shiny/authz_client
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 10 Activity

feat(client): add API key authentication for /authz endpoint #294

Merged
argoyle merged 2 commits from fix/authz-endpoint-auth into main 2026-03-12 07:32:13 +00:00
Conversation 2 Commits 2 Files Changed 2
+54 -9
argoyle commented 2026-03-12 07:24:10 +00:00
Owner
Copy Link
Copy Source

Summary

  • Add WithAPIKey(key string) option to PrivilegeHandler
  • When set, Fetch() sends Authorization: Bearer <key> header
  • Backward compatible: no key = no header (existing behavior)

Test plan

  • Unit test verifying Authorization header is sent
  • Unit test verifying no header without key
  • Existing tests still pass

🤖 Generated with Claude Code

## Summary - Add `WithAPIKey(key string)` option to `PrivilegeHandler` - When set, `Fetch()` sends `Authorization: Bearer <key>` header - Backward compatible: no key = no header (existing behavior) ## Test plan - [x] Unit test verifying Authorization header is sent - [x] Unit test verifying no header without key - [x] Existing tests still pass 🤖 Generated with [Claude Code](https://claude.com/claude-code)
argoyle added 1 commit 2026-03-12 07:24:12 +00:00
feat(client): add API key authentication for /authz endpoint
authz_client / test (pull_request) Successful in 1m50s
Details
authz_client / vulnerabilities (pull_request) Successful in 1m57s
Details
pre-commit / pre-commit (pull_request) Successful in 5m30s
Details
9cdb09add4 
Add WithAPIKey option to set a Bearer token on requests to the
authz-service /authz endpoint. When set, Fetch() includes an
Authorization header. Backward compatible - no key means no header.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
argoyle scheduled this pull request to auto merge when all checks succeed 2026-03-12 07:24:39 +00:00
gitea-actions bot commented 2026-03-12 07:26:03 +00:00
Copy Link
Copy Source

Coverage Report

Total coverage: 97.5%

## Coverage Report Total coverage: **97.5%**
argoyle added 1 commit 2026-03-12 07:26:23 +00:00
fix(client): resolve race condition in Process event handler
authz_client / vulnerabilities (pull_request) Successful in 1m38s
Details
authz_client / test (pull_request) Successful in 1m50s
Details
pre-commit / pre-commit (pull_request) Successful in 5m11s
Details
e24a339046 
Move lock acquisition to the top of Process() instead of per-case.
Previously UserAdded and UserRemoved read the privileges map without
holding any lock, causing data races with concurrent Fetch/IsAllowed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
gitea-actions bot commented 2026-03-12 07:28:28 +00:00
Copy Link
Copy Source

Coverage Report

Total coverage: 97.3%

## Coverage Report Total coverage: **97.3%**
argoyle merged commit fe0abd62c8 into main 2026-03-12 07:32:13 +00:00
argoyle deleted branch fix/authz-endpoint-auth 2026-03-12 07:32:14 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
dependencies
Pull requests that update a dependency file
 Doing
go
To Do
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
acctest (Shiny Acctest) argoyle (Joakim Olsson) buildtools (Buildtools) kubernetes (Kubernetes) releaser (Unbound Releaser) renovate (Renovate Bot)
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: shiny/authz_client#294
Delete Branch "fix/authz-endpoint-auth"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?