Skip to content

feat(server): add GET /v1/me identity introspection endpoint#117

Merged
hyp3rd merged 2 commits into
mainfrom
feat/dist-mem-cache
May 8, 2026
Merged

feat(server): add GET /v1/me identity introspection endpoint#117
hyp3rd merged 2 commits into
mainfrom
feat/dist-mem-cache

Conversation

@hyp3rd
Copy link
Copy Markdown
Owner

@hyp3rd hyp3rd commented May 8, 2026
edited
Loading

Introduce a new scope-protected (read) route GET /v1/me that
returns the resolved caller identity (id and scopes) from the
auth middleware context. This replaces the need for HyperCache Monitor
to use the legacy /v1/owners/__probe__ hack for token introspection.

Key changes:

  • Register GET /v1/me route in registerClientRoutes behind the
    read scope middleware
  • Add handleMe handler and meResponse wire type that reads
    httpauth.Identity from Fiber's Locals and serializes it to JSON;
    fails fast with a 500 if the middleware wiring is absent
  • In anonymous mode (AllowAnonymous: true), returns id: "anonymous"
    with all three scopes, mirroring the policy's internal identity
  • Document the new endpoint and IdentityResponse schema in
    openapi.yaml
  • Add me_test.go with unit tests covering body shape (read-only,
    read-write, anonymous) and the missing-Locals wiring-bug path
  • Extend auth_test.go and openapi_test.go to include /v1/me in
    the auth-coverage and drift-detection tables
  • Bump golang.org/x/net indirect dependency to v0.54.0

hyp3rd added 2 commits May 8, 2026 22:55
@hyp3rd
chore(deps): bump golang.org/x/crypto from v0.50.0 to v0.51.0
336d906 
Update the indirect dependency golang.org/x/crypto to v0.51.0 to pick
up the latest security and bug fixes. go.sum updated accordingly.
@hyp3rd
feat(server): add GET /v1/me identity introspection endpoint
a33a309 
Introduce a new scope-protected (`read`) route `GET /v1/me` that
returns the resolved caller identity (`id` and `scopes`) from the
auth middleware context. This replaces the need for HyperCache Monitor
to use the legacy `/v1/owners/__probe__` hack for token introspection.

Key changes:
- Register `GET /v1/me` route in `registerClientRoutes` behind the
  `read` scope middleware
- Add `handleMe` handler and `meResponse` wire type that reads
  `httpauth.Identity` from Fiber's `Locals` and serializes it to JSON;
  fails fast with a 500 if the middleware wiring is absent
- In anonymous mode (`AllowAnonymous: true`), returns `id: anonymous`
  with all three scopes, mirroring the policy's internal identity
- Document the new endpoint and `IdentityResponse` schema in
  `openapi.yaml`
- Add `me_test.go` with unit tests covering body shape (read-only,
  read-write, anonymous) and the missing-Locals wiring-bug path
- Extend `auth_test.go` and `openapi_test.go` to include `/v1/me` in
  the auth-coverage and drift-detection tables
- Bump `golang.org/x/net` indirect dependency to v0.54.0
@hyp3rd hyp3rd changed the title Feat/dist mem cache feat(server): add GET /v1/me identity introspection endpoint May 8, 2026
@hyp3rd hyp3rd merged commit 68d0938 into main May 8, 2026
15 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyp3rd