Closed codezninja closed 2 years ago
Sure. But I don't know of any other commands that support custom headers. Which ones are you talking about?
You can already set a bearer token in the Authorization header. This was added to support Pactflow and is supported by all client libraries now. Could you use that header/token in the API gateway?
create-or-update-webhook and create-webhook methods allow for a -H option to pass in headers, if I'm seeing things right. It would be the same, but for the publish method.
The -H
is for headers of the request that the webhook executes, not for the request that creates the webhook.
Back to my earlier question, can you use a bearer token in the Authorization header?
@bethesque thanks for the quick response. Currently without creating custom code I can't. I wanted to see if we can add that feature option to the pact-broker cli that the testers/developer are using before I headed that route. API Gateway from AWS doesn't natively support using bearer token without creating a custom authorization. I just wanted to make maintenance easier without to many codes.
I don't mind helping out on the PR. I was going to take a look and see if I can figure out where that might be. Its been a minute since I've touched ruby code
The
-H
is for headers of the request that the webhook executes, not for the request that creates the webhook.
this is good to know actually. I was thinking the other way around.
I'll see if I can make that clearer in the command help text.
It wouldn't be too hard to add a different auth header to the publish, but then you're also going to have to add it to verify as well, and every other command that makes contact with your pact broker in every language that you use. You'll not only have to change the Ruby code, but then also get the new option exposed in all the wrapper languages. This is not a small coordination effort! On the other hand, we've got an example of custom auth in an API gateway that we could probably share with you.
Here's the authorizer function. It uses basic auth, but it would be easy to change it to use tokens. https://gist.github.com/bethesque/cf8d8b0504946c4e4b1ccba5e3c4b5f8
Thanks for that example @bethesque. But we're trying to use the build in API token solution from API Gateway with usage plans this is where it'll get complex with the authorizers since we plan on having 100s+ tokens with different usage plans. Hence the easier solution yet definitely not an easy effort to pass in the custom header
I do see your point on having to update all the tools and wrappers to support custom headers.
Closing due to inactivity.
I want to add API gateway in front of pact-broker so I can use its default auth methods with api keys. But I don't want to write a custom authorizer. All the other commands for pact-broker allow the passing of custom headers but not publish. Is this something we can add?