MCPcopy
hub / github.com/cortexlabs/cortex / AWSAuthMiddleware

Function AWSAuthMiddleware

pkg/operator/endpoints/middleware.go:62–90  ·  view source on GitHub ↗
(next http.Handler)

Source from the content-addressed store, hash-verified

60}
61
62func AWSAuthMiddleware(next http.Handler) http.Handler {
63 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
64 authHeader := r.Header.Get(consts.AuthHeader)
65
66 if authHeader == "" {
67 respondError(w, r, ErrorAuthHeaderMissing(consts.AuthHeader, r.Host, r.RequestURI))
68 return
69 }
70
71 accountID, err := aws.ExecuteIdentityRequestFromHeader(authHeader)
72 if err != nil {
73 respondError(w, r, err)
74 return
75 }
76
77 operatorAccountID, _, err := config.AWS.GetCachedAccountID()
78 if err != nil {
79 respondError(w, r, ErrorAuthAPIError())
80 return
81 }
82
83 if accountID != operatorAccountID {
84 respondErrorCode(w, r, http.StatusForbidden, ErrorAuthOtherAccount())
85 return
86 }
87
88 next.ServeHTTP(w, r)
89 })
90}
91
92func APIVersionCheckMiddleware(next http.Handler) http.Handler {
93 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

Callers

nothing calls this directly

Calls 8

respondErrorFunction · 0.85
ErrorAuthHeaderMissingFunction · 0.85
ErrorAuthAPIErrorFunction · 0.85
respondErrorCodeFunction · 0.85
ErrorAuthOtherAccountFunction · 0.85
GetCachedAccountIDMethod · 0.80
ServeHTTPMethod · 0.45

Tested by

no test coverage detected