Hi,
we are making a request to an external service with basic auth in the url e.g. like https://fooUser:fooPwd@url
with apm agent not started this works very fine. with apm agent started we are getting an unauth from the external service and apm is logging this external request (in Metadata) the request is logged as https://url
Also managed to pass the credentatials via headers, is this the expected behaviour or an bug?
Best Martin
@Klauck That definitely sounds like a bug. The APM agent shouldn't be changing the behaviour of your code. My guess is that is comes down to the particular way your code is using the HTTP library you are using. Are you able to provide some details?
Thanks Mick,
I created a quick test and the problem occurs there as well
If commenting 2. line of server.js, authentication is made successfully
Cheers
Martin
Node version v16.13.2
APM Sever: docker.elastic.co/apm/apm-server:7.13.1
package.json
{
"scripts": {
"start": "node server.js"
},
"dependencies": {
"elastic-apm-node": "^3.41.1",
"express": "4.18.2",
"got": "11.8.1"
}
}
server.js:
const apm = require("elastic-apm-node");
apm.start({ serviceName: 'test' });
const express = require('express')
const got = require("got");
const app = express()
app.get('/', (req, res) => {
const apiUrl = 'https://authenticationtest.com/HTTPAuth/'
const call = got.extend({
username: 'user',
password: 'pass',
prefixUrl: apiUrl,
retry: { methods: ["GET"], },
});
call.get().then(data => {
// user/password was provided, but maybe wrong (if you change line 10)
res.send(data.body.includes('Login Failure') ? 'NOK' : 'OK')
}).catch(error => {
// user/password was not even provided
res.send(error.message)
})
})
app.listen(3000, () => { console.log(`App listening on port 3000`) })
@Klauck Thanks very much for the reproduction case!
After finding the bug in the APM agent causing this, I found an issue that I'd already opened a long while back for this: instrumentation of `http{s}.request()` has a few edge case issues · Issue #2044 · elastic/apm-agent-nodejs · GitHub
I've created a PR to fix this: fix: instrumentation of `http|https.request|get` has a few edge cases by trentm · Pull Request #3090 · elastic/apm-agent-nodejs · GitHub
I will get that in early next week and get a release out with the fix.
Well happy I could contribute a bit.
Many thanks, Mick
elastic-apm-node@3.42.0 is released with a fix for this now. Thanks, again.
This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.