feat(config): add an option to forward the id of the path segment

mmalenic · mmalenic · commit 5d13fc4da034 · 2025-10-27T12:06:32.000+11:00
diff --git a/htsget-config/README.md b/htsget-config/README.md
@@ -430,12 +430,13 @@ The authorization server should respond with a rule set that htsget-rs can use t
 
 The following additional options can be configured under the `auth` table to enable this:
 
-| Option                  | Description                                                                                                                                                                                                                                   | Type                  | Default  |
-|-------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
-| `authorization_url`     | The URL which will be called to authorize the user. A GET request will be issued to the url. Alternatively, this can be a file path to authorize users based on static config.                                                                | URL                   | Not set. |
-| `forward_headers`       | For each header specified, forward any headers from the client to the authorization server. Headers are forwarded with the `Htsget-Context-` as a prefix.                                                                                     | Array of header names | Not set. |
-| `forward_endpoint_type` | Forwards the type of endpoint that the request used in a header called `Htsget-Context-Endpoint-Type`. The value of this header will either be `reads` or `variants`, depending on whether the user requested the reads or variants endpoint. | Boolean               | `false`  |
-| `passthrough_auth`      | Forward the authorization header to the authorization server directly without renaming it to a `Htsget-Context-` custom header. If this is true, then the `Authorization` header is required with the request.                                | Boolean               | `false`  |
+| Option                  | Description                                                                                                                                                                                                                                                          | Type                  | Default  |
+|-------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
+| `authorization_url`     | The URL which will be called to authorize the user. A GET request will be issued to the url. Alternatively, this can be a file path to authorize users based on static config.                                                                                       | URL                   | Not set. |
+| `forward_headers`       | For each header specified, forward any headers from the client to the authorization server. Headers are forwarded with the `Htsget-Context-` as a prefix.                                                                                                            | Array of header names | Not set. |
+| `forward_endpoint_type` | Forwards the type of endpoint that the request used in a header called `Htsget-Context-Endpoint-Type`. The value of this header will either be `reads` or `variants`, depending on whether the user requested the reads or variants endpoint.                        | Boolean               | `false`  |
+| `forward_id`            | Forwards the id of the request in a header called `Htsget-Context-Id`. The value of this header will be request path without the `/reads` or `/variants` component. For example, if a request path is `/reads/<id>`, this header will have the same value as `<id>`. | Boolean               | `false`  |
+| `passthrough_auth`      | Forward the authorization header to the authorization server directly without renaming it to a `Htsget-Context-` custom header. If this is true, then the `Authorization` header is required with the request.                                                       | Boolean               | `false`  |
 
 When using the `authorization_url`, the [authentication](#jwt-authentication) config must also be set as htsget-rs will
 forward the JWT token to the authorization server so that it can make decisions about the user's authorization. If the
diff --git a/htsget-config/docs/examples/auth.toml b/htsget-config/docs/examples/auth.toml
@@ -24,6 +24,8 @@ passthrough_auth = true
 #forward_headers = ["Content-Type"]
 ## Forward the endpoint type to the auth service.
 #forward_endpoint_type = true
+## Forward the request id.
+#forward_id = true
 
 ## Set client authentication
 #http.key = "key.pem"
diff --git a/htsget-config/src/config/advanced/auth/mod.rs b/htsget-config/src/config/advanced/auth/mod.rs
@@ -29,6 +29,7 @@ pub struct AuthConfig {
   authorization_url: Option<UrlOrStatic>,
   forward_headers: Vec<String>,
   forward_endpoint_type: bool,
+  forward_id: bool,
   passthrough_auth: bool,
   forward_extensions: Vec<ForwardExtensions>,
   http_client: HttpClient,
@@ -101,6 +102,11 @@ impl AuthConfig {
     self.forward_endpoint_type
   }
 
+  /// Get whether to forward the id of the request.
+  pub fn forward_id(&self) -> bool {
+    self.forward_id
+  }
+
   /// Get whether to pass through the auth header.
   pub fn passthrough_auth(&self) -> bool {
     self.passthrough_auth
@@ -133,6 +139,7 @@ pub struct AuthConfigBuilder {
   authorization_url: Option<UrlOrStatic>,
   forward_headers: Vec<String>,
   forward_endpoint_type: bool,
+  forward_id: bool,
   passthrough_auth: bool,
   forward_extensions: Vec<ForwardExtensions>,
   #[serde(rename = "http", alias = "tls", skip_serializing)]
@@ -206,6 +213,12 @@ impl AuthConfigBuilder {
     self
   }
 
+  /// Set whether to forward the id
+  pub fn forward_id(mut self, forward_id: bool) -> Self {
+    self.forward_id = forward_id;
+    self
+  }
+
   /// Set whether to pass through auth.
   pub fn passthrough_auth(mut self, passthrough_auth: bool) -> Self {
     self.passthrough_auth = passthrough_auth;
@@ -228,6 +241,7 @@ impl AuthConfigBuilder {
       authorization_url: self.authorization_url,
       forward_headers: self.forward_headers,
       forward_endpoint_type: self.forward_endpoint_type,
+      forward_id: self.forward_id,
       passthrough_auth: self.passthrough_auth,
       forward_extensions: self.forward_extensions,
       http_client: self
@@ -254,6 +268,7 @@ impl Default for AuthConfigBuilder {
       authorization_url,
       forward_headers: vec![],
       forward_endpoint_type: false,
+      forward_id: false,
       passthrough_auth: false,
       forward_extensions: vec![],
       http_client: None,
@@ -394,6 +409,7 @@ mod tests {
       passthrough_auth = true
       forward_headers = ["header"]
       forward_endpoint_type = true
+      forward_id = true
       forward_extensions = [ { json_path = '$.extension', name = 'Extension'} ]
       "#,
     )
@@ -418,6 +434,7 @@ mod tests {
     assert!(config.passthrough_auth());
     assert_eq!(config.forward_headers(), ["header".to_string()]);
     assert!(config.forward_endpoint_type());
+    assert!(config.forward_id());
     assert_eq!(
       config.forward_extensions(),
       [ForwardExtensions::new(
