Merge pull request #244 from buildkite/export-signal-unauthorized

feat(server): export SignalUnauthorized for use by external packages

Author: wolfeidau

pkg/server/mcp.go

@@ -52,7 +52,7 @@ func unauthorizedMiddleware(cb func()) mcp.Middleware {
 			result, err := next(ctx, method, req)
 			if err != nil && errors.Is(err, buildkite.ErrUnauthorized) {
 				log.Ctx(ctx).Warn().Msg("Buildkite API returned 401 unauthorized; token may be invalid or expired")
-				signalUnauthorized(ctx)
+				SignalUnauthorized(ctx)
 				if cb != nil {
 					cb()
 				}

pkg/server/unauthorized.go

@@ -8,9 +8,9 @@ import (
 
 type unauthorizedContextKey struct{}
 
-// signalUnauthorized sets the unauthorized flag in the context, if present.
+// SignalUnauthorized sets the unauthorized flag in the context, if present.
 // It is a no-op when not running in HTTP mode (i.e., when the context key is absent).
-func signalUnauthorized(ctx context.Context) {
+func SignalUnauthorized(ctx context.Context) {
 	if flag, ok := ctx.Value(unauthorizedContextKey{}).(*atomic.Bool); ok {
 		flag.Store(true)
 	}

pkg/server/unauthorized_test.go

@@ -30,7 +30,7 @@ func TestNewHTTPUnauthorizedHandler_UnauthorizedSignal(t *testing.T) {
 	// An inner handler that signals unauthorized via the context flag.
 	inner := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// Simulate the MCP middleware detecting ErrUnauthorized.
-		signalUnauthorized(r.Context())
+		SignalUnauthorized(r.Context())
 		// The interceptingWriter will discard these writes.
 		w.Header().Set("Content-Type", "application/json")
 		w.WriteHeader(http.StatusOK)
@@ -52,7 +52,7 @@ func TestNewHTTPUnauthorizedHandler_UnauthorizedSignal(t *testing.T) {
 func TestSignalUnauthorized_NoopWithoutContext(t *testing.T) {
 	// Should not panic when the context key is absent.
 	require.NotPanics(t, func() {
-		signalUnauthorized(context.Background())
+		SignalUnauthorized(context.Background())
 	})
 }
 
@@ -61,7 +61,7 @@ func TestSignalUnauthorized_SetsFlag(t *testing.T) {
 	ctx := context.WithValue(context.Background(), unauthorizedContextKey{}, flag)
 
 	require.False(t, flag.Load())
-	signalUnauthorized(ctx)
+	SignalUnauthorized(ctx)
 	require.True(t, flag.Load())
 }