code 281- get source router from the handler

internal/api/middleware/authn/authn.go

@@ -18,14 +18,14 @@ import (
 
 // Attempt returns an http.HandlerFunc middleware that authenticates
 // the http.Request if authentication payload is available.
-func Attempt(authenticator authn.Authenticator) func(http.Handler) http.Handler {
+func Attempt(authenticator authn.Authenticator, sourceRouter authn.SourceRouter) func(http.Handler) http.Handler {
-	return performAuthentication(authenticator, false, authn.AuthGitCaller)
+	return performAuthentication(authenticator, false, sourceRouter)
 }
 
 // Required returns an http.HandlerFunc middleware that authenticates
 // the http.Request and fails the request if no auth data was available.
-func Required(authenticator authn.Authenticator) func(http.Handler) http.Handler {
+func Required(authenticator authn.Authenticator, sourceRouter authn.SourceRouter) func(http.Handler) http.Handler {
-	return performAuthentication(authenticator, true, authn.AuthAPICaller)
+	return performAuthentication(authenticator, true, sourceRouter)
 }
 
 // performAuthentication returns an http.HandlerFunc middleware that authenticates
@@ -33,14 +33,14 @@ func Required(authenticator authn.Authenticator) func(http.Handler) http.Handler
 // Depending on whether it is required or not, the request will be failed.
 func performAuthentication(
 	authenticator authn.Authenticator,
-	required bool, caller authn.APICaller,
+	required bool, sourceRouter authn.SourceRouter,
 ) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			ctx := r.Context()
 			log := hlog.FromRequest(r)
 
-			session, err := authenticator.Authenticate(r, caller)
+			session, err := authenticator.Authenticate(r, sourceRouter)
 
 			if errors.Is(err, authn.ErrNoAuthData) {
 				if required {

internal/auth/authn/authenticator.go

@@ -19,11 +19,11 @@ var (
 	ErrNotAcceptedAuthMethod = errors.New("the request contains auth method that is not accepted by the Authorizer")
 )
 
-type APICaller string
+type SourceRouter string
 
 const (
-	AuthAPICaller APICaller = "api"
+	SourceRouterAPI SourceRouter = "api"
-	AuthGitCaller APICaller = "git"
+	SourceRouterGIT SourceRouter = "git"
 )
 
 // Authenticator is an abstraction of an entity that's responsible for authenticating principals
@@ -36,5 +36,5 @@ type Authenticator interface {
 	 *		(nil, ErrNoAuthData)	- request doesn't contain any auth data
 	 *		(nil, err)  			- request contains auth data but verification failed
 	 */
-	Authenticate(r *http.Request, caller APICaller) (*auth.Session, error)
+	Authenticate(r *http.Request, sourceRouter SourceRouter) (*auth.Session, error)
 }

internal/auth/authn/token.go

@@ -38,7 +38,7 @@ func NewTokenAuthenticator(
 	}
 }
 
-func (a *TokenAuthenticator) Authenticate(r *http.Request, caller APICaller) (*auth.Session, error) {
+func (a *TokenAuthenticator) Authenticate(r *http.Request, sourceRouter SourceRouter) (*auth.Session, error) {
 	ctx := r.Context()
 	str := extractToken(r)
 

internal/router/api.go

@@ -82,7 +82,7 @@ func NewAPIHandler(
 	r.Use(corsHandler(config))
 
 	// for now always attempt auth - enforced per operation.
-	r.Use(middlewareauthn.Attempt(authenticator))
+	r.Use(middlewareauthn.Attempt(authenticator, authn.SourceRouterAPI))
 
 	r.Route("/v1", func(r chi.Router) {
 		setupRoutesV1(r, repoCtrl, spaceCtrl, pullreqCtrl, webhookCtrl, githookCtrl, saCtrl, userCtrl, principalCtrl)

internal/router/git.go

@@ -53,7 +53,7 @@ func NewGitHandler(
 	r.Use(logging.HLogAccessLogHandler())
 
 	r.Route(fmt.Sprintf("/{%s}", request.PathParamRepoRef), func(r chi.Router) {
-		r.Use(middlewareauthn.Attempt(authenticator))
+		r.Use(middlewareauthn.Attempt(authenticator, authn.SourceRouterGIT))
 
 		// smart protocol
 		r.Handle("/git-upload-pack", handlerrepo.GetUploadPack(client, urlProvider, repoStore, authorizer))