ibkr-agent-gateway 0.5.2

Unofficial local-first CLI and MCP gateway for Interactive Brokers workflows.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

//! Configuration validation helpers.

use crate::internal::domain::{ErrorCode, GatewayError};
use url::Url;

/// Validates that TLS bypass is only accepted for localhost CP Gateway URLs.
pub fn validate_tls_bypass_localhost_only(
    base_url: &Url,
    verify_tls: bool,
) -> Result<(), GatewayError> {
    if verify_tls {
        return Ok(());
    }

    let host = base_url.host_str().unwrap_or_default();
    if matches!(host, "localhost" | "127.0.0.1" | "::1") {
        Ok(())
    } else {
        Err(GatewayError::new(
            ErrorCode::ConfigTlsBypassNonLocalhost,
            "TLS verification can only be disabled for localhost Client Portal Gateway URLs",
            false,
            Some("Enable TLS verification or use a localhost broker base URL".to_string()),
        ))
    }
}