Handling 401 Unauthorised response code in OTEL collector - open-telemetry

What is correct way to handle 401 unauthorised response from prometheusremotewrite?
I want to run a custom code to fetch latest authorisation credentials from an http endpoint when OTEL collector receives 401 response code from prometheusremotewrite URL. From what I saw, there isn't any hook possible to do this? I want to avoid cloning current exporter just to write this piece of code.

OTEL collector has an interface for authentication https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/configauth/README.md
There is already basic auth extension - https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/extension/basicauthextension
I would write only extension for your need, I wouldn't fork exporter.

Related

Spring RestTemplate Response string is shorter than expected

I am trying to get an access token via RestTemplate.postForEntity().
myRestTemplate.postForEntity(authBaseUrl, request, Object.class);
I have a specific class for it, but let's use now a simple Object as type. It contains an access_token field.
It works, because I can get response, but the length if the access tokens (which is a string)
is 1196 character long. And I can get the same length in Postman too.
But if I use the intelliJ built-in REST client, the length is 1199.
Only the token from the intelliJ rest client works (So the longer).
Because I always get a new access token, it is impossible to get the same token twice.
How can I debug it?
What could be the problem?
Is the code that generates the response available to you? if so in your response add a header content-length so you can see what the server sent and what you received. Also, debug the server side and see what is being generated. In addition take another 3d party Http client and test it with this client see if you see a difference. The Http clients that you can try are Apache Http client, OK Http client, or my favorite - a very simplistic client written by me as part of my own Open Source MgntUtils library. Here is the Javadoc for my http client Here is a link to a similar question where you can get the references for any of above mentioned Http clients: How to check the status of POST endpoint/url in java

AWS API Gateway 429 response - no CORS headers

The 429 responses issued by API Gateway (when lowering the max concurrent requests and exceeding it) do not have the CORS headers, so the ajax request in the browser just throws error without any info that could selectively make it trigger a retry.
Any workaround but for retrying any error in the client app / i.e. any work around to have AWS include the CORS headers in the 429 response? CORS is enabled in API gateway, the OPTIONS method is there and responds the headers, and a lambda responds them itself (proxy integration) - all works well but for the 429.
I had a similar issue that was resolved by this answer. You need to create a custom response for 4** and 5** templates. You can do it manually in the AWS console, like so:
Remember to redeploy the API after changing this.
If API Gateway returns 429 you're probably hitting the limit for Lambda's lambda concurrency (or at least that was in my case). The CORS headers are not being sent to the client, since API Gateway blocks the request before hitting your Lambda.

Jmeter - Getting 403 forbidden errors on custom api's while running a login script of sharepoint login

I'm getting 403 error on each custom rest api while executing the sharepoint login.
Could you please share with me a solution with an example?
This error comes
{"error":{"code":"-2147024891,
System.UnauthorizedAccessException","message":{"lang":"en-US","value":"Access
denied. You do not have permission to perform this action or access
this resource."}}}
Most probably you need to add proper authentication context to each API request and the most common way to protect the API from unauthorized usage is requirement to have valid Authorization header.
Inspect the outgoing requests to your custom API using your browser's developer tool and pay attention to the request headers in the "Network" tab, I believe you should see the aforementioned "Authorization" header or Cookie header or something like this.
In your JMeter script you can add custom headers to your requests using HTTP Header Manager
JMeter should handle Cookies automatically given you add HTTP Cookie Manager to your Test Plan.

AWS api gateway - http proxy should take status code from origin

I am currently trying to setup AWS Api Gateway, to proxy to another api, that has fully functional methods, response content, status codes etc. This is fairly simple to setup, but I have noticed that the Api Gateway always returns 200 OK no matter what the origin api responds with.
Fx. if there was a bad request (in the origin api) which results in a error message in JSON and a 400 Bad Request, the Api Gateway will respond with a the exact same error message, but a status code of 200 OK
If I remove all settings from the Message Response in the API Gateway web-interface, I get an internal error in the API Gateway. Can it be true that I have to map all the different status codes from the origin api manually in the Api Gateway?
I would prefer if it was possible to just let the status code (as well as the response, which currently works great) pass through, and not have the Api Gateway touch it in any way.
Proxy integration can be used to achieve this. In this case, it is HTTP Proxy. Lambda Proxy integration can also be used but will need some code logic in lambda. API GW will then return the result as-is.
You are correct that currently when using API Gateway you are required to map all response codes in your integration responses. We have heard this "pass through" request from other customers and we may consider including this in future updates to the service.

Trying to call parse.com cloud function using maigun route action

I'm trying to use a parse.com cloud function in a mailgun route action (forward).
My action is like this (with my app id and JS key included of course):
forward("https://myAppId:javascript-key:myJSkey#api.parse.com/1/functions/hello")
In the mailgun logs, I see it call, but I get the following error:
HTTP Error 401: Unauthorized Server response: 401 HTTP Error 401: Unauthorized
My function is just a simple response.send("OK");
Obviously I'm missing something.
Greg
The issue I think is that the Cloud Code calling convention requires you use special Parse headers, not just keys: it may be different if its being called from a browser with sets the referer headers. I'm not sure you'll be able to call it this way directly from Mailgun: you may need a proxy of some sort.
EDIT: I think you'll need to use the Express Webhook implementation instead, and then you can use standard basic authentication. Cloud Code is really for cases where you have control over the HTTP client you're using.

Resources