(
State(state): State<AppState>,
request: Request<Body>,
next: Next,
)
| 888 | } |
| 889 | |
| 890 | async fn require_api_auth( |
| 891 | State(state): State<AppState>, |
| 892 | request: Request<Body>, |
| 893 | next: Next, |
| 894 | ) -> Response { |
| 895 | if request.method() == Method::OPTIONS { |
| 896 | return auth::preflight_response(&state.config, request.headers()); |
| 897 | } |
| 898 | |
| 899 | if is_inspector_agent_transport_path(request.uri().path()) |
| 900 | || request.uri().path() == "/api/pair" |
| 901 | { |
| 902 | return next.run(request).await; |
| 903 | } |
| 904 | |
| 905 | let peer_is_loopback = request |
| 906 | .extensions() |
| 907 | .get::<ConnectInfo<SocketAddr>>() |
| 908 | .map(|ConnectInfo(address)| address.ip().is_loopback()) |
| 909 | .unwrap_or(false); |
| 910 | |
| 911 | if !auth::api_request_authorized( |
| 912 | &state.config, |
| 913 | request.method(), |
| 914 | request.headers(), |
| 915 | peer_is_loopback, |
| 916 | request.uri().query(), |
| 917 | ) { |
| 918 | return auth::unauthorized_response(&state.config, request.headers()); |
| 919 | } |
| 920 | |
| 921 | let request_headers = request.headers().clone(); |
| 922 | let mut response = next.run(request).await; |
| 923 | auth::append_cors_headers(&state.config, &request_headers, response.headers_mut()); |
| 924 | if peer_is_loopback { |
| 925 | auth::append_access_cookie(response.headers_mut(), &state.config.access_token); |
| 926 | } |
| 927 | response |
| 928 | } |
| 929 | |
| 930 | #[derive(Deserialize)] |
| 931 | #[serde(rename_all = "camelCase")] |
nothing calls this directly
no test coverage detected