RE: When trying to authorize http, the response is always "status_code":401,"status":"Unauthorized"

@ilyavialkov I removed authentication through a file, but that didn't solve the problem:

caster:
  host: yccaster-svil.sigemi.cloud
  address: 0.0.0.0:2101
  identifier: My caster
  operator: My organization
  nmea: 1
  country: EST
  latitude: 59.44
  longitude: 24.74
  fallback_host: 0.0.0.0
  fallback_port: 0
  misc: Some notes
configuration:
  auth:
  - type: http
    options:
      url: http://127.0.0.1:8888/yc-caster-api/mountpoints/ntrip_auth
      secret: super_secret
  api:
    host: yccaster-svil.sigemi.cloud
    address: 0.0.0.0:8080
    api-keys:
      - "104ebb67-a4bq-4c20-we36-99cb759d1ee9"
  events:
    - type: file
      options:
        path: /var/caster/session.log
        types:
          - caster-ready
          - caster-terminate
          - connection-accepted
          - connection-terminated
          - ntrip-request-accepted
          - ntrip-request-rejected
          - ntrip-session-started
          - ntrip-session-ended
license-key: ""

and now in the logs there is no attempt to connect the source, only this:

{"name":"caster-ready","timestamp":1689165626,"data":{"address":"[::]:2101","started_at":1689165626}}

Hello assistant, I have developed an API for authorization using an http request. YcCaster and API are running in kubernetes on the same pod but in different containers. Config file looks like this:

caster:
  host: yccaster-svil.good.cloud
  address: 0.0.0.0:2101
  identifier: My caster
  operator: My organization
  nmea: 1
  country: EST
  latitude: 59.44
  longitude: 24.74
  fallback_host: 0.0.0.0
  fallback_port: 0
  misc: Some notes
configuration:
  auth:
  - type: file
    options:
      mount-points: conf/mountpoints.yml
      clients: conf/clients.yml
  - type: http
    options:
      url: http://127.0.0.1:8888/yc-caster-api/mountpoints/ntrip_auth
      secret: super_secret
  api:
    host: yccaster-svil.good.cloud
    address: 0.0.0.0:8080
    api-keys:
      - "very_goood_key"
  events:
    - type: file
      options:
        path: /var/caster/session.log
        types:
          - caster-ready
          - caster-terminate
          - connection-accepted
          - connection-terminated
          - ntrip-request-accepted
          - ntrip-request-rejected
          - ntrip-session-started
          - ntrip-session-ended
license-key: ""

when I try to connect the antenna, in the logs I get the response:

{"name":"ntrip-request-rejected","timestamp":1689150511,"data":{"address":"130.211.2.114:51817","request":{"method":"SOURCE","password":"string","uri":"string","headers":[{"name
":"Source-Agent","value":"NTRIP RTKLIB/2.4.2"},{"name":"STR"}],"type":"server","ntrip_version":1,"connection_id":"dba2c3db-a31c-41e7-8fe1-81f2ea263847"},"response":{"-":"HTTP/1.
0","status_code":401,"status":"Unauthorized"},"connection_id":"dba2c3db-a31c-41e7-8fe1-81f2ea263847"}}

this is very strange because when I request from the same container using "curl", I get the correct response with the code "200" and in the body "description" :

root@yc-caster-885b96fcb-nd5rc:/var/caster# curl -X POST -vvv -H "Content-Type: application/json" -H "X-Api-Key: super_secret" -d '{"method":"SOURCE","password":"string","uri":"
string","http_version":"HTTP/1.0","headers":[{"name":"User-Agent","value":"NTRIP YCServer"}],"type":"server","ntrip_version":1
}' http://127.0.0.1:8888/yc-caster-api/mountpoints/ntrip_auth
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 127.0.0.1:8888...
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
> POST /yc-caster-api/mountpoints/ntrip_auth HTTP/1.1
> Host: 127.0.0.1:8888
> User-Agent: curl/7.81.0
> Accept: */*
> Content-Type: application/json
> X-Api-Key: super_secret
> Content-Length: 174
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json;charset=UTF-8
< content-length: 331
<
* Connection #0 to host 127.0.0.1 left intact
{"identifier":"string","format":"string","formatDetails":"string","carrier":"string","navSystem":"string","network":"string","country":"string","latitude":0.0,"longitude":0.0,"n
mea":"string","solution":"string","generator":"string","comprEncryp":"string","authentication":"string","fee":"string","bitrate":"string","misc":"string"}root@yc-caster-885b96fc
b-nd5rc:/var/caster#

I can't figure out why the caster is getting "Unauthorized" when the request doesn't reach the API, any ideas how to solve this or how to debug it from the caster?

@ilyavialkov Initially, I asked about authorization through a file, but now I realized that this is not my way. Authorization via http is more flexible and solves the problem when scaling casters with a single database. So I started developing the back-end. Thanks anyway!

Hi assistance, is it possible to apply modified antenna or client authorization files without restarting caster? if not, do you plan to add this feature?

@ilyavialkov i'm working on a project for a european company that makes robots that cut grass, initially we use caster BKG as a base but faced some problems with its operation and lack of necessary support. And now we are looking for an alternative, if everything suits us, we will buy a license and cooperate.

Hello @ilyavialkov, I was able to use the API locally, the address must be written in the configuration file like:

if write "localhost" or "127.0.0.1" does not work.

I will try to set up the API in GCP kubernetes, at the moment I am getting an error:

maybe Load Balancing is not configured correctly.
I'll let you know when I'm done.

Hi @ilyavialkov, thanks i downloaded the latest version of the caster 1.0.6 but still can't use the api now i am getting error

"GET http://localhost:8080/health
Error: socket hang up"

I want to add that at the same time the caster itself works, I publish the antenna data and receive them by the client.

Hi, I've run the caster locally in docker using a dockerfile to build the image:

FROM ubuntu:22.04 as builder

# Install dependencies
RUN apt-get update && apt-get install build-essential nano --assume-yes

RUN useradd caster

# Set the working directory
WORKDIR /var/caster

# Get the binary file and move it to the caster directory
ADD yccaster-amd64 /var/caster/yccaster

# Give execute permission to the binary file
RUN chmod +x /var/caster/yccaster

# Generate configuration file
RUN /var/caster/yccaster init

# Create session.log file for save events
RUN touch /var/caster/session.log

# Create session.log file for save logs
RUN touch /var/log/caster.log

# NTRIP caster
EXPOSE 2101
# api interface
EXPOSE 8080

EXPOSE 80

# Start the caster
CMD ["/var/caster/yccaster"]

when running the image, I assign port 8080 for API and 2101 for caster:

then I add an API token for authorized requests

when requesting /health that does not require authorization, I get a status 200 response with an empty body

but when I try to request /status or other requests requiring authorization with a token, I constantly get a response with status 403 Forbidden

In fact, I run the caster in the GCP cloud in the kubernetes infrastructure, but I get the same error there, after which I tried to understand what the problem is locally. Maybe you can help me, thanks in advance!