Skip to content

Commit

Permalink
PR comments
Browse files Browse the repository at this point in the history
- Add further docstring
- Reorder some code
  • Loading branch information
kian99 committed Sep 6, 2024
1 parent ee25853 commit 240a294
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 8 deletions.
5 changes: 4 additions & 1 deletion internal/auth/oauth2.go
Original file line number Diff line number Diff line change
Expand Up @@ -330,7 +330,10 @@ func (as *AuthenticationService) MintSessionToken(email string) (string, error)
// access token JWT, returning the parsed token.
//
// The subject of the token contains the user's email and can be used
// for user object creation
// for user object creation.
//
// The error code returned here is used by the Juju CLI to know when to start a
// device login flow, prompting the user to login again.
func (as *AuthenticationService) VerifySessionToken(token string) (_ jwt.Token, err error) {
const op = errors.Op("auth.AuthenticationService.VerifySessionToken")
errorFn := func(message string) error {
Expand Down
17 changes: 10 additions & 7 deletions internal/jujuapi/streamproxy.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
// Copyright 2024 Canonical.

package jujuapi

import (
Expand All @@ -19,7 +20,7 @@ import (
jimmRPC "github.com/canonical/jimm/v3/internal/rpc"
)

// A streamProxier serves all HTTP endpoints by proxying
// A streamProxier serves the the /log endpoint by proxying
// messages between the controller and client.
type streamProxier struct {
// TODO(Kian): Refactor the apiServer to use the JIMM API rather than a concrete struct
Expand Down Expand Up @@ -71,20 +72,22 @@ func (s streamProxier) ServeWS(ctx context.Context, clientConn *websocket.Conn)
return
}

model, err := s.jimm.GetModel(ctx, uuid)
if err != nil {
writeError(err.Error(), errors.CodeModelNotFound)
return
}
modelTag := names.NewModelTag(uuid)

if ok, err := checkPermission(ctx, finalPath, user, model.ResourceTag()); err != nil {
if ok, err := checkPermission(ctx, finalPath, user, modelTag); err != nil {
writeError(err.Error(), errors.CodeUnauthorized)
return
} else if !ok {
writeError(fmt.Sprintf("unauthorized access to endpoint: %s", finalPath), errors.CodeUnauthorized)
return
}

model, err := s.jimm.GetModel(ctx, uuid)
if err != nil {
writeError(err.Error(), errors.CodeModelNotFound)
return
}

api, err := s.jimm.Dialer.Dial(ctx, &model.Controller, model.ResourceTag(), nil)
if err != nil {
zapctx.Error(ctx, "failed to dial controller", zap.Error(err))
Expand Down
1 change: 1 addition & 0 deletions internal/rpc/streamproxy.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
// Copyright 2024 Canonical.

package rpc

import (
Expand Down

0 comments on commit 240a294

Please sign in to comment.