From f24fbec165de33749500dc06c9b6e753b588dbf9 Mon Sep 17 00:00:00 2001
From: tofarr <tofarr@gmail.com>
Date: Mon, 3 Feb 2025 12:55:09 -0700
Subject: [PATCH] Fix: re-add github token middleware (#6594)

---
 openhands/server/listen.py     |  2 ++
 openhands/server/middleware.py | 21 +++++++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/openhands/server/listen.py b/openhands/server/listen.py
index d195f8bce5..bb37909eb2 100644
--- a/openhands/server/listen.py
+++ b/openhands/server/listen.py
@@ -5,6 +5,7 @@ from openhands.server.listen_socket import sio
 from openhands.server.middleware import (
     AttachConversationMiddleware,
     CacheControlMiddleware,
+    GitHubTokenMiddleware,
     InMemoryRateLimiter,
     LocalhostCORSMiddleware,
     RateLimitMiddleware,
@@ -28,5 +29,6 @@ base_app.add_middleware(
     rate_limiter=InMemoryRateLimiter(requests=10, seconds=1),
 )
 base_app.middleware('http')(AttachConversationMiddleware(base_app))
+base_app.middleware('http')(GitHubTokenMiddleware(base_app))
 
 app = socketio.ASGIApp(sio, other_asgi_app=base_app)
diff --git a/openhands/server/middleware.py b/openhands/server/middleware.py
index 6b71721ae2..cf72579197 100644
--- a/openhands/server/middleware.py
+++ b/openhands/server/middleware.py
@@ -12,6 +12,7 @@ from starlette.requests import Request as StarletteRequest
 from starlette.types import ASGIApp
 
 from openhands.server import shared
+from openhands.server.auth import get_user_id
 from openhands.server.types import SessionMiddlewareInterface
 
 
@@ -180,3 +181,23 @@ class AttachConversationMiddleware(SessionMiddlewareInterface):
             await self._detach_session(request)
 
         return response
+
+
+class GitHubTokenMiddleware(SessionMiddlewareInterface):
+    def __init__(self, app):
+        self.app = app
+
+    async def __call__(self, request: Request, call_next: Callable):
+        settings_store = await shared.SettingsStoreImpl.get_instance(
+            shared.config, get_user_id(request)
+        )
+        settings = await settings_store.load()
+
+        # TODO: To avoid checks like this we should re-add the abilty to have completely different middleware in SAAS as in OSS
+        if getattr(request.state, 'github_token', None) is None:
+            if settings and settings.github_token:
+                request.state.github_token = settings.github_token.get_secret_value()
+            else:
+                request.state.github_token = None
+
+        return await call_next(request)