Authorization header not making it through Apollo Server

[uzair-inamdar-dlpx]

My mesh server is working fine with the default Yoga server integration, but when I add a custom Apollo Server handler, the authorization header is sent to my OpenAPI server as an empty string. I realized the HTTP headers in the context coming from an Apollo Server are actually part of context.req object and come wrapped as a [Symbol(map)] object. So when I added my server choice from the default Yoga to Apollo Server, I changed:

openapi:
      baseUrl: https://localhost/v2/
      source: ....
      operationHeaders:
            Authorization: '{context.headers.authorization}'

to

openapi:
      baseUrl: https://localhost/v2/
      source: ....
      operationHeaders:
            Authorization: '{context.req.headers.get("authorization")}'

The debug logs show the outgoing request to be:

Mesh - DCT GraphQL API - http Call GET https://localhost/v2/management/engines??limit=100
headers: {"authorization":"","accept":"application/json"}
request body: undefined

Note that I am also using a useLogger plugin, and that is how I'm able to confirm the shape of the context and authorization token in context.req.headers.get('authorization').

[uzair-inamdar-dlpx]

I was able to fix it by storing the header info in custom context value as authorization like this:

const apolloServer = new ApolloServer({
    schema,
    executor: async requestContext => {
      const { schema, execute, contextFactory } = getEnveloped({ req: requestContext.request.http })
      const context = await contextFactory();
      context.authorization = context.req.headers.get('authorization');
      return execute({
        schema: schema,
        document: requestContext.document,
        contextValue: context,
        variableValues: requestContext.request.variables,
        operationName: requestContext.operationName
      })
    }

and then in the .meshrc.yml file:

operationHeaders:
        Authorization: "{context.authorization}"