Wenxin Du 4639cc6560 fix: Auth token verification failure should not throw error immedicately (#234) ...

Currently, we are throwing 401 error immediately after auth token
verification failure. This is not expected in the following situations:
1. Non-auth tool invocation with auth token that is invalid.
2. Auth tool invocation with all the required auth token, but the header
contains extra non-required token that is invalid
These requests should pass the authorization check but fail under the
current implementation.

Change made in this PR:
1. Do not throw error immediately after auth token verification failure.
Instead only log it and continue to the next header iteration.
2. In the parseParams() method, if an auth parameter is missing, we
should error with the message telling the user that either the auth
header is missing or is invalid.

2025-01-24 08:49:51 -07:00

..

auth

feat: Add Tool authenticated parameters (#80)

2024-12-16 17:46:06 -05:00

log

feat: update log with given context (#147)

2024-12-23 19:55:25 -08:00

server

fix: Auth token verification failure should not throw error immedicately (#234)

2025-01-24 08:49:51 -07:00

sources

feat: Add Cloud SQL for SQL Server Source and Tool (#223)

2025-01-23 21:21:12 +08:00

telemetry

feat: add support for OpenTelemetry (#205)

2025-01-13 15:38:38 -08:00

testutils

feat: add basic parsing from tools file (#8)

2024-08-05 09:33:07 -06:00

tools

fix: Auth token verification failure should not throw error immedicately (#234)

2025-01-24 08:49:51 -07:00

util

chore: migrate yaml library to goccy/go-yaml (#211)

2025-01-16 09:15:18 -08:00