"bearertokenauth" extension Always return "401 Unauthorized" via HTTP connection #24656
Description
Component(s)
extension/bearertokenauth
What happened?
Description
When set bearertokenauth
it always returns "401 Unauthorized" via HTTP(S) Connection.
HOSTNAME=localhost.with-token.http SERVER_INFO=http://127.0.0.1:55681 go run .
2023/07/28 18:16:48 Waiting for connection...
2023/07/28 18:16:48 Doing really hard work (1 / 10)
2023/07/28 18:16:49 Doing really hard work (2 / 10)
2023/07/28 18:16:50 Doing really hard work (3 / 10)
2023/07/28 18:16:51 Doing really hard work (4 / 10)
2023/07/28 18:16:52 Doing really hard work (5 / 10)
2023/07/28 18:16:53 Doing really hard work (6 / 10)
2023/07/28 18:16:53 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 Unauthorized
2023/07/28 18:16:54 Doing really hard work (7 / 10)
2023/07/28 18:16:55 Doing really hard work (8 / 10)
2023/07/28 18:16:56 Doing really hard work (9 / 10)
2023/07/28 18:16:57 Doing really hard work (10 / 10)
2023/07/28 18:16:58 Done!
2023/07/28 18:16:58 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 Unauthorized
2023/07/28 18:16:58 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 Unauthorized
but it works via gRPC Connection
HOSTNAME=localhost.with-token.grpc SERVER_INFO=grpc://127.0.0.1:55680 go run .
2023/07/28 18:14:55 Waiting for connection...
2023/07/28 18:14:55 Doing really hard work (1 / 10)
2023/07/28 18:14:56 Doing really hard work (2 / 10)
2023/07/28 18:14:57 Doing really hard work (3 / 10)
2023/07/28 18:14:58 Doing really hard work (4 / 10)
2023/07/28 18:14:59 Doing really hard work (5 / 10)
2023/07/28 18:15:00 Doing really hard work (6 / 10)
2023/07/28 18:15:01 Doing really hard work (7 / 10)
2023/07/28 18:15:02 Doing really hard work (8 / 10)
2023/07/28 18:15:03 Doing really hard work (9 / 10)
2023/07/28 18:15:04 Doing really hard work (10 / 10)
2023/07/28 18:15:05 Done!
Steps to Reproduce
OTel-Collector-Contrib Config
My Go file
// 创建 OTEL 的 GRPC 连接器
func grpcExpoter(ctx context.Context, SERVER_ADDR string) (*otlptrace.Exporter, error) {
addr := strings.TrimLeft(SERVER_ADDR, "grpc://")
conn, err := grpc.DialContext(ctx, addr,
// Note the use of insecure transport here. TLS is recommended in production.
grpc.WithTransportCredentials(insecure.NewCredentials()),
grpc.WithBlock(),
// grpc.WithTimeout(5*time.Second),
)
if err != nil {
return nil, fmt.Errorf("failed to create gRPC connection to collector: %w", err)
}
// Set up a trace exporter
traceExporter, err := otlptracegrpc.New(
ctx,
otlptracegrpc.WithGRPCConn(conn),
otlptracegrpc.WithHeaders(
map[string]string{
"authorization": `Bearer vyAQ21d5NCfUIXe`,
"Authorization": `Bearer vyAQ21d5NCfUIXe`,
},
),
)
if err != nil {
return nil, fmt.Errorf("failed to create trace exporter: %w", err)
}
return traceExporter, nil
}
func httpExporter(ctx context.Context, SERVER_ADDR string) (*otlptrace.Exporter, error) {
SERVER_ADDR = strings.TrimPrefix(SERVER_ADDR, "https://")
SERVER_ADDR = strings.TrimPrefix(SERVER_ADDR, "http://")
opts := []otlptracehttp.Option{
otlptracehttp.WithTimeout(5 * time.Second),
otlptracehttp.WithEndpoint(SERVER_ADDR),
otlptracehttp.WithInsecure(),
otlptracehttp.WithHeaders(
map[string]string{
"authorization": `Bearer vyAQ21d5NCfUIXe`,
"Authorization": `Bearer vyAQ21d5NCfUIXe`,
},
),
}
trace, err := otlptracehttp.New(ctx, opts...)
return trace, err
}Expected Result
Success
Actual Result
401 Unauthorized
Collector version
v0.81.0
Environment information
Environment
OS: (e.g., "Ubuntu 20.04")
Compiler(if manually compiled): (e.g., "go 14.2")
OpenTelemetry Collector configuration
extensions:
basicauth/server:
htpasswd:
# file: .htpasswd
inline: |
auth_user:auth_pass_123
bearertokenauth/withscheme:
scheme: Bearer
token: vyAQ21d5NCfUIXe
receivers:
otlp:
protocols:
grpc:
endpoint: "0.0.0.0:55680"
auth:
# authenticator: basicauth/server
authenticator: bearertokenauth/withscheme
http:
endpoint: "0.0.0.0:55681"
auth:
# authenticator: basicauth/server
authenticator: bearertokenauth/withscheme
exporters:
logging/detail:
loglevel: debug
alibabacloud_logservice/traces:
endpoint: "cn-beijing.log.aliyuncs.com"
project: "my-sls-project"
logstore: "my-sls-logstore-traces"
access_key_id: "xxxxxx"
access_key_secret: "yyyyyy"
alibabacloud_logservice/metrics:
endpoint: "cn-beijing.log.aliyuncs.com"
project: "my-sls-project"
logstore: "my-sls-logstore-metrics"
access_key_id: "xxxxxx"
access_key_secret: "yyyyyy"
alibabacloud_logservice/logs:
endpoint: "cn-beijing.log.aliyuncs.com"
project: "my-sls-project"
logstore: "my-sls-logstore-logs"
access_key_id: "xxxxxx"
access_key_secret: "yyyyyy"
service:
telemetry:
logs:
level: "debug"
extensions: [basicauth/server, bearertokenauth/withscheme]
pipelines:
traces:
receivers: [otlp] #接收端配置为otlp。
exporters: [alibabacloud_logservice/traces] #发送端配置为alibabacloud_logservice/traces。
# for debug
# exporters: [logging/detail,alibabacloud_logservice/traces]
metrics:
receivers: [otlp]
exporters: [alibabacloud_logservice/metrics]
logs:
receivers: [otlp]
exporters: [alibabacloud_logservice/logs]Log output
HOSTNAME=localhost.with-token.http SERVER_INFO=http://127.0.0.1:55681 go run .
2023/07/28 18:16:48 Waiting for connection...
2023/07/28 18:16:48 Doing really hard work (1 / 10)
2023/07/28 18:16:49 Doing really hard work (2 / 10)
2023/07/28 18:16:50 Doing really hard work (3 / 10)
2023/07/28 18:16:51 Doing really hard work (4 / 10)
2023/07/28 18:16:52 Doing really hard work (5 / 10)
2023/07/28 18:16:53 Doing really hard work (6 / 10)
2023/07/28 18:16:53 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 Unauthorized
2023/07/28 18:16:54 Doing really hard work (7 / 10)
2023/07/28 18:16:55 Doing really hard work (8 / 10)
2023/07/28 18:16:56 Doing really hard work (9 / 10)
2023/07/28 18:16:57 Doing really hard work (10 / 10)
2023/07/28 18:16:58 Done!
2023/07/28 18:16:58 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 Unauthorized
2023/07/28 18:16:58 traces export: failed to send to http://127.0.0.1:55681/v1/traces: 401 UnauthorizedAdditional context
No response