evan.jarrett.net / at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage. atcr.io
docker container atproto go
72
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix test

Evan Jarrett 2026780e 2f27f226

+5 -34
+1 -1
pkg/hold/pds/auth.go
··· 6 6 "encoding/json" 7 7 "fmt" 8 8 "io" 9 + "log" 9 10 "net/http" 10 11 "slices" 11 12 "strings" 12 13 "time" 13 - "log" 14 14 15 15 "atcr.io/pkg/atproto" 16 16 "github.com/bluesky-social/indigo/atproto/atcrypto"
+4 -4
pkg/hold/pds/xrpc.go
··· 116 116 }) 117 117 } 118 118 119 - // requireAuth middleware - validates DPoP authentication 119 + // requireAuth middleware - validates service token authentication 120 120 // Stores validated user in request context 121 121 func (h *XRPCHandler) requireAuth(next http.Handler) http.Handler { 122 122 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 123 123 // Service token authentication 124 - user, err := ValidateServiceToken(r, h.pds.did, h.httpClient) 124 + user, err := ValidateServiceToken(r, h.pds.did, h.httpClient) 125 125 if err != nil { 126 - http.Error(w, fmt.Sprintf("unauthorized: %v", err), http.StatusForbidden) 127 - return 126 + http.Error(w, fmt.Sprintf("unauthorized: %v", err), http.StatusUnauthorized) 127 + return 128 128 } 129 129 // Store user in context for handlers to access 130 130 ctx := context.WithValue(r.Context(), contextKeyUser, user)
-29
pkg/hold/pds/xrpc_test.go
··· 2059 2059 } 2060 2060 } 2061 2061 2062 - // TestRequireAuth_ValidDPoP tests middleware allows valid DPoP token 2063 - func TestRequireAuth_ValidDPoP(t *testing.T) { 2064 - handler, _ := setupTestXRPCHandler(t) 2065 - 2066 - r := chi.NewRouter() 2067 - handler.RegisterHandlers(r) 2068 - 2069 - // requestCrew requires auth 2070 - dpopHelper, err := NewDPoPTestHelper("did:plc:newcrew123", "https://test.pds") 2071 - if err != nil { 2072 - t.Fatalf("Failed to create DPoP helper: %v", err) 2073 - } 2074 - 2075 - req := httptest.NewRequest("POST", atproto.HoldRequestCrew, bytes.NewReader([]byte("{}"))) 2076 - req.Header.Set("Content-Type", "application/json") 2077 - 2078 - if err := dpopHelper.AddDPoPToRequest(req); err != nil { 2079 - t.Fatalf("Failed to add DPoP: %v", err) 2080 - } 2081 - 2082 - w := httptest.NewRecorder() 2083 - r.ServeHTTP(w, req) 2084 - 2085 - // Should not get auth error (may get other errors like "crew not allowed") 2086 - if w.Code == http.StatusUnauthorized { 2087 - t.Errorf("Expected valid DPoP to not get 401, got %d: %s", w.Code, w.Body.String()) 2088 - } 2089 - } 2090 - 2091 2062 // TestRequireAuth_MissingAuth tests middleware returns 401 without auth 2092 2063 func TestRequireAuth_MissingAuth(t *testing.T) { 2093 2064 handler, _ := setupTestXRPCHandler(t)