search

kean / Nuke

Image loading system
https://kean.blog/nuke
MIT License
8.16k stars 529 forks source link

Authorization header #790

Closed justingiffard-impact closed 5 months ago

justingiffard-impact commented 5 months ago

Hiya, I was wondering if you could help me

I posted this in #183 but figured seeing as its closed it may not be seen

I have tried the route of making a URLRequest and then making a ImageRequest out of it and then using LazyImage(request: ImageRequest, content: Content) and it seems to stripping the auth headers

From what I can tell (and please correct me if I am wrong) the ImageRequest(urlRequest:) initialiser packs the urlRequest into a Resource enum. I cannot tell if its there that the headers are lost or not though

If I look in lldb though the imageRequest looks like this:

ImageRequest(resource: https://redacted.com/redacted/Logo, priority: normal, processors: [], options: Options(rawValue: 0), userInfo: [:])

which doesn't really make it clear if it uses the headers or not

if I look at the urlRequest though I can see the headers are present

▿ Optional
▿ some : https://redacted.com/redacted/Logo
▿ url : Optional
▿ some : https://redacted.com/redacted/Logo
- _url : https://redacted.com/redacted/Logo
- cachePolicy : 0
- timeoutInterval : 60.0
- mainDocumentURL : nil
- networkServiceType : __C.NSURLRequestNetworkServiceType
- allowsCellularAccess : true
▿ httpMethod : Optional
- some : "GET"
▿ allHTTPHeaderFields : Optional<Dictionary<String, String>>
▿ some : 4 elements
▿ 0 : 2 elements
- key : "Sec-CH-UA-Mobile"
- value : "redacted"
▿ 1 : 2 elements
- key : "Sec-CH-UA-Platform"
- value : "redacted"
▿ 2 : 2 elements
- key : "Authorization"
- value : "Bearer redacted"
▿ 3 : 2 elements
- key : "Sec-CH-UA"
- value : "redacted"
- httpBody : nil
- httpBodyStream : nil
- httpShouldHandleCookies : true
- httpShouldUsePipelining : false

interestingly if I look at state it seems to be giving me a 500 which is very weird. If I try the exact same url in Insomnia I get 401 without the Authorization and 200 with it

any ideas?

justingiffard-impact commented 5 months ago

So I appear to be wrong with thinking that the headers are lost when being packed into the resource enum... but still not sure why this is happening 🤔

justingiffard-impact commented 5 months ago

I found the issue... one of the logos was 404ing and returning a cookie... then all subsequent calls were sending up that cookie which for some reason was being blocked by the server slow claps good job backend team

just for future reverence this is what I do:

I create a URLRequest from the url I then add the headers I need I then tell the request not to handle cookies I then use make a ImageRequest from that 

var request = URLRequest(url: url)
request.setValue("Bearer \(token)", forHTTPHeaderField: "Authorization")
request.httpShouldHandleCookies = false
let imageRequest: ImageRequest? =  if let url { .init(url: url) } else { nil }

then I use that imageRequest inside my SwiftUI in a LazyImage