// Code generated by ogen, DO NOT EDIT.
package gen
import (
"context"
"net/http"
"strings"
"github.com/go-faster/errors"
"github.com/ogen-go/ogen/ogenerrors"
)
// SecurityHandler is handler for security parameters.
type SecurityHandler interface {
// HandleGatewayToken handles gatewayToken security.
// Ed25519 JWT signed by Worker gateway.
HandleGatewayToken(ctx context.Context, operationName OperationName, t GatewayToken) (context.Context, error)
}
func findAuthorization(h http.Header, prefix string) (string, bool) {
v, ok := h["Authorization"]
if !ok {
return "", false
}
for _, vv := range v {
scheme, value, ok := strings.Cut(vv, " ")
if !ok || !strings.EqualFold(scheme, prefix) {
continue
}
return value, true
}
return "", false
}
// operationRolesGatewayToken is a private map storing roles per operation.
var operationRolesGatewayToken = map[string][]string{
CompleteUserOnboardingOperation: []string{},
CreatePromptOperation: []string{},
DeleteCredentialOperation: []string{},
DeleteOAuthAppOperation: []string{},
DeletePromptOperation: []string{},
GenerateApiKeyOperation: []string{},
GetApiKeyStatusOperation: []string{},
GetModuleConfigOperation: []string{},
GetMyProfileOperation: []string{},
GetOAuthAppCredentialsOperation: []string{},
GetPromptOperation: []string{},
GetStripeCustomerIdOperation: []string{},
GetUsageOperation: []string{},
LinkStripeCustomerOperation: []string{},
ListAllOAuthConsentsOperation: []string{},
ListApiKeysOperation: []string{},
ListCredentialsOperation: []string{},
ListOAuthAppsOperation: []string{},
ListOAuthConsentsOperation: []string{},
ListPromptsOperation: []string{},
RegisterUserOperation: []string{},
RevokeApiKeyOperation: []string{},
RevokeOAuthConsentOperation: []string{},
UpdatePromptOperation: []string{},
UpdateSettingsOperation: []string{},
UpsertCredentialOperation: []string{},
UpsertModuleDescriptionOperation: []string{},
UpsertOAuthAppOperation: []string{},
UpsertToolSettingsOperation: []string{},
}
// GetRolesForGatewayToken returns the required roles for the given operation.
//
// This is useful for authorization scenarios where you need to know which roles
// are required for an operation.
//
// Example:
//
// requiredRoles := GetRolesForGatewayToken(AddPetOperation)
//
// Returns nil if the operation has no role requirements or if the operation is unknown.
func GetRolesForGatewayToken(operation string) []string {
roles, ok := operationRolesGatewayToken[operation]
if !ok {
return nil
}
// Return a copy to prevent external modification
result := make([]string, len(roles))
copy(result, roles)
return result
}
func (s *Server) securityGatewayToken(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
var t GatewayToken
const parameterName = "X-Gateway-Token"
value := req.Header.Get(parameterName)
if value == "" {
return ctx, false, nil
}
t.APIKey = value
t.Roles = operationRolesGatewayToken[operationName]
rctx, err := s.sec.HandleGatewayToken(ctx, operationName, t)
if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
return nil, false, nil
} else if err != nil {
return nil, false, err
}
return rctx, true, err
}
