Closed nikschul closed 2 months ago
I could provide a fix for the issue by opening a PR.
The "Authorization" configuration is done on collection level, which is was causes the X-API-Key header to be added to all requests. I saw that some requests also have the X-Api-Key
header defined explicitly, which is incorrect, because it overrides the collection-level config.
I think authorization should be defined at collection level, not individually per request.
Similarly, the Content-Type
header could be configured with a collection-level pre-request script.
Bug Report
Describe the Bug
Some requests inside the Postman collection are missing the required
X-Api-Key
header entry and therefore get a401 Unauthorized
response.Expected Behavior
A
200 OK
response.Observed Behavior
A response with
401 Unauthorized
on requests "Get Cached Catalogs", "Initiate Transfer" or "Get Transfer Process".Steps to Reproduce
Steps to reproduce the behavior:
README.md
Context Information
Used version: EDC 0.10.0-SNAPSHOT
OS: Ubuntu using Bruno for REST requests
Detailed Description
Possible Implementation
The requests "Get Cached Catalogs", "Initiate Transfer" und "Get Transfer Process" don't have any headers at all. Adding the header
X-Api-Key: password
fixed the problem. The request "Initiate Negotiation" is missing the headerContent-Type: application/json
which would also be meaningful as the request body contains a JSON like the other requests, but is not strictly necessary.