Skip to content

Modify AuthContext to the new format#1131

Open
O-sura wants to merge 3 commits intowso2:mainfrom
O-sura:auth-ctx
Open

Modify AuthContext to the new format#1131
O-sura wants to merge 3 commits intowso2:mainfrom
O-sura:auth-ctx

Conversation

@O-sura
Copy link
Contributor

@O-sura O-sura commented Feb 13, 2026

Purpose

This PR adds the changes related to modifying the AuthContext to match the new format.

Summary by CodeRabbit

  • Bug Fixes

    • More reliable Server‑Sent Events parsing and handling for real‑time responses.
  • Improvements

    • Authentication context redesigned into a structured model for richer auth metadata and downstream consumption.
    • Analytics metadata now consistently includes user identity where available to improve reporting and reduce logging gaps.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 13, 2026

Walkthrough

AuthContext was changed from a plain map[string]string to a pointer to a structured AuthContext type (with Properties and Scopes plus auth-detail fields); SharedContext initialization and analytics call-sites were updated to use the new structured fields (e.g., UserID).

Changes

Cohort / File(s) Summary
SDK: AuthContext type & SharedContext
sdk/gateway/policy/v1alpha/context.go
Added public types: AuthContext, JWTAuthDetails, APIKeyAuthDetails, BasicAuthDetails. Changed SharedContext.AuthContext from map[string]string to *AuthContext and documented fields for downstream consumption.
Execution context initialization
gateway/gateway-runtime/policy-engine/internal/kernel/execution_context.go
buildRequestContext now initializes SharedContext.AuthContext as &policy.AuthContext{ Properties: make(map[string]string), Scopes: make(map[string]bool) } instead of a map[string]string.
Analytics: call-sites & constants
gateway/system-policies/analytics/analytics.go, gateway/gateway-runtime/policy-engine/internal/kernel/analytics.go
Removed local AuthContextKeyUserID in analytics code; added UserIDKey constant in runtime analytics and updated analytics metadata assembly to read ctx.SharedContext.AuthContext.UserID when present. Minor formatting and MCP/SSE handling tweaks across analytics code.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I nibble through types with whiskers bright,

Maps became structs in the soft moonlight.
Properties, scopes, and a user-id clue,
Auth hops along with details anew.
A tidy burrow of fields — hooray, woo!

🚥 Pre-merge checks | ✅ 1 | ❌ 3
❌ Failed checks (2 warnings, 1 inconclusive)
Check name Status Explanation Resolution
Description check ⚠️ Warning The PR description is largely incomplete, missing critical sections like Goals, Approach, User stories, Documentation, Automation tests, Security checks, and Test environment from the template. Complete the PR description by filling in all required template sections, including Goals, Approach, test coverage details, security checks, and test environment information.
Merge Conflict Detection ⚠️ Warning ❌ Merge conflicts detected (17 files):

⚔️ cli/src/cmd/gateway/api/list.go (content)
⚔️ cli/src/cmd/gateway/mcp/list.go (content)
⚔️ gateway/gateway-controller/api/openapi-admin.yaml (content)
⚔️ gateway/gateway-controller/api/openapi.yaml (content)
⚔️ gateway/gateway-controller/pkg/adminapi/generated/generated.go (content)
⚔️ gateway/gateway-controller/pkg/api/generated/generated.go (content)
⚔️ gateway/gateway-controller/pkg/api/handlers/certificates.go (content)
⚔️ gateway/gateway-controller/pkg/api/handlers/handlers.go (content)
⚔️ gateway/gateway-controller/pkg/api/handlers/handlers_test.go (content)
⚔️ gateway/gateway-controller/pkg/models/llm_provider_template.go (content)
⚔️ gateway/gateway-controller/pkg/models/stored_config.go (content)
⚔️ gateway/gateway-runtime/policy-engine/internal/kernel/analytics.go (content)
⚔️ gateway/gateway-runtime/policy-engine/internal/kernel/execution_context.go (content)
⚔️ gateway/it/features/search-deployments.feature (content)
⚔️ gateway/system-policies/analytics/analytics.go (content)
⚔️ platform-api/src/internal/model/artifact.go (content)
⚔️ sdk/gateway/policy/v1alpha/context.go (content)

These conflicts must be resolved before merging into main.
Resolve conflicts locally and push changes to this branch.
Title check ❓ Inconclusive The title 'Modify AuthContext to the new format' is vague and generic, using non-descriptive terms that don't clearly convey the specific technical change. Use a more specific title that describes the actual structural change, e.g., 'Refactor AuthContext from map to struct with Properties and Scopes fields' or similar.
✅ Passed checks (1 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
⚔️ Resolve merge conflicts (beta)
  • Auto-commit resolved conflicts to branch auth-ctx
  • Post resolved changes as copyable diffs in a comment

No actionable comments were generated in the recent review. 🎉

🧹 Recent nitpick comments
sdk/gateway/policy/v1alpha/context.go (3)

29-30: Consider map[string]any for Claims to avoid lossy coercion.

JWT claims can carry non-string values (numbers like exp/iat, booleans, arrays, nested objects). Forcing everything into map[string]string means callers must serialize and deserialize, and it silently discards type information. Since this is a public SDK type, changing it later is a breaking change.

Suggested change
-	Claims map[string]string
+	Claims map[string]any

35-43: Nit: Use TODO (all caps) for conventional comment markers.

Most Go tooling and IDEs recognize TODO, not Todo.

-	// Todo: API key tier, rate limit info, etc.
+	// TODO: API key tier, rate limit info, etc.
-	// Todo: Basic auth specific metadata
+	// TODO: Basic auth specific metadata

51-53: Consider exporting AuthType constants to prevent typos and ease downstream matching.

AuthType accepts specific string values documented in the comment. Defining exported constants (e.g., AuthTypeJWT = "jwt") would provide a single source of truth and help both policy authors and IDE autocompletion.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments