Add auth token propagation for metrics reader

[albertteoh]

Signed-off-by: albertteoh see.kwang.teoh@gmail.com

Which problem is this PR solving?

• Resolves Authorization header does not propagate to /api/metrics/* endpoints #3340

Short description of the changes

• Adds propagation of authorization token from the inbound request to the outbound request to a metrics server.
• This is achieve by wrapping the http.Transport into a tokenAuthTransport struct that implements the http.RoundTripper's RoundTrip function, which injects the Authorization bearer token header into the outbound request.
• Follows the existing pattern used by the ES reader: https://github.com/jaegertracing/jaeger/blob/master/pkg/es/config/config.go#L532

[codecov]

Codecov Report

Merging #3341 (2742a11) into master (c4a3904) will increase coverage by 0.03%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #3341      +/-   ##
==========================================
+ Coverage   96.46%   96.49%   +0.03%     
==========================================
  Files         259      260       +1     
  Lines       15178    15196      +18     
==========================================
+ Hits        14642    14664      +22     
+ Misses        452      449       -3     
+ Partials       84       83       -1     

Impacted Files	Coverage Δ
cmd/query/app/server.go	95.58% <100.00%> (ø)
pkg/bearertoken/context.go	100.00% <100.00%> (ø)
pkg/bearertoken/http.go	100.00% <100.00%> (ø)
pkg/bearertoken/transport.go	100.00% <100.00%> (ø)
plugin/metrics/prometheus/metricsstore/reader.go	100.00% <100.00%> (ø)
plugin/storage/es/options.go	100.00% <100.00%> (ø)
plugin/storage/grpc/shared/grpc_client.go	83.43% <100.00%> (ø)
cmd/collector/app/server/zipkin.go	70.73% <0.00%> (+2.43%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c4a3904...2742a11. Read the comment docs.

[th3M1ke]

🔥

[yurishkuro]

Nit: could we take this opportunity and refactor/cleanup bearer token functionality into a standalone package? We have ./cmd/query/app/token_propagation_handler.go and ./storage/spanstore/token_propagation.go, which should really be in a single package like ./pkg/bearertoken.

[albertteoh]

Addressed in d1c96ad.

[albertteoh]

Renamed bearerTokenPropagationHandler -> PropagationHandler to reduce stutter.

I considered renaming ContextWithBearerToken and GetBearerToken for similar reasons but on further thought, I felt it reduces readability. Let me know if you disagree.

[albertteoh]

Addressed in d1c96ad.

[yurishkuro]

I would split this file:

• up to this point it's context.go
• below it's http.go
• you may also want to add the http transport implementation instead of using private types in different storages

[albertteoh]

Addressed in f0774b2.

[yurishkuro]

Couldn't this string just be "blah"? Currently it looks like there's special meaning in the value

[albertteoh]

Addressed in 8e5f1b9.

[albertteoh]

Moving the common transport into the bearertoken package meant that we can't inspect the wrapped http.Transport.
The original test didn't feel quite right in the first place when it had to make type assertions.

Suggestions also welcome.

[albertteoh]

I took the functional options approach because the defaultToken wasn't mandatory and didn't feel right to force callers to pass a sentinel token value, nor make callers guess what they should be setting it to if we exported this value in the struct, especially given it's in a separate package.

Let me know if you disagree with the approach.

[yurishkuro]

We started to move away from the use of functional option pattern, it just adds unnecessary mental overhead and has poor discoverability in the docs. I feel like this type can simply be declared with public fields and instantiated directly, without a constructor function. The optionality of the fields is naturally available via struct zero values.

[albertteoh]

I wasn't sure if this is an acceptable Auth header value or if an error should be returned. This was the original behaviour so I kept it that way.

[albertteoh]

I didn't feel like it was necessary to expose the internals of the transport, hence why http.RoundTripper is returned, given that's the only use case right now.

[albertteoh]

It's not clear to me why the CIT Crossdock job is failing on:

✗ [endtoend] test_driver→ (services=go) ⇒ Fail: could not retrieve traces from query service

[yurishkuro]

I don't see Key being used outside of this package

Suggested change

	// Key is the string literal used internally in the implementation of this context.
	const Key = "bearer.token"
	const bearerToken = contextKey(Key)
	type contextKeyType string
	const contextKey = contextKeyType("bearer.token")

[yurishkuro]

We started to move away from the use of functional option pattern, it just adds unnecessary mental overhead and has poor discoverability in the docs. I feel like this type can simply be declared with public fields and instantiated directly, without a constructor function. The optionality of the fields is naturally available via struct zero values.

[yurishkuro]

Do we want to check for token != "" before setting the header?

[albertteoh]

Yeah, I considered it but was technically a breaking change; I don't know enough about Auth headers to determine if this is a bug or correct behaviour, though sounds like it's a bug given your suggestion.

[albertteoh]

Yeah, I considered it but was technically a breaking change; I don't know enough about Auth headers to determine if this is a bug or correct behaviour, though sounds like it's a bug given your suggestion.

[albertteoh]

Key is used outside of this package here.

[yurishkuro]

Strictly speaking, I think it would've been better if grpc plugin just defined its own public constant instead of relying on this one, since they are completely independent.

$ grx BearerTokenKey .
./plugin/storage/grpc/shared/grpc_client.go:76:		md.Set(spanstore.BearerTokenKey, bearerToken)
./plugin/storage/grpc/shared/grpc_client_test.go:115:	bearerTokenFromMetadata := md.Get(spanstore.BearerTokenKey)
./plugin/storage/grpc/README.md:191:		values := md.Get(spanstore.BearerTokenKey)

If we remove that external dependency, then this key can be made private, and doesn't need to be a string, just this:

type contextKeyType int
const contextKey = iota

[albertteoh]

Addressed in 696cb5f.

[yurishkuro]

Strictly speaking, I think it would've been better if grpc plugin just defined its own public constant instead of relying on this one, since they are completely independent.

$ grx BearerTokenKey .
./plugin/storage/grpc/shared/grpc_client.go:76:		md.Set(spanstore.BearerTokenKey, bearerToken)
./plugin/storage/grpc/shared/grpc_client_test.go:115:	bearerTokenFromMetadata := md.Get(spanstore.BearerTokenKey)
./plugin/storage/grpc/README.md:191:		values := md.Get(spanstore.BearerTokenKey)

If we remove that external dependency, then this key can be made private, and doesn't need to be a string, just this:

type contextKeyType int
const contextKey = iota

[albertteoh]

Thanks for the review!