Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[extension/bearerauthtoken] Custom auth header support for bearertokenauth #36986

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

[extension/bearerauthtoken] Custom auth header support for bearertokenauth #36986

wants to merge 8 commits into from
+108 −25

Conversation

omleteer
Copy link

@omleteer omleteer commented Dec 30, 2024
edited
Loading

Adding a config param for bearertokenauth to use a http header other than "Authorization" to read the token param from

Description

Today the bearertokenauth (BTA) by default fetches the auth token from the http "Authorization" header. By allowing multiple auth headers this enables easier attribution as well as decoupling of an extension from a pipeline.

Link to tracking issue

Fixes #36985

Testing

  1. Default config creation ensures that Header value if not specified is set to "Authorization" (defaultHeader)
  2. Ensured current unit tests work are working as intended.
  3. Added extra test to validate behavior with this parameter set (and to ensure "defaultheader" fails)

Documentation

Please see the README.md update.

@omleteer omleteer requested review from jpkrohling and a team as code owners December 30, 2024 23:55
@github-actions github-actions bot requested a review from frzifus December 30, 2024 23:56
@omleteer omleteer changed the title Custom auth header support for bearertokenauth [extension/bearerauthtoken] Custom auth header support for bearertokenauth Dec 31, 2024
JaredTan95
JaredTan95 approved these changes Jan 6, 2025
View reviewed changes
Copy link
Member

@JaredTan95 JaredTan95 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

frzifus
frzifus reviewed Jan 9, 2025
View reviewed changes
Copy link
Member

@frzifus frzifus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just one tiny thing with the release note. wdyt?

I just wanted to highlight that its not a breaking change. Just an optional feature and it works when the extension is used as a client (RoundTripper) or server (Authenticate).

.chloggen/custom-bearertokenauth-header-field-name.yaml Outdated Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frzifus frzifus frzifus left review comments

@JaredTan95 JaredTan95 JaredTan95 approved these changes

@jpkrohling jpkrohling Awaiting requested review from jpkrohling jpkrohling is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@songy23 songy23

Labels
extension/bearertokenauth
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow custom http headers for bearertokenauth
4 participants
@omleteer @frzifus @JaredTan95 @songy23