Plugins: Automatically forward plugin request HTTP headers in outgoing HTTP requests (#60417)

Automatically forward core plugin request HTTP headers in outgoing HTTP requests. Core datasource plugin authors don't have to specifically handle forwarding of HTTP headers, e.g. do not have to "hardcode" the header-names in the datasource plugin, if not having custom needs. Fixes #57065
2025-08-01 10:50:19 +08:00 · 2022-12-21 13:25:58 +01:00
parent aaab477594
commit c35c689a96
32 changed files with 816 additions and 1194 deletions
--- a/pkg/services/pluginsintegration/clientmiddleware/oauthtoken_middleware_test.go
+++ b/pkg/services/pluginsintegration/clientmiddleware/oauthtoken_middleware_test.go
@ -6,8 +6,6 @@ import (
 	"testing"

 	"github.com/grafana/grafana-plugin-sdk-go/backend"
-	"github.com/grafana/grafana-plugin-sdk-go/backend/httpclient"
-	"github.com/grafana/grafana/pkg/infra/httpclient/httpclientprovider"
 	"github.com/grafana/grafana/pkg/plugins/manager/client/clienttest"
 	"github.com/grafana/grafana/pkg/services/oauthtoken/oauthtokentest"
 	"github.com/grafana/grafana/pkg/services/user"
@ -49,9 +47,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.NotNil(t, cdt.QueryDataReq)
 			require.Len(t, cdt.QueryDataReq.Headers, 1)
 			require.Equal(t, "test", cdt.QueryDataReq.Headers[otherHeader])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.QueryDataCtx)
-			require.Len(t, middlewares, 0)
 		})

 		t.Run("Should not forward OAuth Identity when calling CallResource", func(t *testing.T) {
@ -63,9 +58,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.NotNil(t, cdt.CallResourceReq)
 			require.Len(t, cdt.CallResourceReq.Headers, 1)
 			require.Equal(t, "test", cdt.CallResourceReq.Headers[otherHeader][0])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.CallResourceCtx)
-			require.Len(t, middlewares, 0)
 		})

 		t.Run("Should not forward OAuth Identity when calling CheckHealth", func(t *testing.T) {
@ -77,9 +69,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.NotNil(t, cdt.CheckHealthReq)
 			require.Len(t, cdt.CheckHealthReq.Headers, 1)
 			require.Equal(t, "test", cdt.CheckHealthReq.Headers[otherHeader])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.CheckHealthCtx)
-			require.Len(t, middlewares, 0)
 		})
 	})

@ -125,19 +114,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.Equal(t, "test", cdt.QueryDataReq.Headers[otherHeader])
 			require.Equal(t, "Bearer access-token", cdt.QueryDataReq.Headers[tokenHeaderName])
 			require.Equal(t, "id-token", cdt.QueryDataReq.Headers[idTokenHeaderName])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.QueryDataCtx)
-			require.Len(t, middlewares, 1)
-			require.Equal(t, httpclientprovider.SetHeadersMiddlewareName, middlewares[0].(httpclient.MiddlewareName).MiddlewareName())
-
-			reqClone := req.Clone(req.Context())
-			res, err := middlewares[0].CreateMiddleware(httpclient.Options{}, finalRoundTripper).RoundTrip(reqClone)
-			require.NoError(t, err)
-			require.NoError(t, res.Body.Close())
-			require.Len(t, reqClone.Header, 3)
-			require.Equal(t, "test", reqClone.Header.Get(otherHeader))
-			require.Equal(t, "Bearer access-token", reqClone.Header.Get(tokenHeaderName))
-			require.Equal(t, "id-token", reqClone.Header.Get(idTokenHeaderName))
 		})

 		t.Run("Should forward OAuth Identity when calling CallResource", func(t *testing.T) {
@ -153,19 +129,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.Equal(t, "Bearer access-token", cdt.CallResourceReq.Headers[tokenHeaderName][0])
 			require.Len(t, cdt.CallResourceReq.Headers[idTokenHeaderName], 1)
 			require.Equal(t, "id-token", cdt.CallResourceReq.Headers[idTokenHeaderName][0])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.CallResourceCtx)
-			require.Len(t, middlewares, 1)
-			require.Equal(t, httpclientprovider.SetHeadersMiddlewareName, middlewares[0].(httpclient.MiddlewareName).MiddlewareName())
-
-			reqClone := req.Clone(req.Context())
-			res, err := middlewares[0].CreateMiddleware(httpclient.Options{}, finalRoundTripper).RoundTrip(reqClone)
-			require.NoError(t, err)
-			require.NoError(t, res.Body.Close())
-			require.Len(t, reqClone.Header, 3)
-			require.Equal(t, "test", reqClone.Header.Get(otherHeader))
-			require.Equal(t, "Bearer access-token", reqClone.Header.Get(tokenHeaderName))
-			require.Equal(t, "id-token", reqClone.Header.Get(idTokenHeaderName))
 		})

 		t.Run("Should forward OAuth Identity when calling CheckHealth", func(t *testing.T) {
@ -179,19 +142,6 @@ func TestOAuthTokenMiddleware(t *testing.T) {
 			require.Equal(t, "test", cdt.CheckHealthReq.Headers[otherHeader])
 			require.Equal(t, "Bearer access-token", cdt.CheckHealthReq.Headers[tokenHeaderName])
 			require.Equal(t, "id-token", cdt.CheckHealthReq.Headers[idTokenHeaderName])
-
-			middlewares := httpclient.ContextualMiddlewareFromContext(cdt.CheckHealthCtx)
-			require.Len(t, middlewares, 1)
-			require.Equal(t, httpclientprovider.SetHeadersMiddlewareName, middlewares[0].(httpclient.MiddlewareName).MiddlewareName())
-
-			reqClone := req.Clone(req.Context())
-			res, err := middlewares[0].CreateMiddleware(httpclient.Options{}, finalRoundTripper).RoundTrip(reqClone)
-			require.NoError(t, err)
-			require.NoError(t, res.Body.Close())
-			require.Len(t, reqClone.Header, 3)
-			require.Equal(t, "test", reqClone.Header.Get(otherHeader))
-			require.Equal(t, "Bearer access-token", reqClone.Header.Get(tokenHeaderName))
-			require.Equal(t, "id-token", reqClone.Header.Get(idTokenHeaderName))
 		})
 	})
 }