search

danielgtaylor / restish

Restish is a CLI for interacting with REST-ish HTTP APIs with some nice features built-in
https://rest.sh/
MIT License
918 stars 74 forks source link

Bug, Header with Name "Authorization" is not set, when I configure it on my api config... #179

Open tobiashochguertel opened 1 year ago

tobiashochguertel commented 1 year ago

I always get a "Not Authorzation error" when I try to access a openapi endpoint.

 tobiashochgurtel@Tobiass-MBP  ~/work-dev/cronmon/api/openapi/restish   main  restish cronmon-json get-monitors --rsh-verbose                                                                                                                                                      ✔  10063  13:06:38
DEBUG: API loading took 7.386042ms
DEBUG: Configuration: map[api-name:cronmon-json app-name:restish color:true config-directory:/Users/tobiashochgurtel/.restish rsh-ca-cert: rsh-client-cert: rsh-client-key: rsh-filter: rsh-header:[] rsh-ignore-status-code:false rsh-insecure:false rsh-no-cache:false rsh-no-paginate:false rsh-output-format:auto rsh-profile:default rsh-query:[] rsh-raw:false rsh-server: rsh-verbose:true server-index:0 tty:true]
DEBUG: Adding TLS configuration
DEBUG: Making request:
GET /api/v1/monitors HTTP/1.1
Host: localhost:8082
Accept: application/json;q=0.5,application/yaml;q=0.5,text/*;q=0.2,application/cbor;q=0.9,application/msgpack;q=0.8,application/ion;q=0.6,*/*
Accept-Encoding: gzip, br
User-Agent: restish-0.17.0

DEBUG: Got response from server in 7.527042ms:
HTTP/1.1 401
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 24 Feb 2023 12:08:12 GMT
Expires: 0
Pragma: no-cache
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 0

5c
{"errorCode":"401 UNAUTHORIZED","errorMessage":"Authentication failed at controller advice"}
0

DEBUG: Unmarshalling from application/json
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 24 Feb 2023 12:08:12 GMT
Expires: 0
Pragma: no-cache
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 0

{
  errorCode: "401 UNAUTHORIZED"
  errorMessage: "Authentication failed at controller advice"
}
 tobiashochgurtel@Tobiass-MBP  ~/work-dev/cronmon/api/openapi/restish   main 

but when I define the "Authorization" Header manual on the CLI like following:

restish cronmon-json get-monitors --rsh-verbose -H Authorization:"Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b2JpYXMuaG9jaGd1ZXJ0ZWxAZ29vZ2xlbWFpbC5jb20iLCJpYXQiOjE2NzM2MDE5MDAsImV4cCI6MTY5NjkyOTkwMCwic2NvcGVzIjpbIkFQSSIsIlJFQURfQVBJIl0sIm5hbWUiOiJGaXJzdCBUb2tlbiJ9.Duvjf8b6gf1UzbiOMwcskz26Xl5P5APSOsZSwGH7ezI"
 tobiashochgurtel@Tobiass-MBP  ~/work-dev/cronmon/api/openapi/restish   main  restish cronmon-json get-monitors --rsh-verbose -H Authorization:"Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b2JpYXMuaG9jaGd1ZXJ0ZWxAZ29vZ2xlbWFpbC5jb20iLCJpYXQiOjE2NzM2MDE5MDAsImV4cCI6MTY5NjkyOTkwMCwic2NvcGVzIjpbIkFQSSIsIlJFQURfQVBJIl0sIm5hbWUiOiJGaXJzdCBUb2tlbiJ9.Duvjf8b6gf1UzbiOMwcskz26Xl5P5APSOsZSwGH7ezI"
DEBUG: API loading took 6.418583ms
DEBUG: Configuration: map[api-name:cronmon-json app-name:restish color:true config-directory:/Users/tobiashochgurtel/.restish rsh-ca-cert: rsh-client-cert: rsh-client-key: rsh-filter: rsh-header:[Authorization:Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b2JpYXMuaG9jaGd1ZXJ0ZWxAZ29vZ2xlbWFpbC5jb20iLCJpYXQiOjE2NzM2MDE5MDAsImV4cCI6MTY5NjkyOTkwMCwic2NvcGVzIjpbIkFQSSIsIlJFQURfQVBJIl0sIm5hbWUiOiJGaXJzdCBUb2tlbiJ9.Duvjf8b6gf1UzbiOMwcskz26Xl5P5APSOsZSwGH7ezI] rsh-ignore-status-code:false rsh-insecure:false rsh-no-cache:false rsh-no-paginate:false rsh-output-format:auto rsh-profile:default rsh-query:[] rsh-raw:false rsh-server: rsh-verbose:true server-index:0 tty:true]
DEBUG: Adding TLS configuration
DEBUG: Making request:
GET /api/v1/monitors HTTP/1.1
Host: localhost:8082
Accept: application/yaml;q=0.5,text/*;q=0.2,application/cbor;q=0.9,application/msgpack;q=0.8,application/ion;q=0.6,application/json;q=0.5,*/*
Accept-Encoding: gzip, br
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b2JpYXMuaG9jaGd1ZXJ0ZWxAZ29vZ2xlbWFpbC5jb20iLCJpYXQiOjE2NzM2MDE5MDAsImV4cCI6MTY5NjkyOTkwMCwic2NvcGVzIjpbIkFQSSIsIlJFQURfQVBJIl0sIm5hbWUiOiJGaXJzdCBUb2tlbiJ9.Duvjf8b6gf1UzbiOMwcskz26Xl5P5APSOsZSwGH7ezI
User-Agent: restish-0.17.0

DEBUG: Got response from server in 300.788084ms:
HTTP/1.1 200
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 24 Feb 2023 12:10:06 GMT
Expires: 0
Pragma: no-cache
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 0

314
{"_links":{"self":{"href":"http://localhost:8082/api/v1/monitors?page=0&size=20&offset=0&sort=asc"}},"content":[{"id":"100202","name":"Cron1","disabled":false,"schedule":"*/5 * * * *","timezone":"Europe/Paris","durationMin":null,"durationMax":null,"state":null,"url":null,"platform":null,"type":null},{"id":"150002","name":"New Monitor","disabled":false,"schedule":null,"timezone":"Europe/Paris","durationMin":null,"durationMax":null,"state":null,"url":null,"platform":null,"type":null},{"id":"150006","name":"New Monitor","disabled":false,"schedule":null,"timezone":"Europe/Paris","durationMin":null,"durationMax":null,"state":null,"url":null,"platform":null,"type":null}],"last":true,"totalPages":1,"totalElements":3,"first":true,"size":20,"number":0,"numberOfElements":3,"empty":false}
0

DEBUG: Unmarshalling from application/json
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 24 Feb 2023 12:10:06 GMT
Expires: 0
Pragma: no-cache
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 0

{
  _links: {
    self: {
      href: "http://localhost:8082/api/v1/monitors?page=0&size=20&offset=0&sort=asc"
    }
  }
  content: [
    {
      disabled: false
      durationMax: null
      durationMin: null
      id: "100202"
      name: "Cron1"
      platform: null
      schedule: "*/5 * * * *"
      state: null
      timezone: "Europe/Paris"
      type: null
      url: null
    }
    {
      disabled: false
      durationMax: null
      durationMin: null
      id: "150002"
      name: "New Monitor"
      platform: null
      schedule: null
      state: null
      timezone: "Europe/Paris"
      type: null
      url: null
    }
    {
      disabled: false
      durationMax: null
      durationMin: null
      id: "150006"
      name: "New Monitor"
      platform: null
      schedule: null
      state: null
      timezone: "Europe/Paris"
      type: null
      url: null
    }
  ]
  empty: false
  first: true
  last: true
  number: 0
  numberOfElements: 3
  size: 20
  totalElements: 3
  totalPages: 1
}

it works...

I see also that when the config is writen in ~/.restish/apis.json the headers name gets transformed to lowercase. I added it explicite with a big A at the beginning, and recognized that restish writes the config with a lowercase a for the header name. I can expect that this leads also to an issue.

tobiashochguertel commented 1 year ago

I played a bit around with a fork of restish, and adjusted the code to have a seperated openapi config value for syncing the api. My changes can be found here: https://github.com/tobiashochguertel/restish

I'm not a Go developer... I wouldn't created a pull request but maybe it helps us to solve the issue with a new behavior like I did now.

Related issues: #180