PR comments

- Add further docstring - Reorder some code
canonical · Sep 6, 2024 · 240a294 · 240a294
1 parent ee25853
commit 240a294
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 8 deletions.
diff --git a/internal/auth/oauth2.go b/internal/auth/oauth2.go
@@ -330,7 +330,10 @@ func (as *AuthenticationService) MintSessionToken(email string) (string, error)
 // access token JWT, returning the parsed token.
 //
 // The subject of the token contains the user's email and can be used
-// for user object creation
+// for user object creation.
+//
+// The error code returned here is used by the Juju CLI to know when to start a
+// device login flow, prompting the user to login again.
 func (as *AuthenticationService) VerifySessionToken(token string) (_ jwt.Token, err error) {
 	const op = errors.Op("auth.AuthenticationService.VerifySessionToken")
 	errorFn := func(message string) error {

diff --git a/internal/jujuapi/streamproxy.go b/internal/jujuapi/streamproxy.go
@@ -1,4 +1,5 @@
 // Copyright 2024 Canonical.
+
 package jujuapi
 
 import (
@@ -19,7 +20,7 @@ import (
 	jimmRPC "github.com/canonical/jimm/v3/internal/rpc"
 )
 
-// A streamProxier serves all HTTP endpoints by proxying
+// A streamProxier serves the the /log endpoint by proxying
 // messages between the controller and client.
 type streamProxier struct {
 	// TODO(Kian): Refactor the apiServer to use the JIMM API rather than a concrete struct
@@ -71,20 +72,22 @@ func (s streamProxier) ServeWS(ctx context.Context, clientConn *websocket.Conn)
 		return
 	}
 
-	model, err := s.jimm.GetModel(ctx, uuid)
-	if err != nil {
-		writeError(err.Error(), errors.CodeModelNotFound)
-		return
-	}
+	modelTag := names.NewModelTag(uuid)
 
-	if ok, err := checkPermission(ctx, finalPath, user, model.ResourceTag()); err != nil {
+	if ok, err := checkPermission(ctx, finalPath, user, modelTag); err != nil {
 		writeError(err.Error(), errors.CodeUnauthorized)
 		return
 	} else if !ok {
 		writeError(fmt.Sprintf("unauthorized access to endpoint: %s", finalPath), errors.CodeUnauthorized)
 		return
 	}
 
+	model, err := s.jimm.GetModel(ctx, uuid)
+	if err != nil {
+		writeError(err.Error(), errors.CodeModelNotFound)
+		return
+	}
+
 	api, err := s.jimm.Dialer.Dial(ctx, &model.Controller, model.ResourceTag(), nil)
 	if err != nil {
 		zapctx.Error(ctx, "failed to dial controller", zap.Error(err))

diff --git a/internal/rpc/streamproxy.go b/internal/rpc/streamproxy.go
@@ -1,4 +1,5 @@
 // Copyright 2024 Canonical.
+
 package rpc
 
 import (