(next http.Handler)
| 60 | } |
| 61 | |
| 62 | func AWSAuthMiddleware(next http.Handler) http.Handler { |
| 63 | return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 64 | authHeader := r.Header.Get(consts.AuthHeader) |
| 65 | |
| 66 | if authHeader == "" { |
| 67 | respondError(w, r, ErrorAuthHeaderMissing(consts.AuthHeader, r.Host, r.RequestURI)) |
| 68 | return |
| 69 | } |
| 70 | |
| 71 | accountID, err := aws.ExecuteIdentityRequestFromHeader(authHeader) |
| 72 | if err != nil { |
| 73 | respondError(w, r, err) |
| 74 | return |
| 75 | } |
| 76 | |
| 77 | operatorAccountID, _, err := config.AWS.GetCachedAccountID() |
| 78 | if err != nil { |
| 79 | respondError(w, r, ErrorAuthAPIError()) |
| 80 | return |
| 81 | } |
| 82 | |
| 83 | if accountID != operatorAccountID { |
| 84 | respondErrorCode(w, r, http.StatusForbidden, ErrorAuthOtherAccount()) |
| 85 | return |
| 86 | } |
| 87 | |
| 88 | next.ServeHTTP(w, r) |
| 89 | }) |
| 90 | } |
| 91 | |
| 92 | func APIVersionCheckMiddleware(next http.Handler) http.Handler { |
| 93 | return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
nothing calls this directly
no test coverage detected