Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renaming Git Provider Token header #1052

Merged
merged 4 commits into from Nov 11, 2021
Merged

Renaming Git Provider Token header #1052

merged 4 commits into from Nov 11, 2021

Conversation

luizbafilho
Copy link
Contributor

@luizbafilho luizbafilho commented Nov 9, 2021
edited

Closes: #971

What changed?

  • A different header should be used instead in order to distinguish between API endpoint authorization (i.e. listing clusters or templates) and endpoints that require interaction with GH or other git providers

Why?

How did you test it?

Release notes

Documentation Changes

@luizbafilho luizbafilho added the type/enhancement New feature or request label Nov 9, 2021
@luizbafilho luizbafilho changed the title Renaming token Renaming Git Provider Token header Nov 10, 2021
@luizbafilho luizbafilho marked this pull request as ready for review November 10, 2021 14:48
J-Thompson12
J-Thompson12 approved these changes Nov 10, 2021
View reviewed changes
Copy link
Contributor

@J-Thompson12 J-Thompson12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

bigkevmcd
bigkevmcd reviewed Nov 10, 2021
View reviewed changes
pkg/server/middleware/middleware.go Outdated
const (
tokenKey key = iota
GRPCAuthMetadataKey = "grpc-auth"
GitProviderTokenHeader = "X-Git-Provider-Token"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://datatracker.ietf.org/doc/html/rfc6648

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sounds good, I'll remove the X- prefix

jpellizzari
jpellizzari approved these changes Nov 10, 2021
View reviewed changes
ui/contexts/AppContext.tsx Outdated
@@ -52,7 +52,7 @@ function wrapClient<T>(client: any, tokenGetter: () => string): T {
...options,
headers: new Headers({
...(options.headers || {}),
Authorization: `token ${tokenGetter()}`,
"X-Git-Provider-Token": `token ${tokenGetter()}`,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we make this a const as well? For computed keys in JS objects:

Suggested change
"X-Git-Provider-Token": `token ${tokenGetter()}`,
[gitProviderTokenHeader]: `token ${tokenGetter()}`,

@bigkevmcd
Copy link
Contributor

This is for this PR https://github.com/weaveworks/weave-gitops/pull/965/files#diff-142329b4654445c09cf14ebc4afba7677e064ede74cb549a81e935b414156dd2R248 and the header in there is Git-Provider-Token.

@luizbafilho luizbafilho merged commit 18602b8 into main Nov 11, 2021
@luizbafilho luizbafilho deleted the 971-header branch November 11, 2021 12:48
@luizbafilho luizbafilho restored the 971-header branch December 8, 2021 17:35
@ozamosi ozamosi deleted the 971-header branch May 12, 2022 17:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bigkevmcd bigkevmcd bigkevmcd left review comments

@jpellizzari jpellizzari jpellizzari approved these changes

@J-Thompson12 J-Thompson12 J-Thompson12 approved these changes

Assignees
No one assigned
Labels
type/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Authorization header should be used for authentication against an origin server
4 participants
@luizbafilho @bigkevmcd @jpellizzari @J-Thompson12