Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(headers): avoid retrofit and okhttp adding duplicate headers #1114

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

dmart
Copy link
Contributor

@dmart dmart commented Nov 6, 2023

With the addition of the okHttp3 request interceptor SpinnakerRequestHeaderInterceptor in #1004 having retrofit1 add X-SPINNAKER-* headers is now redundant, this results in the headers being added twice to all retrofit1 client requests.

@dmart
Copy link
Contributor Author

dmart commented Nov 6, 2023

For some requests the duplicate headers break Fiat auth calls which show up like the following, however I am unable to determine why some requests break and not others:
FiatPermissionEvaluator : [david.martin@****, david.martin@****] Cannot get whole user permission for user david.martin@****, david.martin@****, reason: 404

@dbyron-sf
Copy link
Contributor

I suspect you're right about this. Would you mind adding a test that demonstrates it?

@dmart dmart force-pushed the duplicate-headers branch 4 times, most recently from 8a681f5 to 1fe7107 Compare November 13, 2023 15:26
import com.netflix.spinnaker.security.AuthenticatedRequest
import retrofit.RequestInterceptor

class SpinnakerRequestInterceptor implements RequestInterceptor {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comments like this one in MdcCopyingAsyncTaskExecutor could use a tweak now that SpinnakerRequestHeaderInterceptor is doing the copying.

I also see some other places that use SpinnakerRequestInterceptor that are going to need adjusting:

Can you make draft PRs to resolve those, or...maybe we need some more discussion about how to resolve them?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe removing the bean entirely is not the way to go, perhaps marking it deprecated and simply having intercept noop so we don't break other projects? I don't love either solution.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I don't love that either. I'd love to at least explore what it would be like to remove it. Or at least what the path is to stop using it.

@dmart dmart force-pushed the duplicate-headers branch from d952d69 to 9025bbd Compare November 13, 2023 21:46
With the addition of the okHttp3 request interceptor `SpinnakerRequestHeaderInterceptor` in
spinnaker#1004 having retrofit1 add `X-SPINNAKER-*` headers is now redundant,
this results in the headers being added twice to all retrofit1 client requests.
@dmart dmart force-pushed the duplicate-headers branch from e097f5f to e44aa56 Compare November 13, 2023 22:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants