Skip to content

Commit

Permalink
Allow token propagation if token type is not specified
Browse files Browse the repository at this point in the history 
Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com>
  • Loading branch information
@rubenvp8510
rubenvp8510 committed Jul 25, 2019
1 parent 966dd7e commit 3852889
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 11 deletions.
23 changes: 13 additions & 10 deletions cmd/query/app/token_propagation_hander_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,16 +51,19 @@ func Test_bearTokenPropagationHandler(t *testing.T) {
}

testCases := []struct {
name string
sendHeader bool
header string
handler func(stop *sync.WaitGroup) http.HandlerFunc
name string
sendHeader bool
headerValue string
headerName string
handler func(stop *sync.WaitGroup) http.HandlerFunc
}{
{ name:"Bearer token", sendHeader: true, header: "Bearer " + bearerToken, handler:validTokenHandler},
{ name:"Invalid header",sendHeader: true, header: bearerToken, handler:emptyHandler},
{ name:"No header", sendHeader: false, handler:emptyHandler},
{ name:"Basic Auth", sendHeader: true, header: "Basic " + bearerToken, handler:emptyHandler},
{ name:"X-Forwarded-Access-Token", sendHeader: true, header: "Bearer " + bearerToken, handler:validTokenHandler},
{ name:"Bearer token", sendHeader: true, headerName:"Authorization", headerValue: "Bearer " + bearerToken, handler:validTokenHandler},
{ name:"Raw bearer token",sendHeader: true, headerName:"Authorization", headerValue: bearerToken, handler:validTokenHandler},
{ name:"No headerValue", sendHeader: false, headerName:"Authorization", handler:emptyHandler},
{ name:"Basic Auth", sendHeader: true, headerName:"Authorization", headerValue: "Basic " + bearerToken, handler:emptyHandler},
{ name:"X-Forwarded-Access-Token", headerName:"X-Forwarded-Access-Token", sendHeader: true, headerValue: "Bearer " + bearerToken, handler:validTokenHandler},
{ name:"Invalid header", headerName:"X-Forwarded-Access-Token", sendHeader: true, headerValue: "Bearer " + bearerToken + " another stuff", handler:emptyHandler},

}

for _, testCase := range testCases {
Expand All @@ -73,7 +76,7 @@ func Test_bearTokenPropagationHandler(t *testing.T) {
req , err := http.NewRequest("GET", server.URL, nil)
assert.Nil(t,err)
if testCase.sendHeader {
req.Header.Add("Authorization", testCase.header)
req.Header.Add(testCase.headerName, testCase.headerValue)
}
_, err = httpClient.Do(req)
assert.Nil(t, err)
Expand Down
5 changes: 4 additions & 1 deletion cmd/query/app/token_propagation_handler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,11 @@ func bearerTokenPropagationHandler(logger *zap.Logger, h http.Handler) http.Hand
if headerValue[0] == "Bearer" {
token = headerValue[1]
}
} else if len(headerValue) == 1 {
// Tread all value as a token
token = authHeaderValue
} else {
logger.Warn("Invalid authorization header, skipping bearer token propagation")
logger.Warn("Invalid authorization header value, skipping token propagation")
}
h.ServeHTTP(w, r.WithContext(spanstore.ContextWithBearerToken(ctx, token)))
} else {
Expand Down

0 comments on commit 3852889

Please sign in to comment.