Documentation
¶
Overview ¶
Package handlers contains HTTP handler functions for the codex-exec gateway. It must not import the parent codexexecgateway package to avoid import cycles; shared DTOs are imported from execmodel instead.
Index ¶
- func CloudRegister(store CloudRegisterStore, publicWSBaseURL string) http.HandlerFunc
- func Connected(store InternalConnectedStore, reg Registry) http.HandlerFunc
- func DeleteBinding(store BindingStore) http.HandlerFunc
- func DeleteExecutor(store Store) http.HandlerFunc
- func ListBinding(store BindingStore) http.HandlerFunc
- func PostBinding(store BindingStore) http.HandlerFunc
- func Register(store Store) http.HandlerFunc
- func RequireAgentserverSecret(secret string) func(http.Handler) http.Handler
- func RequireSharedSecret(secret string) func(http.Handler) http.Handler
- func RevokeTurn(rev RevokedAdder) http.HandlerFunc
- type BindingStore
- type CloudRegisterStore
- type InternalConnectedStore
- type Registry
- type RevokedAdder
- type Store
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CloudRegister ¶ added in v0.50.5
func CloudRegister(store CloudRegisterStore, publicWSBaseURL string) http.HandlerFunc
CloudRegister is the upstream-compatibility shim for `codex exec-server --remote <base_url> --executor-id <id>`. Upstream codex first POSTs to `<base_url>/cloud/executor/{id}/register` with `Authorization: Bearer <token>` (token from CODEX_EXEC_SERVER_REMOTE_BEARER_TOKEN env), then connects to the returned URL with no further auth (the URL itself is the credential).
Our existing inbound handler at `/codex-exec/{exe_id}?token=...` is the actual ws endpoint; this handler verifies the bearer once and returns that URL with the token plumbed through.
publicWSBaseURL is the externally-visible wss:// origin (e.g. "wss://codex-exec.agent.cs.ac.cn:443"). When empty, the response URL is synthesised from r.Host with wss scheme — best-effort fallback for dev / direct in-cluster use.
func Connected ¶
func Connected(store InternalConnectedStore, reg Registry) http.HandlerFunc
Connected returns the intersection of (workspace's bound executors) ∩ (currently-connected exe_ids). Used by codex-app-gateway when composing the per-turn manifest.
func DeleteBinding ¶
func DeleteBinding(store BindingStore) http.HandlerFunc
DeleteBinding returns an http.HandlerFunc that removes a workspace ↔ executor binding.
func DeleteExecutor ¶ added in v0.54.2
func DeleteExecutor(store Store) http.HandlerFunc
DeleteExecutor handles DELETE /api/codex-exec/executors/{exe_id}. Idempotent — absent id returns 204 same as present. Surfaces 500 only on DB error.
func ListBinding ¶
func ListBinding(store BindingStore) http.HandlerFunc
ListBinding returns an http.HandlerFunc that lists all executors bound to a workspace.
func PostBinding ¶
func PostBinding(store BindingStore) http.HandlerFunc
PostBinding returns an http.HandlerFunc that binds an executor to a workspace.
func Register ¶
func Register(store Store) http.HandlerFunc
Register returns an http.HandlerFunc that creates a new executor row and returns the freshly-minted (raw) registration token. The DB only stores the bcrypt hash — the raw token is never persisted or logged.
func RequireAgentserverSecret ¶ added in v0.50.4
RequireAgentserverSecret rejects requests whose X-Internal-Secret header does not constant-time-match `secret`. When `secret` is empty, this middleware is a no-op (dev mode).
This is separate from RequireSharedSecret because the two represent different trust scopes:
- RequireSharedSecret → cap-token admin API (called by codex-app-gateway via CXG_INTERNAL_SHARED_SECRET)
- RequireAgentserverSecret → user-management API (called by agentserver on behalf of session-authenticated humans, via CXG_AGENTSERVER_INTERNAL_SECRET)
func RequireSharedSecret ¶
RequireSharedSecret rejects requests whose Authorization: Bearer header does not constant-time-match `secret`.
func RevokeTurn ¶
func RevokeTurn(rev RevokedAdder) http.HandlerFunc
RevokeTurn adds a turn_id to the in-memory revoked set so future bridge connect attempts presenting that turn's CODEX_EXEC_GATEWAY_TOKEN are rejected even within the token's exp window.
Types ¶
type BindingStore ¶
type BindingStore interface {
BindWorkspaceExecutor(ctx context.Context, workspaceID, exeID, name, description string, isDefault bool) error
UnbindWorkspaceExecutor(ctx context.Context, workspaceID, exeID string) error
ListWorkspaceExecutors(ctx context.Context, workspaceID string) ([]execmodel.ConnectedExecutor, error)
}
BindingStore is the subset of storage required by the workspace binding handlers.
type CloudRegisterStore ¶ added in v0.50.5
type CloudRegisterStore interface {
GetRegistrationTokenHash(ctx context.Context, exeID string) (string, error)
}
CloudRegisterStore is the subset of *codexexecgateway.Store the upstream-compat /cloud/executor/{id}/register handler needs.
type InternalConnectedStore ¶
type InternalConnectedStore interface {
ConnectedExecutorsForWorkspace(ctx context.Context, workspaceID string, connectedIDs []string) ([]execmodel.ConnectedExecutor, error)
}
InternalConnectedStore is the subset of storage required by Connected.
type Registry ¶
type Registry interface {
ConnectedIDs() []string
}
Registry is satisfied by *codexexecgateway.ConnRegistry.
type RevokedAdder ¶
RevokedAdder is satisfied by *codexexecgateway.RevokedSet.
Source Files