My GCP API Gateway connects to a cloud run application that hosts a laravel container.
The application uses laravel sanctum for authentication which basically expects authenticated routes to have an authorization header set.
When sending the requests, I send it through axios and add the authorization header but the request always fails with authentication error. After examining the request headers on the cloud run service logs, I realized by default Api Gateway sends an Authorization header for each request whether I set an authorization header or not, hence my authorization header is forwarded as X-Forwarded-Authorization.
I am not able to modify the header in my api to expect the X-Forwarded-Authorization header instead, it always expects the header with the bearer token to be the Authorization header. This has made it difficult as I can’t change the behaviour of the API to expect a different header. Is there a way I can override this default Authorization Bearer header sent by API gateway to rather send the value of the Authorization header added in the request instead of sending it as a forwarded value.
API Gateway Config:
# openapi2-run.yaml
swagger: "2.0"
info:
title: my-api
description: my custom api
version: 1.0.0
schemes:
- https
produces:
- application/json
consumes:
- application/json
x-google-backend:
address: https://some-cloud-run-url
basePath: /api
host: my-api.nw.gateway.dev
x-google-endpoints:
- name: "my-api.nw.gateway.dev"
allowCors: True
paths:
/user:
get:
summary: Requested user details.
operationId: UserDetails
responses:
"200":
description: Return Requested User Details.
schema:
type: string
"default":
description: Unexpected error