search

kestra-io / kestra

:zap: Workflow Automation Platform. Orchestrate & Schedule code in any language, run anywhere, 500+ plugins. Alternative to Zapier, Rundeck, Camunda, Airflow...
https://kestra.io
Apache License 2.0
10.46k stars 869 forks source link

Secret is not populated as a header value in module io.kestra.plugin.core.http.Request #3988

Open SystemFuchs opened 4 months ago

SystemFuchs commented 4 months ago

Describe the issue

Defined a token for a HTTP API request & wanted to use that token as a secret. I'm only getting an error message "Invalid header". Token is usable for the script as the print_token task shows the correct Bearer token. You will get the "Invalid header" error regardless which kind of header you try to populate with the secret.

image image

id: ntfy_alert
namespace: dev
description: Send notification via ntfy

labels:
  env: dev

inputs:
  - id: title
    type: STRING
    required: true 
    defaults:
  - id: priority
    type: ENUM
    defaults: default
    values:
      - min
      - low
      - default
      - hight
      - urgent
  - id: tags
    type: STRING
    required: false
    defaults: 
  - id: actions
    type: STRING
    required: false
    defaults: "view , Kestra, https://abc.def.de"
  - id: data
    type: STRING
    required: false 
    defaults:

tasks:
  - id: print_token
    type: io.kestra.plugin.scripts.shell.Commands
    commands:
      - echo {{ secret('NTFY_TOKEN') }}
  - id: send_data
    type: io.kestra.plugin.core.http.Request
    uri: "https://abd.def.de/kestra"
    method: POST
    #contentType: application/html
    headers: 
      Authorization: "{{ secret('NTFY_TOKEN') }}"
      Title: "{{ inputs.title }}"
      Priority: "{{ inputs.priority }}"
      Tags: "{{ inputs.tags }}"
      Actions: "{{ inputs.actions }}"
    body: "{{ inputs.data }}"

  - id: print_status
    type: io.kestra.plugin.core.log.Log
    message: hello on {{ outputs.send_data.headers.date | first }}

Environment

fhussonnois commented 4 months ago

Hi @SystemFuchs, the Invalid header value can show up if you are providing a header-value that contains non-ASCII characters.

Using the provided example, if you pass a new line character in one of your inputs you will get the same error. Could you please check if all your header-values are valid ?

Unfortunately, I didn't found an issue about secret. Also, unpopulated secret would lead to an empty header which is valid.

SystemFuchs commented 4 months ago

There is no new line char in the token. I've changed the token & here is the one which didn't work:

Plain: tk_ooiassuvoqrrrlohi0vqm7fiachhg base64: dGtfb29pYXNzdXZvcXJycmxvaGkwdnFtN2ZpYWNoaGcK

stormmurdoc commented 2 months ago

Same here

stormmurdoc commented 2 months ago

I solved it with headers: Authorization: "Bearer {{ secret('HASS_API_TOKEN').strip() }}"

Strips the leading newline