Don't send basic auth header

[vasilievs]

i want to use oauth proxy for kibana authentication.
They are covered by Basic Authentication (i cannot turn it off).
but, I want to pass a header
(in nginx or curl I do this:
proxy_set_header Authorization "Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ =")
and it works.

when trying to specify a custom header in a command block:

version: '2.4'
services:
  proxy:
    container_name: kibana-proxy
    image: {{ kibana_proxy_image_version }}
    command:
    - --discovery-url={{kibana_proxy_auth_url}}
    - --client-id={{kibana_proxy_clientd_id}}
    - --client-secret={{kibana_proxy_clientd_secret}}
    - --listen=: {{kibana_port}}
    - --redirection-url=https: // {{ansible_fqdn}}: {{kibana_port}}
    - --upstream-url=http: //127.0.0.1: {{kibana_internal_port}}
    - --headers="Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ ="

I get an error

[error] invalid tag '"Authorization = Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ ="' should be key = pair
Is this a bug or I cannot pass this header through louketo-proxy?

Environment

Version of everything that it's running in your environment:

• OS: rhel
  docker compose,
  docker image :quay.io/louketo/louketo-proxy

[vasilievs]

The fix on the problem was even described?
#455

[sandeepbangera]

@vasilievs I think you have an error in the config. The format is --headers=headerName=headerValue:

Try changing to below:
- --headers="Authorization=Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ="

If you notice there is an extra space before = at end in your example which does not look right - --headers="Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ = and also the missing header name.
I assume the above does not work due to #455.

Just saw an error in your original post. Its possible even if you fix it, It will still not work due to #455 OR maybe you tried the correct way and posted the wrong config.

[sandeepbangera]

The code here https://github.com/louketo/louketo-proxy/blob/master/utils.go#L214 definitely does not look right to me. It should be looking for the first = in the string and split it. It should throw an error only if there is no occurence of = in the string. When you do a base64 encode of the string it will contain = character 👎

[vasilievs]

thanks for your answer.

Yes, i used correct header, the github markdown corrected my post.

- --headers="Authorization=Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ="

it doesn't work.

In base64 encode password i don't select characters (depends on login:pass phrase)

[vasilievs]

update
i generated user: pass for kibana without '=' charecters in encode base64
- --headers="Authorization=Basic dXNlcjE6MTIzNDU2Nzg5"
No error in louketo logs, but after autorization next error:
net / http: invalid header field name" \ "Authorization"
maybe it's because of the space in string ?

[sc7565]

We are also stuck, in same boat.. any leads would really help..