refactor(proxy): unify monitoring auth checks

Co-Authored-By: Virgil <virgil@lethean.io>

http_auth_test.go

@@ -18,7 +18,7 @@ func TestProxy_allowHTTP_Good(t *testing.T) {
 		},
 	}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{
+	status, ok := p.AllowMonitoringRequest(&http.Request{
 		Method: http.MethodGet,
 		Header: http.Header{
 			"Authorization": []string{"Bearer secret"},
@@ -41,7 +41,7 @@ func TestProxy_allowHTTP_Bad(t *testing.T) {
 		},
 	}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{Method: http.MethodPost})
+	status, ok := p.AllowMonitoringRequest(&http.Request{Method: http.MethodPost})
 	if ok {
 		t.Fatal("expected non-GET request to be rejected")
 	}
@@ -57,7 +57,7 @@ func TestProxy_allowHTTP_Unrestricted_Good(t *testing.T) {
 		},
 	}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{Method: http.MethodGet})
+	status, ok := p.AllowMonitoringRequest(&http.Request{Method: http.MethodGet})
 	if !ok {
 		t.Fatalf("expected unrestricted request to pass, got status %d", status)
 	}
@@ -73,7 +73,7 @@ func TestProxy_allowHTTP_Unrestricted_Bad(t *testing.T) {
 		},
 	}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{Method: http.MethodPost})
+	status, ok := p.AllowMonitoringRequest(&http.Request{Method: http.MethodPost})
 	if !ok {
 		t.Fatalf("expected unrestricted non-GET request to pass, got status %d", status)
 	}
@@ -91,7 +91,7 @@ func TestProxy_allowHTTP_Ugly(t *testing.T) {
 		},
 	}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{
+	status, ok := p.AllowMonitoringRequest(&http.Request{
 		Method: http.MethodGet,
 		Header: http.Header{
 			"Authorization": []string{"Bearer wrong"},
@@ -108,7 +108,7 @@ func TestProxy_allowHTTP_Ugly(t *testing.T) {
 func TestProxy_allowHTTP_NilConfig_Ugly(t *testing.T) {
 	p := &Proxy{}
 
-	status, ok := p.allowMonitoringRequest(&http.Request{Method: http.MethodGet})
+	status, ok := p.AllowMonitoringRequest(&http.Request{Method: http.MethodGet})
 	if ok {
 		t.Fatal("expected nil config request to be rejected")
 	}

state_impl.go

@@ -665,7 +665,7 @@ func (p *Proxy) registerMonitoringRoute(mux *http.ServeMux, pattern string, rend
 		return
 	}
 	mux.HandleFunc(pattern, func(w http.ResponseWriter, r *http.Request) {
-		if status, ok := p.allowMonitoringRequest(r); !ok {
+		if status, ok := p.AllowMonitoringRequest(r); !ok {
 			switch status {
 			case http.StatusUnauthorized:
 				w.Header().Set("WWW-Authenticate", "Bearer")
@@ -679,7 +679,10 @@ func (p *Proxy) registerMonitoringRoute(mux *http.ServeMux, pattern string, rend
 	})
 }
 
-func (p *Proxy) allowMonitoringRequest(r *http.Request) (int, bool) {
+// AllowMonitoringRequest applies the configured monitoring API access checks.
+//
+//	status, ok := p.AllowMonitoringRequest(request)
+func (p *Proxy) AllowMonitoringRequest(r *http.Request) (int, bool) {
 	if p == nil || p.config == nil {
 		return http.StatusServiceUnavailable, false
 	}
@@ -695,13 +698,6 @@ func (p *Proxy) allowMonitoringRequest(r *http.Request) (int, bool) {
 	return http.StatusOK, true
 }
 
-// AllowMonitoringRequest applies the configured monitoring API access checks.
-//
-//	status, ok := p.AllowMonitoringRequest(request)
-func (p *Proxy) AllowMonitoringRequest(r *http.Request) (int, bool) {
-	return p.allowMonitoringRequest(r)
-}
-
 func (p *Proxy) writeJSONResponse(w http.ResponseWriter, payload any) {
 	w.Header().Set("Content-Type", "application/json")
 	_ = json.NewEncoder(w).Encode(payload)