acoustic-carpenter-78188
02/14/2023, 3:15 AMx-stripe-*
request header containing an access token;
2. Updating every Flyte client to pass this header.
We would like to use Flyte Admin's `auth.httpAuthorizationHeader` and `auth.grpcAuthorizationHeader` configurations to customize the request header as some x-stripe-*
.
However, currently, these configurations are only evaluated when the `security.useAuth` configuration is enabled, as seen in the following:
• `server.newHTTPServer()` → `auth.GetHTTPRequestCookieToMetadataHandler()`
• `server.newGRPCServer()` → `auth.GetAuthenticationCustomMetadataInterceptor()`
Goal: What should the final outcome look like, ideally?
Introduce a new Flyte Admin configuration that allows the auth.httpAuthorizationHeader
and auth.grpcAuthorizationHeader
configurations to be used, without actually enabling the security.useAuth
configuration.
This new configuration could perhaps be named security.forceUseAuthHeaders
. The default value would be false
. We could optionally consider that enabling both security.useAuth
and this new configuration is invalid, causing a panic.
Describe alternatives you've considered
None
Propose: Link/Inline OR Additional context
No response
Are you sure this issue hasn't been raised already?
☑︎ Yes
Have you read the Code of Conduct?
☑︎ Yes
flyteorg/flyteacoustic-carpenter-78188
02/14/2023, 3:15 AM