v3: Allow 'User-Agent' header while making call to auth webhook #10670
Description
Component
c/v3-engine
Is your proposal related to a problem?
Currently , Hasura DDN (v3) ignores certain list of headers from the client while forwarding request to auth webhook endpoint in auth webhook mode. For certain API handlers, it requires that header otherwise it throws 403 forbidden error
If you use other client such as postman or cURL, they directly attach User-Agent header (implicitly) so at least it will avoid throwing forbidden error with status 403 if not success response 200 already. While Hasura engine on other side, internally strips of this header and as a result user faces below error.
"message": "Internal Error - The authentication hook has returned the status 403 Forbidden. Only 200 and 401 response status are recognized."
Note: This only happens in case of GET method and if the auth webhook API requires User-Agent header to be present with some constraint like throwing 403 status if that header is not present.
Describe the solution you'd like
We can either remove User-Agent header from ignore list or else we can create a separate configuration for it inside AuthConfig webhook mode .
Describe alternatives you've considered
No alternatives as DDN clearly strips of the header while forwarding request to auth webhook