https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> Can I configure an oathkeeper mutat...
# ory-copilot
a
@chilly-king-10285 Can I configure an oathkeeper mutator to add the session id of the current user session as a request header?
c
A message from kapa.ai
Yes, you can configure an Ory Oathkeeper mutator to add the session id of the current user session as a request header. This can be achieved using the 
header
mutator. The 
header
mutator allows you to pass the credentials to the upstream application via the headers. Here is an example of how you can configure the 
header
mutator to add a session id as a request header:
Copy code
yaml # Global configuration file oathkeeper.yml   mutators:    header:    # Set enabled to true if the authenticator should be enabled and false to disable the authenticator. Defaults to false.    enabled: true    config:    headers:    X-Session-ID: "{{ print .Extra.session_id }}"
In this example, 
X-Session-ID
is the name of the header, and 
{{ print .Extra.session_id }}
is the value of the header. The value is a string which will be parsed by the Go 
text/template
package for value substitution, receiving the 
AuthenticationSession
struct. Please note that the session id must be available in the 
extra
field of the 
AuthenticationSession
struct. If it's not, you might need to use the 
hydrator
mutator to fetch additional data from external APIs before the 
header
mutator. For more details, please check the [Ory Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline/mutator#header).
a
@chilly-king-10285 Where in the AuthenticationSession struct can the session id be found?
c
A message from kapa.ai
The 
AuthenticationSession
struct does not directly contain a field for the session id. Here is the structure as per the provided knowledge source:
Copy code
go type AuthenticationSession struct {    Subject string    Extra map[string]interface{}    Header http.Header    MatchContext MatchContext   }      type MatchContext struct {    RegexpCaptureGroups []string    URL *url.URL    Method string    Header http.Header   }
As you can see, the 
AuthenticationSession
struct contains 
Subject
, 
Extra
, 
Header
, and 
MatchContext
fields. The 
Extra
field is a map that can contain additional data. If the session id is available, it would likely be stored in this 
Extra
field. However, the session id is not automatically included in the 
AuthenticationSession
struct. You might need to use a custom authenticator or the 
hydrator
mutator to fetch the session id and add it to the 
Extra
field. For more details, please check the [Ory Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline#session).
a
@chilly-king-10285.Extra.id contains the session id
c
A message from kapa.ai
If the session id is stored in the 
.Extra.id
field of the 
AuthenticationSession
struct, you can configure the 
header
mutator to add this session id as a request header. Here's how you can do it:
Copy code
yaml # Global configuration file oathkeeper.yml   mutators:    header:    # Set enabled to true if the authenticator should be enabled and false to disable the authenticator. Defaults to false.    enabled: true    config:    headers:    X-Session-ID: "{{ print .Extra.id }}"
In this configuration, 
X-Session-ID
is the name of the header, and 
{{ print .Extra.id }}
is the value of the header. The value is a string which will be parsed by the Go 
text/template
package for value substitution, receiving the 
AuthenticationSession
struct. For more details, please check the [Ory Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline/mutator#header).
10 Views
Open in Slack
PreviousNext
Powered by