EOEPCA ingress does not like `application/json` header included with STAC Manager requests

[j08lue]

We recently added an Authorization header to submit with requests to STAC API that require auth.

• Adds authentication token to collection requests #51

This was for the EOEPCA project, where we have an ingress configuration w/ OpenID Connect and KeyCloak that checks for this Authorization header (defined here).

However, turns out that ingress does not like the application/json header that STAC Manager adds, courtesy of its dependency STAC React (https://github.com/developmentseed/stac-react/blob/main/src/stac-api/index.ts#L105-L123).

Demonstration of the issue with the STAC API

This fails:

fetch('https://eoapi.apx.develop.eoepca.org/stac', {headers: {'Content-Type': 'application/json'}}).then(r => r.json()).then(console.log)

This works:

fetch('https://eoapi.apx.develop.eoepca.org/stac', {headers: {}}).then(r => r.json()).then(console.log)

What to do?

I don't know whether the behaviour of the EOEPCA endpoint is non-standard, or the header from STAC React. 🤷

I tend to think that the EOEPCA ingress configuration is pretty standard, using community tools such as OpenID Connect, KeyCloak, and APISIX. But there might be kinky things going on I am not aware of.

What should we do about this?