre-commit.yaml
+1 -1
View File
@@ -17,7 +17,7 @@ jobs:
- uses: actions/setup-go@v6 - uses: actions/setup-go@v6
with: with:
go-version: stable go-version: stable
- uses: actions/setup-python@v5 - uses: actions/setup-python@v6
with: with:
python-version: '3.14' python-version: '3.14'
- name: Install goimports - name: Install goimports
.gitlab-ci.yml
-38
View File
@@ -1,38 +0,0 @@
include:
- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
- project: unboundsoftware/ci-templates
file: Defaults.gitlab-ci.yml
- project: unboundsoftware/ci-templates
file: Release.gitlab-ci.yml
- project: unboundsoftware/ci-templates
file: Pre-Commit-Go.gitlab-ci.yml
image: amd64/golang:1.25.5@sha256:ad03ba93327b8a6143b49373790b5d92c28067bdb814418509466122ee9c9e63
stages:
- deps
- test
deps:
stage: deps
script:
- go mod download
test:
stage: test
dependencies:
- deps
script:
- CGO_ENABLED=1 go test -mod=readonly -race -coverprofile=coverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
- go tool cover -html=coverage.txt -o coverage.html
- go tool cover -func=coverage.txt
- curl -Os https://uploader.codecov.io/latest/linux/codecov
- chmod +x codecov
- ./codecov -t ${CODECOV_TOKEN} -R $CI_PROJECT_DIR -C $CI_COMMIT_SHA -r $CI_PROJECT_PATH
vulnerabilities:
stage: test
image: amd64/golang:1.25.5@sha256:ad03ba93327b8a6143b49373790b5d92c28067bdb814418509466122ee9c9e63
script:
- go install golang.org/x/vuln/cmd/govulncheck@latest
- govulncheck ./...
.pre-commit-config.yaml
+4 -4
View File
@@ -11,7 +11,7 @@ repos:
- --allow-multiple-documents - --allow-multiple-documents
- id: check-added-large-files - id: check-added-large-files
- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
rev: v9.23.0 rev: v9.24.0
hooks: hooks:
- id: commitlint - id: commitlint
stages: [ commit-msg ] stages: [ commit-msg ]
@@ -23,17 +23,17 @@ repos:
- id: go-imports - id: go-imports
args: args:
- -local - -local
- git.unbound.se/shiny/authz_client - gitea.unbound.se/shiny/authz_client
- repo: https://github.com/lietu/go-pre-commit - repo: https://github.com/lietu/go-pre-commit
rev: v1.0.0 rev: v1.0.0
hooks: hooks:
- id: go-test - id: go-test
- id: gofumpt - id: gofumpt
- repo: https://github.com/golangci/golangci-lint - repo: https://github.com/golangci/golangci-lint
rev: v2.8.0 rev: v2.11.4
hooks: hooks:
- id: golangci-lint-full - id: golangci-lint-full
- repo: https://github.com/gitleaks/gitleaks - repo: https://github.com/gitleaks/gitleaks
rev: v8.30.0 rev: v8.30.1
hooks: hooks:
- id: gitleaks - id: gitleaks
.testcoverage.yml
+13
View File
@@ -0,0 +1,13 @@
# Coverage configuration for go-test-coverage
# https://github.com/vladopajic/go-test-coverage
profile: coverage.txt
threshold:
file: 0
package: 0
total: 0
exclude:
paths:
- _test\.go$
.version
+1 -1
View File
@@ -1,3 +1,3 @@
{ {
"version": "v0.4.0" "version": "v0.5.0"
} }
CHANGELOG.md
+31
View File
@@ -2,6 +2,37 @@
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## [0.5.0] - 2026-03-12
### 🚀 Features
- *(client)* Add API key authentication for /authz endpoint (#294)
### ⚙️ Miscellaneous Tasks
- *(deps)* Update golang:1.25.5 docker digest to 3a01526 (#271)
- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.24.0 (#273)
- *(deps)* Update dependency go to v1.25.6 (#274)
- *(deps)* Update golang docker tag to v1.25.6 (#275)
- Remove GitLab CI configuration
- Add code coverage integration
- *(deps)* Update dependency go to v1.25.7 (#279)
- *(deps)* Update dependency go to v1.26.0 (#280)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.9.0 (#281)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.10.0 (#282)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.10.1 (#283)
- *(deps)* Update dependency go to v1.26.1 (#286)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.1 (#288)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.2 (#290)
- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.11.3 (#292)
## [0.4.1] - 2026-01-09
### ⚙️ Miscellaneous Tasks
- *(deps)* Update actions/setup-python action to v6
- Migrate module path to gitea.unbound.se
## [0.4.0] - 2026-01-09 ## [0.4.0] - 2026-01-09
### 🚀 Features ### 🚀 Features
CLAUDE.md
+1 -1
View File
@@ -17,7 +17,7 @@ Provides a client for the authz-service, handling privilege management for users
### Usage ### Usage
```go ```go
import client "git.unbound.se/shiny/authz_client" import client "gitea.unbound.se/shiny/authz_client"
// Create handler with options // Create handler with options
handler := client.New(client.WithBaseURL("http://authz-service")) handler := client.New(client.WithBaseURL("http://authz-service"))
client.go
+21 -9
View File
@@ -28,6 +28,7 @@ type PrivilegeHandler struct {
*sync.RWMutex *sync.RWMutex
client *http.Client client *http.Client
baseURL string baseURL string
apiKey string
privileges map[string]map[string]*CompanyPrivileges privileges map[string]map[string]*CompanyPrivileges
} }
@@ -41,6 +42,13 @@ func WithBaseURL(url string) OptsFunc {
} }
} }
// WithAPIKey sets an API key used as a Bearer token when fetching privileges
func WithAPIKey(key string) OptsFunc {
return func(handler *PrivilegeHandler) {
handler.apiKey = key
}
}
// New creates a new PrivilegeHandler. Pass OptsFuncs to configure. // New creates a new PrivilegeHandler. Pass OptsFuncs to configure.
func New(opts ...OptsFunc) *PrivilegeHandler { func New(opts ...OptsFunc) *PrivilegeHandler {
handler := &PrivilegeHandler{ handler := &PrivilegeHandler{
@@ -57,7 +65,16 @@ func New(opts ...OptsFunc) *PrivilegeHandler {
// Fetch the initial set of privileges from an authz-service // Fetch the initial set of privileges from an authz-service
func (h *PrivilegeHandler) Fetch() error { func (h *PrivilegeHandler) Fetch() error {
resp, err := h.client.Get(fmt.Sprintf("%s/authz", h.baseURL)) req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/authz", h.baseURL), nil)
if err != nil {
return err
}
if h.apiKey != "" {
req.Header.Set("Authorization", "Bearer "+h.apiKey)
}
resp, err := h.client.Do(req)
if err != nil { if err != nil {
return err return err
} }
@@ -87,13 +104,14 @@ func (h *PrivilegeHandler) Setup() []goamqp.Setup {
// Process privilege-related events and update the internal state // Process privilege-related events and update the internal state
func (h *PrivilegeHandler) Process(msg interface{}, _ goamqp.Headers) (interface{}, error) { func (h *PrivilegeHandler) Process(msg interface{}, _ goamqp.Headers) (interface{}, error) {
h.Lock()
defer h.Unlock()
switch ev := msg.(type) { switch ev := msg.(type) {
case *UserAdded: case *UserAdded:
if priv, exists := h.privileges[ev.Email]; exists { if priv, exists := h.privileges[ev.Email]; exists {
priv[ev.CompanyID] = &CompanyPrivileges{} priv[ev.CompanyID] = &CompanyPrivileges{}
} else { } else {
h.Lock()
defer h.Unlock()
h.privileges[ev.Email] = map[string]*CompanyPrivileges{ h.privileges[ev.Email] = map[string]*CompanyPrivileges{
ev.CompanyID: {}, ev.CompanyID: {},
} }
@@ -101,19 +119,13 @@ func (h *PrivilegeHandler) Process(msg interface{}, _ goamqp.Headers) (interface
return nil, nil return nil, nil
case *UserRemoved: case *UserRemoved:
if priv, exists := h.privileges[ev.Email]; exists { if priv, exists := h.privileges[ev.Email]; exists {
h.Lock()
defer h.Unlock()
delete(priv, ev.CompanyID) delete(priv, ev.CompanyID)
} }
return nil, nil return nil, nil
case *PrivilegeAdded: case *PrivilegeAdded:
h.Lock()
defer h.Unlock()
h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, true) h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, true)
return nil, nil return nil, nil
case *PrivilegeRemoved: case *PrivilegeRemoved:
h.Lock()
defer h.Unlock()
h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, false) h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, false)
return nil, nil return nil, nil
default: default:
client_test.go
+33
View File
@@ -251,6 +251,39 @@ func TestPrivilegeHandler_IsAllowed_Return_True_If_Privilege_Exists(t *testing.T
assert.True(t, result) assert.True(t, result)
} }
func TestPrivilegeHandler_Fetch_Sends_Authorization_Header_When_APIKey_Set(t *testing.T) {
var receivedAuth string
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
receivedAuth = r.Header.Get("Authorization")
_, _ = w.Write([]byte("{}"))
}))
defer server.Close()
handler := New(
WithBaseURL(server.URL),
WithAPIKey("my-secret-key"),
)
err := handler.Fetch()
assert.NoError(t, err)
assert.Equal(t, "Bearer my-secret-key", receivedAuth)
}
func TestPrivilegeHandler_Fetch_No_Authorization_Header_Without_APIKey(t *testing.T) {
var receivedAuth string
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
receivedAuth = r.Header.Get("Authorization")
_, _ = w.Write([]byte("{}"))
}))
defer server.Close()
handler := New(WithBaseURL(server.URL))
err := handler.Fetch()
assert.NoError(t, err)
assert.Empty(t, receivedAuth)
}
func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) { func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(500) w.WriteHeader(500)
go.mod
+2 -2
View File
@@ -1,8 +1,8 @@
module git.unbound.se/shiny/authz_client module gitea.unbound.se/shiny/authz_client
go 1.22.12 go 1.22.12
toolchain go1.25.5 toolchain go1.26.2
require ( require (
github.com/sparetimecoders/goamqp v0.3.3 github.com/sparetimecoders/goamqp v0.3.3