search

NYULibraries / primo-endpoint

Metadata aggregator serving json to populate primo
http://52.204.195.130/
Apache License 2.0
1 stars 1 forks source link

headers added for authentication behave weirdly #8

Closed ekate closed 6 years ago

ekate commented 6 years ago

Documents from FDA private collection are not returned although I've added authentication header to the request through auth module. When I print the header in the FDA apache log I get: "GET /rest/collections/ HTTP/1.1" 200 441 ", " "application/json" common e.g. token is repeated twice in the header hence authentication is not working. Looks like there are no errors in reading the values and forming the header. The request headers list looks normal so I can't figure out where this second value comes from When manually sending the same request by curl the log entry has only one token GET /rest/collections/ HTTP/1.1" 200 9883 "-" "curl/7.29.0" "" combined I can't figure out where this second value comes from. @dylex if you have time to look at it, I can provide more details

dylex commented 6 years ago

Could you provide your exact auth.yml (either here, with passwords redacted or by email).

dylex commented 6 years ago

@ekate I made a debug version on authdebug branch that will print out the headers, if that helps. (This is only if you're using auth headers, not auth user/pass.)

ekate commented 6 years ago

@dylex Thanks. Looks like the header is added twice because it is added once when the request for collection index is done and then again for each request for items. Will try to fix it

dylex commented 6 years ago

I'm not sure why that would be... it does use the same request, but it should get modified at the time it's sent, so we shouldn't be able to get the modified one back. One easy/stupid option would be to remove the duplicates in applyAuth, either manually filter out the old one or just globally nubBy (on (==) fst) or something (though that could maybe break something else).

ekate commented 6 years ago

I was surprised too. I was sure it's either bad yaml or bad parsing. nub helped for now (surely). I hope it will not brake something - can not think of a case where we might need 2 identical headers. In general it doesn't seem right though. Also at some point I need to re-write FDA authentication to request new token each time... Anyway, thank you for your help.

ekate commented 6 years ago

@dylex I've added couple minor changes. Could you please merge if they are fine. I've sent you auth.yml by email

dylex commented 6 years ago

In that case, a simple nub could work as well. Might be safer, but doesn't really matter. Your changes look fine. I've just removed the debugging again.