From 570265198d7d4d1a3133d77626d0f23331d53ab3 Mon Sep 17 00:00:00 2001 From: kruskal <99559985+kruskall@users.noreply.github.com> Date: Wed, 3 May 2023 23:20:09 +0200 Subject: [PATCH 1/3] fix: send auth headers with info requests if missing --- apmproxy/receiver.go | 9 +++++++++ apmproxy/receiver_test.go | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/apmproxy/receiver.go b/apmproxy/receiver.go index d28d99e8..aa85c64a 100644 --- a/apmproxy/receiver.go +++ b/apmproxy/receiver.go @@ -107,6 +107,15 @@ func (c *Client) handleInfoRequest() (func(w http.ResponseWriter, r *http.Reques r.Header.Set("X-Forwarded-Host", r.Header.Get("Host")) r.Host = parsedApmServerURL.Host + // Send authorization header if the APM agent did not already forwarded it + if r.Header.Get("Authorization") == "" { + if c.ServerAPIKey != "" { + r.Header.Add("Authorization", "ApiKey "+c.ServerAPIKey) + } else if c.ServerSecretToken != "" { + r.Header.Add("Authorization", "Bearer "+c.ServerSecretToken) + } + } + // Forward request to the APM server reverseProxy.ServeHTTP(w, r) }, nil diff --git a/apmproxy/receiver_test.go b/apmproxy/receiver_test.go index 9cdc5567..5c4966e4 100644 --- a/apmproxy/receiver_test.go +++ b/apmproxy/receiver_test.go @@ -88,6 +88,38 @@ func TestInfoProxy(t *testing.T) { require.NoError(t, resp.Body.Close()) } +func TestInfoProxyAuth(t *testing.T) { + // Create apm server and handler + apmServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + assert.Equal(t, "ApiKey bar", r.Header.Get("Authorization")) + w.WriteHeader(http.StatusTeapot) + })) + defer apmServer.Close() + + // Create extension config and start the server + apmClient, err := apmproxy.NewClient( + apmproxy.WithURL(apmServer.URL), + apmproxy.WithAPIKey("bar"), + // Use ipv4 to avoid issues in CI + apmproxy.WithReceiverAddress("127.0.0.1:1234"), + apmproxy.WithReceiverTimeout(15*time.Second), + apmproxy.WithLogger(zaptest.NewLogger(t).Sugar()), + ) + require.NoError(t, err) + + require.NoError(t, apmClient.StartReceiver()) + defer func() { + require.NoError(t, apmClient.Shutdown()) + }() + + url := "http://127.0.0.1:1234" + + // Send the request to the extension + resp, err := http.Get(url) + require.NoError(t, err) + require.NoError(t, resp.Body.Close()) +} + func TestInfoProxyErrorStatusCode(t *testing.T) { // Create apm server and handler apmServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { From 20b96a3afd0d9f2dcd29bc15ec7cecbc7649ce2c Mon Sep 17 00:00:00 2001 From: kruskal <99559985+kruskall@users.noreply.github.com> Date: Fri, 5 May 2023 18:43:16 +0200 Subject: [PATCH 2/3] refactor: update info handler to be consistent with apmproxy code --- apmproxy/receiver.go | 10 ++++------ apmproxy/receiver_test.go | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/apmproxy/receiver.go b/apmproxy/receiver.go index aa85c64a..3505135a 100644 --- a/apmproxy/receiver.go +++ b/apmproxy/receiver.go @@ -108,12 +108,10 @@ func (c *Client) handleInfoRequest() (func(w http.ResponseWriter, r *http.Reques r.Host = parsedApmServerURL.Host // Send authorization header if the APM agent did not already forwarded it - if r.Header.Get("Authorization") == "" { - if c.ServerAPIKey != "" { - r.Header.Add("Authorization", "ApiKey "+c.ServerAPIKey) - } else if c.ServerSecretToken != "" { - r.Header.Add("Authorization", "Bearer "+c.ServerSecretToken) - } + if c.ServerAPIKey != "" { + r.Header.Add("Authorization", "ApiKey "+c.ServerAPIKey) + } else if c.ServerSecretToken != "" { + r.Header.Add("Authorization", "Bearer "+c.ServerSecretToken) } // Forward request to the APM server diff --git a/apmproxy/receiver_test.go b/apmproxy/receiver_test.go index 5c4966e4..c5e08b6c 100644 --- a/apmproxy/receiver_test.go +++ b/apmproxy/receiver_test.go @@ -41,7 +41,7 @@ func TestInfoProxy(t *testing.T) { // Create apm server and handler apmServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { for key := range headers { - assert.Equal(t, 1, len(r.Header[key])) + assert.Equal(t, 2, len(r.Header[key])) assert.Equal(t, headers[key], r.Header[key][0]) } w.Header().Add("test", "header") From fcce9469f61f0a1fc12ba918d810278410b20de5 Mon Sep 17 00:00:00 2001 From: kruskall <99559985+kruskall@users.noreply.github.com> Date: Mon, 8 May 2023 14:13:09 +0200 Subject: [PATCH 3/3] docs: update authorization header comment Co-authored-by: Vishal Raj --- apmproxy/receiver.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apmproxy/receiver.go b/apmproxy/receiver.go index 3505135a..6c082f41 100644 --- a/apmproxy/receiver.go +++ b/apmproxy/receiver.go @@ -107,7 +107,7 @@ func (c *Client) handleInfoRequest() (func(w http.ResponseWriter, r *http.Reques r.Header.Set("X-Forwarded-Host", r.Header.Get("Host")) r.Host = parsedApmServerURL.Host - // Send authorization header if the APM agent did not already forwarded it + // Override authorization header sent by the APM agents if c.ServerAPIKey != "" { r.Header.Add("Authorization", "ApiKey "+c.ServerAPIKey) } else if c.ServerSecretToken != "" {