Injecting headers in UDG to upstream

mpb01e · July 8, 2021, 5:26pm

@Olu continuing our conversation from the other thread here for visibility. Here’s a UDG API that I’m currently using which is setup to hit httpbin.org/headers to echo back the headers passed in. I’m currently receiving this response back:

“{\n "headers": {\n "Accept-Encoding": "gzip", \n "Authorization": "{{ .request.headers.authorization }}", \n "Host": "httpbin.org", \n "User-Agent": "Go-http-client/1.1"\n }\n}\n”

with this API definition:

{
“created_at”: “2021-07-08T17:11:51Z”,
“api_model”: {},
“api_definition”: {
“api_id”: “c9c23b3001ba478e6416c23a535e7532”,
“jwt_issued_at_validation_skew”: 0,
“upstream_certificates”: {},
“use_keyless”: true,
“enable_coprocess_auth”: false,
“base_identity_provided_by”: “”,
“custom_middleware”: {
“pre”: ,
“post”: ,
“post_key_auth”: ,
“auth_check”: {
“name”: “”,
“path”: “”,
“require_session”: false,
“raw_body_only”: false
},
“response”: ,
“driver”: “”,
“id_extractor”: {
“extract_from”: “”,
“extract_with”: “”,
“extractor_config”: {}
}
},
“disable_quota”: false,
“custom_middleware_bundle”: “”,
“cache_options”: {
“cache_timeout”: 60,
“enable_cache”: true,
“cache_all_safe_requests”: false,
“cache_response_codes”: ,
“enable_upstream_cache_control”: false,
“cache_control_ttl_header”: “”,
“cache_by_headers”:
},
“enable_ip_blacklisting”: false,
“tag_headers”: ,
“jwt_scope_to_policy_mapping”: {},
“pinned_public_keys”: {},
“expire_analytics_after”: 0,
“domain”: “”,
“openid_options”: {
“providers”: ,
“segregate_by_client”: false
},
“jwt_policy_field_name”: “”,
“enable_proxy_protocol”: false,
“jwt_default_policies”: ,
“active”: true,
“jwt_expires_at_validation_skew”: 0,
“config_data”: {},
“notifications”: {
“shared_secret”: “”,
“oauth_on_keychange_url”: “”
},
“jwt_client_base_field”: “”,
“auth”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“check_host_against_uptime_tests”: false,
“auth_provider”: {
“name”: “”,
“storage_engine”: “”,
“meta”: {}
},
“blacklisted_ips”: ,
“graphql”: {
“enabled”: true,
“execution_mode”: “executionEngine”,
“schema”: “type Mutation {\n default: String\n}\n\ntype Query {\n test: String\n}\n”,
“last_schema_update”: “2021-07-08T17:11:51.501Z”,
“type_field_configurations”: [
{
“type_name”: “Query”,
“field_name”: “test”,
“mapping”: {
“disabled”: true,
“path”: “”
},
“data_source”: {
“kind”: “HTTPJSONDataSource”,
“data_source_config”: {
“url”: “http://httpbin.org/headers”,
“method”: “GET”,
“body”: “”,
“headers”: [
{
“key”: “Authorization”,
“value”: “{{ .request.headers.authorization }}”
}
],
“default_type_name”: “”,
“status_code_type_name_mappings”: [
{
“status_code”: 200,
“type_name”: “”
}
]
}
}
}
],
“playground”: {
“enabled”: false,
“path”: “”
}
},
“hmac_allowed_clock_skew”: -1,
“dont_set_quota_on_create”: false,
“uptime_tests”: {
“check_list”: ,
“config”: {
“expire_utime_after”: 0,
“service_discovery”: {
“use_discovery_service”: false,
“query_endpoint”: “”,
“use_nested_query”: false,
“parent_data_path”: “”,
“data_path”: “”,
“cache_timeout”: 60
},
“recheck_wait”: 0
}
},
“enable_jwt”: false,
“do_not_track”: false,
“name”: “test-udg”,
“slug”: “test-udg”,
“oauth_meta”: {
“allowed_access_types”: ,
“allowed_authorize_types”: ,
“auth_login_redirect”: “”
},
“CORS”: {
“enable”: false,
“max_age”: 24,
“allow_credentials”: false,
“exposed_headers”: ,
“allowed_headers”: [
“Origin”,
“Accept”,
“Content-Type”,
“X-Requested-With”,
“Authorization”
],
“options_passthrough”: false,
“debug”: false,
“allowed_origins”: [
“*”
],
“allowed_methods”: [
“GET”,
“POST”,
“HEAD”
]
},
“event_handlers”: {
“events”: {}
},
“proxy”: {
“target_url”: “”,
“service_discovery”: {
“endpoint_returns_list”: false,
“cache_timeout”: 0,
“parent_data_path”: “”,
“query_endpoint”: “”,
“use_discovery_service”: false,
“_sd_show_port_path”: false,
“target_path”: “”,
“use_target_list”: false,
“use_nested_query”: false,
“data_path”: “”,
“port_data_path”: “”
},
“check_host_against_uptime_tests”: false,
“transport”: {
“ssl_insecure_skip_verify”: false,
“ssl_min_version”: 0,
“proxy_url”: “”,
“ssl_ciphers”:
},
“target_list”: ,
“preserve_host_header”: false,
“strip_listen_path”: true,
“enable_load_balancing”: false,
“listen_path”: “/test-udg/”,
“disable_strip_slash”: false
},
“client_certificates”: ,
“use_basic_auth”: false,
“version_data”: {
“not_versioned”: true,
“default_version”: “”,
“versions”: {
“Default”: {
“name”: “Default”,
“expires”: “”,
“paths”: {
“ignored”: ,
“white_list”: ,
“black_list”:
},
“use_extended_paths”: true,
“extended_paths”: {
“ignored”: ,
“white_list”: ,
“black_list”: ,
“transform”: ,
“transform_response”: ,
“transform_jq”: ,
“transform_jq_response”: ,
“transform_headers”: ,
“transform_response_headers”: ,
“hard_timeouts”: ,
“circuit_breakers”: ,
“url_rewrites”: ,
“virtual”: ,
“size_limits”: ,
“method_transforms”: ,
“track_endpoints”: ,
“do_not_track_endpoints”: ,
“validate_json”: ,
“internal”:
},
“global_headers”: {},
“global_headers_remove”: ,
“global_response_headers”: {},
“global_response_headers_remove”: ,
“ignore_endpoint_case”: false,
“global_size_limit”: 0,
“override_target”: “”
}
}
},
“jwt_scope_claim_name”: “”,
“use_standard_auth”: false,
“session_lifetime”: 0,
“hmac_allowed_algorithms”: ,
“disable_rate_limit”: false,
“definition”: {
“location”: “header”,
“key”: “x-api-version”,
“strip_path”: false
},
“use_oauth2”: false,
“jwt_source”: “”,
“jwt_signing_method”: “”,
“jwt_not_before_validation_skew”: 0,
“use_go_plugin_auth”: false,
“jwt_identity_base_field”: “”,
“allowed_ips”: ,
“request_signing”: {
“is_enabled”: false,
“secret”: “”,
“key_id”: “”,
“algorithm”: “”,
“header_list”: ,
“certificate_id”: “”,
“signature_header”: “”
},
“org_id”: “60c78b219ee2c2000174433c”,
“enable_ip_whitelisting”: false,
“global_rate_limit”: {
“rate”: 0,
“per”: 0
},
“protocol”: “”,
“enable_context_vars”: false,
“tags”: ,
“basic_auth”: {
“disable_caching”: false,
“cache_ttl”: 0,
“extract_from_body”: false,
“body_user_regexp”: “”,
“body_password_regexp”: “”
},
“listen_port”: 0,
“session_provider”: {
“name”: “”,
“storage_engine”: “”,
“meta”: {}
},
“auth_configs”: {
“authToken”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“basic”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“coprocess”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“hmac”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“jwt”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“oauth”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
},
“oidc”: {
“use_param”: false,
“param_name”: “”,
“use_cookie”: false,
“cookie_name”: “”,
“auth_header_name”: “Authorization”,
“use_certificate”: false,
“validate_signature”: false,
“signature”: {
“algorithm”: “”,
“header”: “”,
“secret”: “”,
“allowed_clock_skew”: 0,
“error_code”: 0,
“error_message”: “”
}
}
},
“strip_auth_data”: false,
“id”: “60e731d7ac97860001ee4683”,
“certificates”: ,
“enable_signature_checking”: false,
“use_openid”: false,
“internal”: false,
“jwt_skip_kid”: false,
“enable_batch_request_support”: false,
“enable_detailed_recording”: false,
“response_processors”: ,
“use_mutual_tls_auth”: false
},
“hook_references”: ,
“is_site”: false,
“sort_by”: 0,
“user_group_owners”: ,
“user_owners”:
}

Olu · July 9, 2021, 11:18am

Hi @mpb01e

From the API definition I can observe the old configuration is still being used. Version 3.2.1 introduced some breaking changes. For instance graphql.type_field_configurations is no longer used and graphql.engine.data_sources is now the replacement for GraphQL APIs.

I have attached a sample of my own API Definition below. Please follow our migration guide to 3.2 to resolve the issue

"graphql": {
  "schema": "type Person {\n  name: String!\n  height: String!\n  mass: String!\n}\n\ntype Query {\n  person(id: ID): Person\n}\n",
  "enabled": true,
  "engine": {
    "field_configs": [
      {
        "type_name": "Query",
        "field_name": "person",
        "disable_default_mapping": true,
        "path": [
          ""
        ]
      }
    ],
    "data_sources": [
      {
        "kind": "REST",
        "name": "person",
        "internal": false,
        "root_fields": [
          {
            "type": "Query",
            "fields": [
              "person"
            ]
          }
        ],
        "config": {
          "url": "http://www.tyk-test.com:8080/star-wars-rest-api/people/{{.arguments.id}}",
          "method": "GET",
          "body": "",
          "headers": {
            "Authorization": "{{.request.headers.Authorization}}",
            "From": "Graph API"
          },
          "default_type_name": "Person"
        }
      }
    ]
  },

mpb01e · July 15, 2021, 6:15pm

It looks like that was the problem! For anyone else in the future looking at this thread both the gateway AND dashboard version need to be >= 3.2.1. My issue was that only the gateway was updated and the dashboard was still generating the API definition according to its own version. Thanks for the help @Olu