-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
.NET: Always send metadata; don't fail if auth token not present #829
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sethjback any changes needed on the server side for this?
No - the server looks for metadata if it is required, otherwise it is ignored. |
…tead of setting to empty string
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In light of wanting to send version information in the header, I think that we should probably always send the metadata Authorization
as empty.
Codecov Report
@@ Coverage Diff @@
## main #829 +/- ##
=============================================
+ Coverage 15.18% 61.55% +46.37%
=============================================
Files 214 14 -200
Lines 35382 489 -34893
Branches 4357 0 -4357
=============================================
- Hits 5371 301 -5070
+ Misses 29335 188 -29147
+ Partials 676 0 -676 Continue to review full report at Codecov.
|
I changed it to not send the header at all because, upon reviewing the backend codebase, functionality depends on the presence of the header whatsoever -- not whether it's empty or not. Although it depends on whether or not an empty header is serialized and sent down the wire? Likely language-specific? |
Good points. @sethjback thoughts on backend behavior? I agree, we shouldn't rely on language-specific behavior here. I think if the metadata is required, it checks it. If it isn't required, it ignores it (automatically becomes effectively anonymous). |
If we add the sdk / okapi version as metadata we will always want to send those - so the way it's implemented here makes sense: always call the build metadata. Set the sdk/okapi versions, and if appropriate As for an empty |
Seems good to me -- I've created a PR against |
The unintended side effect of this is that if, for some reason, the I'm sorry, I missed the convo on this. |
@tmarkovski would it affect login? If the authorization header is internally invalid it would, but if it checks out from a signature/timestamp perspective login should succeed since anonymous endpoints don't do additional authz. It almost seems better as well to fail if there is an internally inconsistent auth header set, even on login, to give feedback to the sdk user. It is not strictly correct to send an Maybe I'm not fully appreciating the scenario here though... |
This PR changes .NET to always send message metadata in every call (even if unnecessary). Additionally,
BuildMetadata[Async]
no longer throws ifauthToken
is not present; instead, it simply sends an empty auth header.All in accordance with #822