Right now, I'm trying to figure out why the Authorization Header is not being created when a HttpClient makes a request.
I would have thought defining CredentialsProvider and passing it via *using()* would trigger some logic to auto add the Authorization header into the Request. Unless I misunderstand the purpose of CredentialsProvider. As Dimas mentioned, HttpClient <https://www.dropwizard.io/1.3.5/docs/manual/client.html#apache-httpclient> can be setup. Then used ProxyConfiguration <https://www.dropwizard.io/1.3.5/docs/manual/client.html#proxy-authentication> to set the following configurations: myClient: url: https://host.com/api/ httpClient: timeout: 3s connectionTimeout: 3s proxy: host: 'host.com' port: 8080 scheme: 'https' auth: username: 'insert-username' password: 'insert-password' authScheme: Basic credentialType: UsernamePassword nonProxyHosts: - 'localhost' So when I do the following: CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials( new AuthScope(proxyConfig.getHost(), proxyConfig.getPort()), new UsernamePasswordCredentials("username", "password") ); final HttpClient apiHttpClient = new HttpClientBuilder(env) .using(config.getHttpClient()) .using(credsProvider) .build("client"); When I make a GET call, I notice the Authorization header is missing: HttpGet request = new HttpGet(requestUrl); request.setProtocolVersion(new ProtocolVersion("HTTP", 2, 0)); JsonNode response = this.getHttpClient().execute(request, getResponseHandler()); So right after the HttpGet is initialized, I have to run request.setHeader(HttpHeaders.AUTHORIZATION, "Basic {encoded-username/password}") in order to ensure the authorization header is there. So that brings me to my assumption that CredentialsProvider (via .using( credsProvider)) would have trigger something that automatically adds the header in the requests. On Thursday, October 18, 2018 at 10:31:45 AM UTC-4, [email protected] wrote: > > Not an API gateway, I am making two microservices that would take requests > forwarded from the client. Then the microservices forward them off to > third-party services. > > The client is supposed to think the microservices has all the information > it needs. The microservices are used to use the client's desired API and > make it look like the third-party services adhere to it. > > It is supposed to be a quick and dirty way to demonstrate the adherence to > a API standard required by the client. As that's what my company wants to > develop and provide to the client. > > On Wednesday, October 17, 2018 at 5:00:46 PM UTC-4, Martin Charlesworth > wrote: >> >> It sounds like you're trying to write your own api gateway. If I were you >> I'd take a look at Netflix Zuul where most of the scaffolding is in place >> for you, before reinventing the wheel. > > -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
