Skip to content

Commit 2837ebc

Browse files
EmyrkEmyrk
committed
remove multi org check from psk auth
1 parent d844be7 commit 2837ebc

File tree

3 files changed

+47
-72
lines changed

3 files changed

+47
-72
lines changed

coderd/httpmw/provisionerdaemon.go

Lines changed: 3 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,9 @@ func ProvisionerDaemonAuthenticated(r *http.Request) bool {
2020
}
2121

2222
type ExtractProvisionerAuthConfig struct {
23-
DB database.Store
24-
Optional bool
25-
PSK string
26-
MultiOrgEnabled bool
23+
DB database.Store
24+
Optional bool
25+
PSK string
2726
}
2827

2928
func ExtractProvisionerDaemonAuthenticated(opts ExtractProvisionerAuthConfig) func(next http.Handler) http.Handler {
@@ -39,18 +38,6 @@ func ExtractProvisionerDaemonAuthenticated(opts ExtractProvisionerAuthConfig) fu
3938
httpapi.Write(ctx, w, code, response)
4039
}
4140

42-
if !opts.MultiOrgEnabled {
43-
if opts.PSK == "" {
44-
handleOptional(http.StatusUnauthorized, codersdk.Response{
45-
Message: "External provisioner daemons not enabled",
46-
})
47-
return
48-
}
49-
50-
fallbackToPSK(ctx, opts.PSK, next, w, r, handleOptional)
51-
return
52-
}
53-
5441
psk := r.Header.Get(codersdk.ProvisionerDaemonPSK)
5542
key := r.Header.Get(codersdk.ProvisionerDaemonKey)
5643
if key == "" {

enterprise/coderd/coderd.go

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -359,10 +359,9 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
359359
api.provisionerDaemonsEnabledMW,
360360
apiKeyMiddlewareOptional,
361361
httpmw.ExtractProvisionerDaemonAuthenticated(httpmw.ExtractProvisionerAuthConfig{
362-
DB: api.Database,
363-
Optional: true,
364-
PSK: api.ProvisionerDaemonPSK,
365-
MultiOrgEnabled: api.AGPL.Experiments.Enabled(codersdk.ExperimentMultiOrganization),
362+
DB: api.Database,
363+
Optional: true,
364+
PSK: api.ProvisionerDaemonPSK,
366365
}),
367366
// Either a user auth or provisioner auth is required
368367
// to move forward.

enterprise/coderd/provisionerdaemons_test.go

Lines changed: 41 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -597,17 +597,16 @@ func TestProvisionerDaemonServe(t *testing.T) {
597597
require.NoError(t, err)
598598

599599
tcs := []struct {
600-
name string
601-
psk string
602-
multiOrgFeatureEnabled bool
603-
multiOrgExperimentEnabled bool
604-
insertParams database.InsertProvisionerKeyParams
605-
requestProvisionerKey string
606-
requestPSK string
607-
errStatusCode int
600+
name string
601+
psk string
602+
multiOrgFeatureEnabled bool
603+
insertParams database.InsertProvisionerKeyParams
604+
requestProvisionerKey string
605+
requestPSK string
606+
errStatusCode int
608607
}{
609608
{
610-
name: "MultiOrgDisabledPSKAuthOK",
609+
name: "PSKAuthOK",
611610
psk: "provisionersftw",
612611
requestPSK: "provisionersftw",
613612
},
@@ -618,58 +617,51 @@ func TestProvisionerDaemonServe(t *testing.T) {
618617
requestPSK: "provisionersftw",
619618
},
620619
{
621-
name: "MultiOrgFeatureDisabledPSKAuthOK",
622-
multiOrgExperimentEnabled: true,
623-
psk: "provisionersftw",
624-
requestPSK: "provisionersftw",
620+
name: "MultiOrgFeatureDisabledPSKAuthOK",
621+
psk: "provisionersftw",
622+
requestPSK: "provisionersftw",
625623
},
626624
{
627-
name: "MultiOrgEnabledPSKAuthOK",
628-
psk: "provisionersftw",
629-
multiOrgFeatureEnabled: true,
630-
multiOrgExperimentEnabled: true,
631-
requestPSK: "provisionersftw",
625+
name: "MultiOrgEnabledPSKAuthOK",
626+
psk: "provisionersftw",
627+
multiOrgFeatureEnabled: true,
628+
requestPSK: "provisionersftw",
632629
},
633630
{
634-
name: "MultiOrgEnabledKeyAuthOK",
635-
psk: "provisionersftw",
636-
multiOrgFeatureEnabled: true,
637-
multiOrgExperimentEnabled: true,
638-
insertParams: insertParams,
639-
requestProvisionerKey: token,
631+
name: "MultiOrgEnabledKeyAuthOK",
632+
psk: "provisionersftw",
633+
multiOrgFeatureEnabled: true,
634+
insertParams: insertParams,
635+
requestProvisionerKey: token,
640636
},
641637
{
642-
name: "MultiOrgEnabledPSKAuthDisabled",
643-
multiOrgFeatureEnabled: true,
644-
multiOrgExperimentEnabled: true,
645-
requestPSK: "provisionersftw",
646-
errStatusCode: http.StatusUnauthorized,
638+
name: "MultiOrgEnabledPSKAuthDisabled",
639+
multiOrgFeatureEnabled: true,
640+
requestPSK: "provisionersftw",
641+
errStatusCode: http.StatusUnauthorized,
647642
},
648643
{
649-
name: "InvalidKey",
650-
multiOrgFeatureEnabled: true,
651-
multiOrgExperimentEnabled: true,
652-
insertParams: insertParams,
653-
requestProvisionerKey: "provisionersftw",
654-
errStatusCode: http.StatusBadRequest,
644+
name: "InvalidKey",
645+
multiOrgFeatureEnabled: true,
646+
insertParams: insertParams,
647+
requestProvisionerKey: "provisionersftw",
648+
errStatusCode: http.StatusBadRequest,
655649
},
656650
{
657-
name: "KeyAndPSK",
658-
multiOrgFeatureEnabled: true,
659-
multiOrgExperimentEnabled: true,
660-
psk: "provisionersftw",
661-
insertParams: insertParams,
662-
requestProvisionerKey: token,
663-
requestPSK: "provisionersftw",
664-
errStatusCode: http.StatusUnauthorized,
651+
name: "KeyAndPSK",
652+
multiOrgFeatureEnabled: true,
653+
psk: "provisionersftw",
654+
insertParams: insertParams,
655+
requestProvisionerKey: token,
656+
requestPSK: "provisionersftw",
657+
errStatusCode: http.StatusUnauthorized,
665658
},
666659
{
667-
name: "None",
668-
multiOrgFeatureEnabled: true,
669-
multiOrgExperimentEnabled: true,
670-
psk: "provisionersftw",
671-
insertParams: insertParams,
672-
errStatusCode: http.StatusUnauthorized,
660+
name: "None",
661+
multiOrgFeatureEnabled: true,
662+
psk: "provisionersftw",
663+
insertParams: insertParams,
664+
errStatusCode: http.StatusUnauthorized,
673665
},
674666
}
675667

@@ -683,9 +675,6 @@ func TestProvisionerDaemonServe(t *testing.T) {
683675
features[codersdk.FeatureMultipleOrganizations] = 1
684676
}
685677
dv := coderdtest.DeploymentValues(t)
686-
if tc.multiOrgExperimentEnabled {
687-
dv.Experiments.Append(string(codersdk.ExperimentMultiOrganization))
688-
}
689678
client, db, user := coderdenttest.NewWithDatabase(t, &coderdenttest.Options{
690679
LicenseOptions: &coderdenttest.LicenseOptions{
691680
Features: features,

0 commit comments

Comments
 (0)