Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mobile Authorization Key & Project Value api_key Prefix (project not found) #490

Closed
matt-forster opened this issue Feb 7, 2025 · 3 comments · Fixed by #495
Closed

Mobile Authorization Key & Project Value api_key Prefix (project not found) #490

matt-forster opened this issue Feb 7, 2025 · 3 comments · Fixed by #495

Comments

@matt-forster
Copy link

We are having issues connecting our mobile clients to the launch darkly development server.

Specifically, the iOS build is prefixing the the value of the authorization header with api_key, so the development server is not recognizing the project. We are running into this line.

Example:

  1. development server is started with project named example.
  2. The iOS client is sending requests in a way which the dev server is interpreting the project as api_key example.

We found the relevant swift code from the client:

    struct HeaderValue {
        static let apiKey = "api_key"
        static let applicationJson = "application/json"
        static let eventSchema3 = "3"
    }

    private let mobileKey: String
    private let additionalHeaders: [String: String]
    private let authKey: String
    private let userAgent: String
    private let wrapperHeaderVal: String?

    init(config: LDConfig, environmentReporter: EnvironmentReporting) {
        self.mobileKey = config.mobileKey
        self.additionalHeaders = config.additionalHeaders
        self.userAgent = "\(environmentReporter.systemName)/\(environmentReporter.sdkVersion)"
        self.authKey = "\(HeaderValue.apiKey) \(config.mobileKey)".
        ...

To reproduce

  1. start the development server with an established project
  2. route a mobile client using the URI config
  3. make a flag request using the established project
  4. observe the request failing in the dev server logs with the incorrect project

Expected behaviour

  1. start the development server with an established project
  2. route a mobile client using the URI config
  3. make a flag request using the established project
  4. the dev server recognizes the project correctly

Logs

::1 - - [07/Feb/2025:21:34:21 +0000] "GET /ui/ HTTP/1.1" 200 0 "" "Wget"
2025/02/07 21:34:23 project, api_key example, not found
2025/02/07 21:34:23 To add your project to the dev server, call `ldcli dev-server add-project --project api_key example --source {SOURCE_ENV_KEY}
172.18.0.1 - - [07/Feb/2025:21:34:23 +0000] "GET /meval/... HTTP/1.1" 404 33 "" "iOS/5.4.5"

CLI version

LDCLI 1.9.1

Client Version

We are currently in the process of upgrading to the latest, but we found this to be the case in
launchdarkly-react-native-client-sdk v8 and v9.

OS/platform

macOS 14.7

Additional context

Happy to propose a change;

// Strip the `api_key` prefix from the Authorization header value, if present
func stripApiKeyFromAuthorizationValue(headerValue string) string {
	value, _ := strings.CutPrefix(headerValue, "api_key")

	return strings.Trim(value, " ")
}
@mike-zorn
Copy link
Contributor

Thanks for the bug report. Sorry you ran into this issue. We'll add support for this scenario very soon.

@mike-zorn
Copy link
Contributor

Fixed in 1.12.1. Release is currently publishing. Should be available in a few minutes.

@matt-forster
Copy link
Author

Thanks a tonne for the quick turnaround!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants