bethesque
commented
4 years ago Sure. But I don't know of any other commands that support custom headers. Which ones are you talking about?
Closed codezninja closed 2 years ago
bethesque
commented
4 years ago Sure. But I don't know of any other commands that support custom headers. Which ones are you talking about?
bethesque
commented
4 years ago You can already set a bearer token in the Authorization header. This was added to support Pactflow and is supported by all client libraries now. Could you use that header/token in the API gateway?
Wallaceh
commented
4 years ago create-or-update-webhook and create-webhook methods allow for a -H option to pass in headers, if I'm seeing things right. It would be the same, but for the publish method.
bethesque
commented
4 years ago The -H is for headers of the request that the webhook executes, not for the request that creates the webhook.
bethesque
commented
4 years ago Back to my earlier question, can you use a bearer token in the Authorization header?
codezninja
commented
4 years ago @bethesque thanks for the quick response. Currently without creating custom code I can't. I wanted to see if we can add that feature option to the pact-broker cli that the testers/developer are using before I headed that route. API Gateway from AWS doesn't natively support using bearer token without creating a custom authorization. I just wanted to make maintenance easier without to many codes.
I don't mind helping out on the PR. I was going to take a look and see if I can figure out where that might be. Its been a minute since I've touched ruby code
codezninja
commented
4 years ago The
-His for headers of the request that the webhook executes, not for the request that creates the webhook.
this is good to know actually. I was thinking the other way around.
bethesque
commented
4 years ago I'll see if I can make that clearer in the command help text.
It wouldn't be too hard to add a different auth header to the publish, but then you're also going to have to add it to verify as well, and every other command that makes contact with your pact broker in every language that you use. You'll not only have to change the Ruby code, but then also get the new option exposed in all the wrapper languages. This is not a small coordination effort! On the other hand, we've got an example of custom auth in an API gateway that we could probably share with you.
bethesque
commented
4 years ago Here's the authorizer function. It uses basic auth, but it would be easy to change it to use tokens. https://gist.github.com/bethesque/cf8d8b0504946c4e4b1ccba5e3c4b5f8
codezninja
commented
4 years ago Thanks for that example @bethesque. But we're trying to use the build in API token solution from API Gateway with usage plans this is where it'll get complex with the authorizers since we plan on having 100s+ tokens with different usage plans. Hence the easier solution yet definitely not an easy effort to pass in the custom header
I do see your point on having to update all the tools and wrappers to support custom headers.
bethesque
commented
2 years ago Closing due to inactivity.
I want to add API gateway in front of pact-broker so I can use its default auth methods with api keys. But I don't want to write a custom authorizer. All the other commands for pact-broker allow the passing of custom headers but not publish. Is this something we can add?