New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[policy] [api-key] API Key not propagated #1363

Closed
MehrCurry opened this Issue Jul 4, 2018 · 2 comments

Comments

Projects
None yet
4 participants
@MehrCurry

MehrCurry commented Jul 4, 2018

I created an plan with an API Key authorization and checked "Propagate API Key to upstream API" for the echo service.

Expected Behavior

I expect to see a header containing the api key in the response of the echo service.

Current Behavior

{
  "headers" : {
    "Host" : "api.gravitee.io",
    "User-Agent" : "curl/7.52.1",
    "Accept" : "*/*",
    "Accept-Encoding" : "deflate, gzip",
    "X-Forwarded-For" : "91.213.207.4",
    "X-Forwarded-Host" : "api.gravitee.io",
    "X-Forwarded-Proto" : "https",
    "X-Forwarded-Server" : "734bb5636800",
    "X-Gravitee-Transaction-Id" : "0c4f0aee-2dbd-45fb-8f0a-ee2dbdc5fb4b",
    "X-Traefik-Reqid" : "3864574"
  },
  "query_params" : { }
}

Steps to Reproduce (for bugs)

  1. Create an echo API with endpoint https://api.gravitee.io/echo
  2. Create an API Key plan with api key propagation checked
  3. Execute request

Context

Your Environment

  • Version used: 1.15.5
  • Browser Name and version: curl
  • Operating System and version: Linux/Docker

Perhaps same as #1147

@brasseld brasseld self-assigned this Jul 4, 2018

@brasseld brasseld added the type: bug label Jul 4, 2018

@brasseld brasseld added this to the 1.18.0 milestone Jul 4, 2018

@brasseld brasseld changed the title from API Key not propagated to [policy] [api-key] API Key not propagated Jul 4, 2018

@MehrCurry

This comment has been minimized.

MehrCurry commented Jul 5, 2018

BTW: While further looking around i found two places to configure:

  • when creating a plan a can select "API Key" and check "propagate to downstream" - this is what i did
  • adding an API Key Policy to the service - i tried but did not get it working

How are these things related to each other?

@NicolasGeraud

This comment has been minimized.

Member

NicolasGeraud commented Jul 5, 2018

hi,
the apikey policy is a legacy one. You should not use it.

the current workaround is to add the transform-headers policy and use our expression language to put the apikey in an header {#context.attributes['api-key']}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment