Headers

To try it out today, email us at [email protected]

Working with Headers

It's often a requirement to pass the secret value as an alias inside a header or generate a new header as a requirement of a payment gateway. The example on this page shows how to manage that properly. Alternatively, the alias can also be hardcoded in the Larky code directly. This case considers two scenarios together.

Larky code sample

The code sample below demonstrates how to:

  • Read from / write into the header

  • Add/delete the header

  • Reveal of secret value

  • Manage the case if the header is absent

load('@stdlib/json', 'json')
load("@vgs//vault", "vault")

def process(input, ctx):
    headers = input.headers

    # careful reading
    alias = 'tok_sandbox_vvLyaGWnxm5msxd8Zh3QS1' # hardcoded value
    if 'secret' in headers:
        # removing old header
        alias = headers.pop('secret')

    # reveal of the key
    key = vault.reveal(alias)

    # adding new header
    input.headers['Authorization'] = 'Bearer ' + key

    return input

Testing

Request to send:

curl {VAULT_URL}/post \
  -H 'Content-Type: application/json' \
  -H 'Secret: tok_sandbox_vvLyaGWnxm5msxd8Zh3QS1' \
  -d '{ }'

Response example:

"headers": {
    "Accept": "*/*",
    "Authorization": "Bearer FNfcatCkg5yqh5mPBEwuxbbVFNfcatCkg5yqh5mPBEwuxbbV",
    "B3": "00082402568a56f59a3f94f2d26a42f2-0d80d440d9aef470-1",
    "Connection": "close",
    "Content-Length": "3",
    "Content-Type": "application/json",
    "Host": "echo.apps.verygood.systems",
    "User-Agent": "curl/7.77.0",
    "Vgs-Request-Id": "00082402568a56f59a3f94f2d26a42f2",
    "Vgs-Tenant": "{VAULT_ID}",
    "X-Amzn-Trace-Id": "Root=1-6238ba7c-15b8bce65d777a053529f0f0",
    "X-B3-Sampled": "1",
    "X-B3-Spanid": "2c388296d74386cb",
    "X-B3-Traceid": "dbe5bffd53fb6537b2e4c49bc3c31c81",
    "X-Forwarded-Host": "{VAULT_ID}.sandbox.verygoodproxy.com"
  }

Useful links

PreviousRedact/revealNextTimestamp

Last updated