fix: use user-id header instead of x-user-id for Link Service

- Change SessionInterceptor to use user-id header (Link Service expects this)
- Update buildCallOptions to send only user-id header
- Remove x-user-id header completely
- Update SessionInterceptor test to check for user-id header
- Fixes session_interceptor: user-id missing error

Author: batazor

boundaries/proxy/src/infrastructure/adapters/LinkServiceConnectAdapter.ts

@@ -114,13 +114,13 @@ export class LinkServiceConnectAdapter implements ILinkServiceAdapter {
       signal: AbortSignal.timeout(this.externalServicesConfig.requestTimeout),
     };
 
-    // According to ADR 42: pass user_id via x-user-id header
-    // If userId is provided, use it; otherwise interceptor will use serviceUserId or "anonymous"
-    if (userId) {
-      options.header = {
-        "x-user-id": userId === "anonymous" ? "anonymous" : userId,
-      };
-    }
+    // Link Service expects "user-id" in metadata (session_interceptor checks for it)
+    // Always set header - if userId provided, use it; otherwise pass "anonymous"
+    // SessionInterceptor will use serviceUserId as fallback if header is missing
+    const userIdValue = userId && userId !== "anonymous" ? userId : "anonymous";
+    options.header = {
+      "user-id": userIdValue,
+    };
 
     return options;
   }

boundaries/proxy/src/infrastructure/adapters/connect/interceptors/SessionInterceptor.ts

@@ -1,21 +1,19 @@
 import type { Interceptor } from "@connectrpc/connect";
 
-const X_USER_ID_HEADER = "x-user-id";
+const USER_ID_HEADER = "user-id";
 
 /**
  * Connect interceptor that ensures Link Service always receives a user-id metadata.
- * According to ADR 42: Proxy passes user_id via x-user-id header.
+ * Link Service expects "user-id" in metadata (session_interceptor checks for it).
  * Link Service uses this to check private link access via Kratos Admin API.
  *
- * This interceptor sets a default value (serviceUserId) if x-user-id is not already set
+ * This interceptor sets a default value (serviceUserId) if user-id is not already set
  * in the request headers. The actual userId from Kratos session is set via callOptions.header
  * in LinkServiceConnectAdapter.getLinkByHash().
  *
  * @param serviceUserId - stable identifier for proxy service account (fallback).
  */
-export function createSessionInterceptor(
-  serviceUserId: string
-): Interceptor {
+export function createSessionInterceptor(serviceUserId: string): Interceptor {
   if (!serviceUserId || !serviceUserId.trim()) {
     throw new Error(
       "SERVICE_USER_ID is required to call Link Service. Provide non-empty value."
@@ -25,10 +23,10 @@ export function createSessionInterceptor(
   const normalizedServiceUserId = serviceUserId.trim();
 
   return (next) => async (req) => {
-    // Set default x-user-id if not already set (from callOptions.header)
+    // Set default user-id if not already set (from callOptions.header)
     // This ensures backward compatibility and provides a fallback
-    if (!req.header.get(X_USER_ID_HEADER)) {
-      req.header.set(X_USER_ID_HEADER, normalizedServiceUserId);
+    if (!req.header.get(USER_ID_HEADER)) {
+      req.header.set(USER_ID_HEADER, normalizedServiceUserId);
     }
 
     return next(req);

boundaries/proxy/src/infrastructure/adapters/connect/interceptors/__tests__/SessionInterceptor.test.ts

@@ -2,7 +2,7 @@ import { describe, it, expect } from "vitest";
 import { createSessionInterceptor } from "../SessionInterceptor.js";
 
 describe("createSessionInterceptor", () => {
-  it("sets x-user-id header on outgoing request", async () => {
+  it("sets user-id header on outgoing request", async () => {
     const interceptor = createSessionInterceptor("proxy-user");
     const headerMap = new Map<string, string>();
     const mockHeader = {
@@ -22,7 +22,7 @@ describe("createSessionInterceptor", () => {
 
     await interceptor(next)(request);
 
-    expect(request.header.get("x-user-id")).toBe("proxy-user");
+    expect(request.header.get("user-id")).toBe("proxy-user");
   });
 
   it("throws when service user id is empty", () => {