MCPcopy
hub / github.com/tinyauthapp/tinyauth / proxyHandler

Method proxyHandler

internal/controller/proxy_controller.go:78–300  ·  view source on GitHub ↗
(c *gin.Context)

Source from the content-addressed store, hash-verified

76}
77
78func (controller *ProxyController) proxyHandler(c *gin.Context) {
79 // Load proxy context based on the request type
80 proxyCtx, err := controller.getProxyContext(c)
81
82 if err != nil {
83 tlog.App.Warn().Err(err).Msg("Failed to get proxy context")
84 c.JSON(400, gin.H{
85 "status": 400,
86 "message": "Bad request",
87 })
88 return
89 }
90
91 tlog.App.Trace().Interface("ctx", proxyCtx).Msg("Got proxy context")
92
93 // Get acls
94 acls, err := controller.acls.GetAccessControls(proxyCtx.Host)
95
96 if err != nil {
97 tlog.App.Error().Err(err).Msg("Failed to get access controls for resource")
98 controller.handleError(c, proxyCtx)
99 return
100 }
101
102 tlog.App.Trace().Interface("acls", acls).Msg("ACLs for resource")
103
104 clientIP := c.ClientIP()
105
106 if controller.auth.IsBypassedIP(acls.IP, clientIP) {
107 controller.setHeaders(c, acls)
108 c.JSON(200, gin.H{
109 "status": 200,
110 "message": "Authenticated",
111 })
112 return
113 }
114
115 authEnabled, err := controller.auth.IsAuthEnabled(proxyCtx.Path, acls.Path)
116
117 if err != nil {
118 tlog.App.Error().Err(err).Msg("Failed to check if auth is enabled for resource")
119 controller.handleError(c, proxyCtx)
120 return
121 }
122
123 if !authEnabled {
124 tlog.App.Debug().Msg("Authentication disabled for resource, allowing access")
125 controller.setHeaders(c, acls)
126 c.JSON(200, gin.H{
127 "status": 200,
128 "message": "Authenticated",
129 })
130 return
131 }
132
133 if !controller.auth.CheckIP(acls.IP, clientIP) {
134 queries, err := query.Values(config.UnauthorizedQuery{
135 Resource: strings.Split(proxyCtx.Host, ".")[0],

Callers

nothing calls this directly

Calls 13

getProxyContextMethod · 0.95
handleErrorMethod · 0.95
setHeadersMethod · 0.95
useBrowserResponseMethod · 0.95
GetContextFunction · 0.92
SanitizeHeaderFunction · 0.92
GetAccessControlsMethod · 0.80
IsBypassedIPMethod · 0.80
IsAuthEnabledMethod · 0.80
CheckIPMethod · 0.80
IsUserAllowedMethod · 0.80
IsInOAuthGroupMethod · 0.80

Tested by

no test coverage detected