headers added for authentication behave weirdly

Question

headers added for authentication behave weirdly

Closed this issue 7 years ago · 7 comments

Documents from FDA private collection are not returned although I've added authentication header to the request through auth module.
When I print the header in the FDA apache log I get:
"GET /rest/collections/ HTTP/1.1" 200 441 ", " "application/json" common
e.g. token is repeated twice in the header hence authentication is not working.
Looks like there are no errors in reading the values and forming the header. The request headers list looks normal so I can't figure out where this second value comes from
When manually sending the same request by curl the log entry has only one token
GET /rest/collections/ HTTP/1.1" 200 9883 "-" "curl/7.29.0" "" combined
I can't figure out where this second value comes from.
@dylex if you have time to look at it, I can provide more details

Answer 1 · 2017-09-28T15:26:14.000Z

Could you provide your exact auth.yml (either here, with passwords redacted or by email).

Answer 2 · 2017-09-28T15:43:07.000Z

@ekate I made a debug version on authdebug branch that will print out the headers, if that helps. (This is only if you're using auth headers, not auth user/pass.)

Answer 3 · 2017-09-28T22:36:27.000Z

@dylex Thanks. Looks like the header is added twice because it is added once when the request for collection index is done and then again for each request for items. Will try to fix it

Answer 4 · 2017-09-29T02:06:21.000Z

I'm not sure why that would be... it does use the same request, but it should get modified at the time it's sent, so we shouldn't be able to get the modified one back. One easy/stupid option would be to remove the duplicates in applyAuth, either manually filter out the old one or just globally nubBy (on (==) fst) or something (though that could maybe break something else).

Answer 5 · 2017-09-29T05:57:48.000Z

I was surprised too. I was sure it's either bad yaml or bad parsing. nub helped for now (surely). I hope it will not brake something - can not think of a case where we might need 2 identical headers. In general it doesn't seem right though. Also at some point I need to re-write FDA authentication to request new token each time...
Anyway, thank you for your help.

Answer 6 · 2017-10-02T07:42:09.000Z

@dylex I've added couple minor changes. Could you please merge if they are fine. I've sent you auth.yml by email

Answer 7 · 2017-10-02T13:47:18.000Z

In that case, a simple nub could work as well. Might be safer, but doesn't really matter. Your changes look fine. I've just removed the debugging again.