Persistent header is not used correctly #154
Comments
|
We managed to make this work by moving the actual persistent header we wanted to send in every request in the Under the Persistent Headers & Query Params section, we can read this:
I think this is misleading: the persistent headers are only sent by Restish when fetching the OpenAPI document but never when calling the actual API route. |
|
@SylvainMarty I'm actually unable to reproduce this issue. Can you try something for me? I set up a local API Bin instance on a port I can guarantee has nothing else running and ran against it with the following config: $ cd apibin
$ go run . -p 8889"apibin": {
"base": "http://localhost:8889",
"profiles": {
"default": {
"headers": {
"x-cli-secret": "819d23ba-3ebd-408c-95ac-78abc93edc2c"
}
}
}
},Here's an excerpt from the results: $ restish apibin/ -v
...
DEBUG: Making request:
GET / HTTP/1.1
Host: localhost:8889
Accept: application/cbor;q=0.9,application/msgpack;q=0.8,application/ion;q=0.6,application/json;q=0.5,application/yaml;q=0.5,text/*;q=0.2,*/*
Accept-Encoding: gzip, br
User-Agent: restish-dev-2023-01-14-10:34
X-Cli-Secret: 819d23ba-3ebd-408c-95ac-78abc93edc2c
DEBUG: Got response from server in 3.181666ms:
...
DEBUG: Unmarshalling from application/cbor
HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 394
Content-Type: application/cbor
Date: Wed, 18 Jan 2023 04:59:29 GMT
Etag: "jjGjNLAgnIQ"
Last-Modified: Tue, 01 Feb 2022 12:34:56 GMT
Link: </schemas/EchoModel.json>; rel="describedby"
Vary: *
{
$schema: "http://localhost:8889/schemas/EchoModel.json"
body: ""
headers: {
Accept: "application/cbor;q=0.9,application/msgpack;q=0.8,application/ion;q=0.6,application/json;q=0.5,application/yaml;q=0.5,text/*;q=0.2,*/*"
Accept-Encoding: "gzip, br"
User-Agent: "restish-dev-2023-01-14-10:34"
X-Cli-Secret: "819d23ba-3ebd-408c-95ac-78abc93edc2c"
}
host: "localhost:8889"
method: "GET"
path: "/"
url: "http://localhost:8889/"
}As you can see the value is both in the debug-printed request and the response, meaning the server saw and echoed the value back to you. Same results if I add the auth name and same results if I use the OpenAPI-generated command like Can you try this on your side and see if you can repro the issue? I'm wondering if it could be related to your container and its mounts or whether it has a persistent disk or if something else might be going on. FWIW, the code that builds the request is the same no matter which way it is called. |
danielgtaylor
added
question
|
Closing due to inactivity, feel free to reopen if needed. |
Hello,
We want to use Restish in our system to call some API routes already documented with OpenAPI.
We are using Restish in dockerized environment.
For a few routes, we only want to make them callable by the CLI.
To do so, a unique token is generated when the container start and is added to the Restish user config.
The token is also added in env variable so the backend can use it to check if the API call came from the CLI.
From the Restish point of view, we want it to add the token in the custom header
X-Cli-Secretfor every request it's sending to our API.To set the configuration up, we used
restish api configure admincommand and we followed the Persistent Header documentation and also the OpenAPI Auto Configuration documentation.We have a weird issue and we can't understand why: the persistent header we configure in the Restish user config is never set when sending the API call to our API but it is actually send when fetching the OpenAPI documentation.
We don't understand why the persistent header is not present in the actual API call...
I added all the data we have at the end of this issue.
Can you help us find what is wrong with our setup?
Thank you for your help and for this amazing tool!
Data
Restish user config available in
/home/node/.restish/apis.json{ "admin": { "base": "http://localhost:3000/apidoc/cli-json", "profiles": { "default": { "headers": { "x-cli-secret": "819d23ba-3ebd-408c-95ac-78abc93edc2c" }, "auth": { "name": "CliSecret" } } }, "tls": {} } }OpenAPI document (served by
http://localhost:3000/apidoc/cli-json){ "openapi": "3.0.0", "paths": { "/cli/subscriptions": { "post": { "operationId": "SubscriptionController_startSchedulerCycle", "parameters": [], "responses": { "204": { "description": "" } }, "tags": [ "Subscription CLI API" ], "security": [ { "CliSecret": [] } ] } } }, "info": { "title": "CLI API", "description": "", "version": "1.0.0", "contact": {} }, "tags": [], "servers": [], "components": { "securitySchemes": { "CliSecret": { "type": "apiKey", "name": "x-cli-secret", "description": "CLI-Secret token", "in": "header" } }, "schemas": {} }, "security": [ { "CliSecret": [] } ], "x-cli-config": { "security": "CliSecret" } }Command & ouput
Restish command :
Ouput :
The text was updated successfully, but these errors were encountered: