How to Pass Authorization Bearer Token in Websocket API

9/30/2019

I'm trying to exec kubernetes pod using the Websocket, as per the kubernetes document it can be achieved through passing the Bearer THETOKEN

When using bearer token authentication from an http client, the API server expects an Authorization header with a value of Bearer THETOKEN

Here is the sample for wscat passing Header Value --header "Authorization: Bearer $TOKEN" to establish exec to pod and the connection went successfully

/ # wscat  --header "Authorization: Bearer $TOKEN"  -c "wss://api.0cloud0.com/api/v1/namespaces/ba410a7474380169a5ae230d8e784535/pods/txaclqhshg
-6f69577c74-jxbwn/exec?stdin=1&stdout=1&stderr=1&tty=1&command=sh"

But when it comes to Websocket API connection from web browser

How to pass this Beaer Token in the web Socket as per the doc there is no standard way to pass custom header

Tried URI Query Parameter access_token= Bearer TOKEN in the API query it doesn't work and the Authentication denied with 403

wss://api.0cloud0.com/api/v1/namespaces/ba410a7474380169a5ae230d8e784535/pods/txaclqhshg-%206f69577c74-jxbwn/exec?stdout=1&stdin=1&stderr=1&tty=1&command=%2Fbin%2Fsh&command=-i&access_token=$TOKEN
-- anish
kubernetes
websocket
xterm

0 Answers