search

datakaveri / iudx-deployment

Installation and setup scripts for single and multi node (clustered) IUDX services.
MIT License
5 stars 27 forks source link

POST requests on old URLs failing during redirection from old urls to new 5.0.0 urls #674

Open abhi4578 opened 6 months ago

abhi4578 commented 6 months ago

  1. Different User Agents interpret this status code differently:

    • cURL changes the HTTP method from POST to GET after the redirect; this causes the request body to be dropped. it later makes a POST to the redirected URL, but since the request body is dropped, we get a 400 Bad Request due to a null body from the server
    • Postman converts the POST to GET outright, and we get a 404 Not Found error since there is no GET /token API.

  2. Another issue occurred at AAA server specifically. The 'Authorization' header is stripped of during the redirect by clients (curl, postman) for security purpose (ref: https://stackoverflow.com/a/28671822). This header is used only at AAA server and hence effects AAA server specifically.

abhi4578 commented 6 months ago
  1. Different User Agents interpret this status code differently:
  • cURL changes the HTTP method from POST to GET after the redirect; this causes the request body to be dropped. it later makes a POST to the redirected URL, but since the request body is dropped, we get a 400 Bad Request due to a null body from the server
  • Postman converts the POST to GET outright, and we get a 404 Not Found error since there is no GET /token API.
  1. Another issue occurred at AAA server specifically. The 'Authorization' header is stripped of during the redirect by clients (curl, postman) for security purpose (ref: https://stackoverflow.com/a/28671822). This header is used only at AAA server and hence effects AAA server specifically.
  1. First issue is solved by adding 308 permanent redirect code. ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/301. How to achieve this, append this annotation, : nginx.ingress.kubernetes.io/permanent-redirect-code: '308'
  2. Directly proxy pass the old auth domain to AAA api server and removed redirect to cos url.
abhi4578 commented 6 months ago
  1. Have different directories for redirects under misc/ directories for each deployment - iudx cos, adex, nec cos
  2. Add readme indicating listing out what each redirect file does briefly, what is it redirecting basically?