Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit32ff000

Browse files
committed
limit on api side
1 parent56a880d commit32ff000

File tree

3 files changed

+33
-6
lines changed

3 files changed

+33
-6
lines changed

‎coderd/httpmw/provisionerdaemon.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@ func ExtractProvisionerDaemonAuthenticated(opts ExtractProvisionerAuthConfig) fu
5151
return
5252
}
5353

54+
psk:=r.Header.Get(codersdk.ProvisionerDaemonPSK)
5455
key:=r.Header.Get(codersdk.ProvisionerDaemonKey)
5556
ifkey=="" {
5657
ifopts.PSK=="" {
@@ -63,6 +64,12 @@ func ExtractProvisionerDaemonAuthenticated(opts ExtractProvisionerAuthConfig) fu
6364
fallbackToPSK(ctx,opts.PSK,next,w,r,handleOptional)
6465
return
6566
}
67+
ifpsk!="" {
68+
handleOptional(http.StatusBadRequest, codersdk.Response{
69+
Message:"provisioner daemon key and psk provided, but only one is allowed",
70+
})
71+
return
72+
}
6673

6774
id,keyValue,err:=provisionerkey.Parse(key)
6875
iferr!=nil {

‎codersdk/provisionerdaemons.go

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -226,9 +226,6 @@ func (c *Client) ServeProvisionerDaemon(ctx context.Context, req ServeProvisione
226226

227227
headers.Set(BuildVersionHeader,buildinfo.Version())
228228

229-
ifreq.ProvisionerKey!=""&&req.PreSharedKey!="" {
230-
returnnil,xerrors.Errorf("cannot provide both a provisioner key and a pre-shared key")
231-
}
232229
ifreq.ProvisionerKey!="" {
233230
headers.Set(ProvisionerDaemonKey,req.ProvisionerKey)
234231
}

‎enterprise/coderd/provisionerdaemons_test.go

Lines changed: 26 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"fmt"
77
"io"
88
"net/http"
9+
"strings"
910
"testing"
1011

1112
"github.com/google/uuid"
@@ -614,28 +615,50 @@ func TestProvisionerDaemonServe(t *testing.T) {
614615
name:"WrongKey",
615616
multiOrgFeatureEnabled:true,
616617
multiOrgExperimentEnabled:true,
618+
insertParams:insertParams,
617619
requestProvisionerKey:"provisionersftw",
618620
errStatusCode:http.StatusUnauthorized,
619621
},
620622
{
621-
name:"IdOKKeyWrong",
623+
name:"IdOKKeyValueWrong",
622624
multiOrgFeatureEnabled:true,
623625
multiOrgExperimentEnabled:true,
626+
insertParams:insertParams,
624627
requestProvisionerKey:insertParams.ID.String()+":"+"wrong",
625628
errStatusCode:http.StatusUnauthorized,
626629
},
627630
{
628-
name:"IdWrongKeyOK",
631+
name:"IdWrongKeyValueOK",
629632
multiOrgFeatureEnabled:true,
630633
multiOrgExperimentEnabled:true,
634+
insertParams:insertParams,
631635
requestProvisionerKey:uuid.NewString()+":"+token,
632636
errStatusCode:http.StatusUnauthorized,
633637
},
634638
{
635-
name:"TokenOnly",
639+
name:"KeyValueOnly",
640+
multiOrgFeatureEnabled:true,
641+
multiOrgExperimentEnabled:true,
642+
insertParams:insertParams,
643+
requestProvisionerKey:strings.Split(token,":")[1],
644+
errStatusCode:http.StatusUnauthorized,
645+
},
646+
{
647+
name:"KeyAndPSK",
636648
multiOrgFeatureEnabled:true,
637649
multiOrgExperimentEnabled:true,
650+
psk:"provisionersftw",
651+
insertParams:insertParams,
638652
requestProvisionerKey:token,
653+
requestPSK:"provisionersftw",
654+
errStatusCode:http.StatusUnauthorized,
655+
},
656+
{
657+
name:"None",
658+
multiOrgFeatureEnabled:true,
659+
multiOrgExperimentEnabled:true,
660+
psk:"provisionersftw",
661+
insertParams:insertParams,
639662
errStatusCode:http.StatusUnauthorized,
640663
},
641664
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp