11package authcontrol
22
33import (
4+ "cmp"
5+ "fmt"
46 "maps"
57 "net/http"
8+ "os"
9+ "path/filepath"
610 "time"
711
812 "github.com/go-chi/traceid"
@@ -12,25 +16,35 @@ import (
1216type S2SClientConfig struct {
1317 Service string
1418 JWTSecret string
19+ AccessKey string
1520 DebugRequests bool
1621}
1722
1823// Service-to-service HTTP client for internal communication between Sequence services.
1924func S2SClient (cfg * S2SClientConfig ) * http.Client {
25+ serviceName := cmp .Or (cfg .Service , filepath .Base (os .Args [0 ]))
26+
2027 httpClient := & http.Client {
2128 Transport : transport .Chain (http .DefaultTransport ,
2229 traceid .Transport ,
23- transport .SetHeaderFunc ("Authorization" , func (req * http.Request ) string {
24- return "BEARER " + S2SToken (cfg .JWTSecret , map [string ]any {"service" : cfg .Service })
25- }),
26- transport .If (cfg .DebugRequests , transport .LogRequests (transport.LogOptions {Concise : true , CURL : true })),
30+ transport .SetHeader ("User-Agent" , fmt .Sprintf ("sequence/%s" , serviceName )),
31+ transport .If (cfg .JWTSecret != "" ,
32+ transport .SetHeaderFunc ("Authorization" , func (req * http.Request ) string {
33+ return "BEARER " + S2SToken (cfg .JWTSecret , map [string ]any {"service" : serviceName })
34+ }),
35+ ),
36+ transport .If (cfg .AccessKey != "" ,
37+ transport .SetHeader ("X-Access-Key" , cfg .AccessKey ),
38+ ),
39+ transport .If (cfg .DebugRequests ,
40+ transport .LogRequests (transport.LogOptions {Concise : true , CURL : true }),
41+ ),
2742 ),
2843 }
29-
3044 return httpClient
3145}
3246
33- // Create short-lived service-to-service JWT token for internal communication between Sequence services.
47+ // Create a short-lived service-to-service JWT token for internal communication between Sequence services.
3448func S2SToken (jwtSecret string , claims map [string ]any ) string {
3549 jwtAuth , _ := NewAuth (jwtSecret ).GetVerifier (nil )
3650 now := time .Now ().UTC ()
0 commit comments