fix: allow provider registration without token gate

This commit is contained in:
Codex
2026-07-08 08:27:01 +02:00
parent 82ae5bdef3
commit bc7406ecbd
2 changed files with 2 additions and 22 deletions
-2
View File
@@ -134,8 +134,6 @@ async function providerRoute(req: Request, server: Server<WsData>): Promise<Resp
});
}
if (url.pathname === "/ws/provider") {
const token = url.searchParams.get("token") ?? req.headers.get("x-provider-token");
if (token !== config().providerToken) return jsonResponse({ ok: false, error: "invalid provider token" }, 401);
const upgraded = server.upgrade(req, { data: { channel: "provider" } satisfies WsData });
return upgraded ? undefined : jsonResponse({ ok: false, error: "websocket upgrade failed" }, 400);
}
@@ -13,7 +13,6 @@ use crate::db::{
upsert_system_status,
};
use crate::egress_tcp::{handle_egress_tcp_close, handle_egress_tcp_data, handle_egress_tcp_open};
use crate::http::json_response;
use crate::json_util::compact_json_for_storage;
use crate::ssh_bridge::forward_ssh_provider_message;
use crate::state::{AppState, HttpTunnelResponse, ProviderConnection};
@@ -529,26 +528,9 @@ async fn maybe_handle_provider_upgrade_schedule_status(
pub async fn provider_ws(
state: Arc<AppState>,
ws: WebSocketUpgrade,
headers: HeaderMap,
uri: Uri,
_headers: HeaderMap,
_uri: Uri,
) -> Response {
let query_token = uri.query().and_then(|query| {
url::form_urlencoded::parse(query.as_bytes())
.find(|(key, _)| key == "token")
.map(|(_, value)| value.into_owned())
});
let token = query_token.or_else(|| {
headers
.get("x-provider-token")
.and_then(|value| value.to_str().ok())
.map(ToOwned::to_owned)
});
if token.as_deref() != Some(&state.config.provider_token) {
return json_response(
json!({ "ok": false, "error": "invalid provider token" }),
401,
);
}
ws.on_upgrade(move |socket| provider_socket_task(state, socket))
}