commit af14b912d54336666668b9d671e9c43a0fb35830 · bladee.bsky.social/darkfeed

darkfeed/src/main/kotlin/api/AuthManager.kt

··· 52 52 val authAccountDid 53 53 get() = authAccount.username 54 54 55 + /** The PDS host of the account used for authentication. */ 56 + val authAccountPdsHost 57 + get() = authAccount.pdsHost 55 58 56 59 /** Create a new auth session. */ 57 60 suspend fun createSession() {

+21 -2

darkfeed/src/main/kotlin/api/AuthPlugin.kt

··· 17 17 val authMutex = Mutex() 18 18 val log = LoggerFactory.getLogger(LOGGER_NAME) 19 19 20 + fun isAuthRequired(url: Url): Boolean { 21 + val ownerPdsUrl = Url(authManager.authAccountPdsHost) 22 + 23 + return when (url.host) { 24 + ownerPdsUrl.host -> when { 25 + url.segments.containsAll(listOf("xrpc", "com.atproto.repo.putRecord")) -> true 26 + else -> false 27 + } 28 + 29 + else -> false 30 + } 31 + } 32 + 20 33 // Add authorization header to requests. 21 34 onRequest { request, _ -> 22 35 // Format the request's endpoint as '<protocol>://<host>/<path>' for use in logs. 23 - val endpoint = with(request.url) { "${protocol.name}://${host}${encodedPath}" } 36 + val endpoint = with(request.url) { "${protocol.name}://${host}/${encodedPath}" } 37 + 38 + // Check if authorization is required. 39 + if (!isAuthRequired(request.url.build())) { 40 + log.debug("Not adding 'Authorization' header on request to '{}'", endpoint) 41 + return@onRequest 42 + } 24 43 25 44 // Remove any existing `Authorization` headers. 26 45 if (request.headers.contains(HttpHeaders.Authorization)) { ··· 54 73 // Check responses for authorization failures. 55 74 on(Send) { request -> 56 75 // Format the request's endpoint as '<protocol>://<host>/<path>' for use in logs. 57 - val endpoint = with(request.url) { "${protocol.name}://${host}${encodedPath}" } 76 + val endpoint = with(request.url) { "${protocol.name}://${host}/${encodedPath}" } 58 77 59 78 // Send the request. 60 79 val originalCall = proceed(request)