From 4787622450902751d0fc508b6bc1771dd42d2248 Mon Sep 17 00:00:00 2001 From: Ionut Balutoiu Date: Tue, 18 Jul 2023 16:42:32 +0300 Subject: [PATCH 1/2] Fix `Content-Type` not being set on `invalidAuthResponse` When `w.WriteHeader(...)` is called, the HTTP headers are written in the HTTP response. Therefore, calling `w.Header().Add(...)` after `w.WriteHeader(...)` will not have any effect. Signed-off-by: Ionut Balutoiu --- auth/jwt.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth/jwt.go b/auth/jwt.go index 14dd857d..f5470bba 100644 --- a/auth/jwt.go +++ b/auth/jwt.go @@ -74,8 +74,8 @@ func (amw *jwtMiddleware) claimsToContext(ctx context.Context, claims *JWTClaims } func invalidAuthResponse(w http.ResponseWriter) { - w.WriteHeader(http.StatusUnauthorized) w.Header().Add("Content-Type", "application/json") + w.WriteHeader(http.StatusUnauthorized) if err := json.NewEncoder(w).Encode( apiParams.APIErrorResponse{ Error: "Authentication failed", From 572094700dbb539ee2f31b775336b282a8c688ef Mon Sep 17 00:00:00 2001 From: Ionut Balutoiu Date: Tue, 18 Jul 2023 16:54:52 +0300 Subject: [PATCH 2/2] Fix calling /api/v1/first-run without ending `/` The endpoint endpoint `/api/v1/first-run` only works when we have ending `/`. This commit fixes this. Signed-off-by: Ionut Balutoiu --- apiserver/routers/routers.go | 1 + 1 file changed, 1 insertion(+) diff --git a/apiserver/routers/routers.go b/apiserver/routers/routers.go index 3b8a6900..77ff0cd4 100644 --- a/apiserver/routers/routers.go +++ b/apiserver/routers/routers.go @@ -98,6 +98,7 @@ func NewAPIRouter(han *controllers.APIController, logWriter io.Writer, authMiddl // FirstRunHandler firstRunRouter := apiSubRouter.PathPrefix("/first-run").Subrouter() firstRunRouter.Handle("/", http.HandlerFunc(han.FirstRunHandler)).Methods("POST", "OPTIONS") + firstRunRouter.Handle("", http.HandlerFunc(han.FirstRunHandler)).Methods("POST", "OPTIONS") // Instance URLs callbackRouter := apiSubRouter.PathPrefix("/callbacks").Subrouter()