Description
I have a situation where I setup a channel with channel credentials initially, then, at some later point. I need to make call with different credentials. I've tried this a couple of ways now but it ends up concatenating the authorization headers.
Here's what I'm doing to setup a channel:
var callCredentials = CallCredentials.FromInterceptor(async (context, metadata) =>
{
var idToken = await GetIDTokenAsync();
metadata.Add("Authorization", "Bearer " + idToken);
});
var channelCredentials = ChannelCredentials.SecureSsl;
if (callCredentials != null)
{
channelCredentials = ChannelCredentials.Create(channelCredentials, callCredentials);
}
var channel = GrpcChannel.ForAddress(address, new() { Credentials = channelCredentials });Somewhere else in the code:
var callOptions = new CallOptions(cancellationToken: cancellationToken);
// Different `token`...
if (token.HasValue())
{
callOptions = callOptions.WithCredentials(CallCredentials.FromInterceptor((context, metadata) =>
{
metadata.Add("Authorization", "Bearer " + token);
return Task.FromResult(0);
}));
}
// `client` is using same `channel` from before...
using var dl = client.OpenDownload(callOptions);Here's what ends up being sent to the server, note the two tokens
Authorization: Bearer ey..J9.ey..J9.nT..lQ
Authorization: Bearer ey..J9.ey..n0.OU..cA
Inside these CallCredentials.FromInterceptor callbacks I cannot see any metadata or context. So there's no way for me to detect that I have multiple credentials attached here. Is this really expected behavior? At the very least I would have through that call credentials would be able to override channel credentials but this doesn't appear to be the case?
Do I need to pass around multiple channels? One with and one without channel credentials?