Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] elasticApiKey is ignored and not added to the requests' header #159

Closed
cequimemeut opened this issue Dec 25, 2024 · 4 comments
Closed

[BUG] elasticApiKey is ignored and not added to the requests' header #159

cequimemeut opened this issue Dec 25, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@cequimemeut
Copy link

Describe the bug

Hello. I think I found an issue with configuring a KtorRestClient using the elasticApiKey parameter. I think this parameter is ignored because my resulting queries don't have any security header like "Authorization"-> "ApiKey xxxx"
When running a query to my Elasticsearch instance, I run into this error:

{
  "error": {
    "root_cause": [
      {
        "type": "security_exception",
        "reason": "missing authentication credentials for REST request [/myindex]",
        "header": {
          "WWW-Authenticate": [
            "Basic realm=\"security\", charset=\"UTF-8\"",
            "ApiKey"
          ]
        }
      }
    ],
    "type": "security_exception",
    "reason": "missing authentication credentials for REST request [/myindex]",
    "header": {
      "WWW-Authenticate": [
        "Basic realm=\"security\", charset=\"UTF-8\"",
        "ApiKey"
      ]
    }
  },
  "status": 401
}

When debugging into the kt-search code, I see that no header are present:

image

If at that point, I manually add the "Authorization"-> "ApiKey xxxx" header in the debugger, then the query works fine.

To Reproduce

Here how to reproduce the problem locally:

  • Run a local instance of Elasticsearch configured with an API key using docker. You can do that easily by running this command: curl -fsSL https://elastic.co/start-local | sh (more info here)
  • Run this kotlin snippet using the API key that appeared in your env file after executing the previous script:
package com.test.ktsearch

import com.jillesvangurp.ktsearch.KtorRestClient
import com.jillesvangurp.ktsearch.SearchClient
import com.jillesvangurp.ktsearch.getIndex
import kotlinx.coroutines.runBlocking

fun main() {
    val searchClient = SearchClient(
        KtorRestClient(
            host = "localhost",
            port = 9200,
            https = false,
            elasticApiKey = "xxxxxx",
            logging = true,
        ),
    )

    runBlocking {
        searchClient.getIndex("myindex")
    }
}

Expected behavior

No error about security should be raised from the previous snippet

Your context

I am adding my snippet project with IntelliJ if you want to bootstrap faster:
KtSearchTest.zip

libs:

  • kt-search version 2.3.4
  • kotlin 2.0.21
  • what operating system are you using: MacOS Sequoia

Will you be able to help with a pull request?

Optional of course, but do let me know if you plan to do work.
@cequimemeut cequimemeut added the bug Something isn't working label Dec 25, 2024
@jillesvangurp
Copy link
Owner

Hey, thanks for reporting. I recently got a report from somebody else related to this. I'll see if I can address this soon. For now, either use basic authentication or indeed do what you are currently doing as a workaround.

@jillesvangurp
Copy link
Owner

See #155

@jillesvangurp
Copy link
Owner

Turns out I was adding the headers incorrectly; so this was indeed a bug. I tested this manually and it should work correctly now.

@cequimemeut
Copy link
Author

Thanks for fixing this so quickly!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jillesvangurp @cequimemeut