Forward headers for Amazon SNS (#3326)

# What this PR does Forward headers for Amazon SNS when forwarding requests for moved organizations. Previous [PR](#3315) missed this since the test did not check mocked make_request for headers. ## Which issue(s) this PR fixes ## Checklist - [x] Unit, integration, and e2e (if applicable) tests updated - [x] Documentation added (or `pr:no public docs` PR label added if not required) - [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not required)
grafana · Nov 11, 2023 · 6fa4df0 · 6fa4df0
1 parent 6ca7c44
commit 6fa4df0
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -15,6 +15,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Split Integrations table into Connections and Direct Paging tabs ([#3290](https://github.com/grafana/oncall/pull/3290))
 
+### Fixed
+
+- Forward headers for Amazon SNS when organizations are moved @mderynck ([#3326](https://github.com/grafana/oncall/pull/3326))
+
 ## v1.3.57 (2023-11-10)
 
 ### Fixed

diff --git a/engine/apps/user_management/middlewares.py b/engine/apps/user_management/middlewares.py
@@ -32,6 +32,11 @@ def process_exception(self, request, exception):
             if (v := request.META.get("HTTP_AUTHORIZATION", None)) is not None:
                 headers["Authorization"] = v
 
+            if "amazon_sns" in request.path:
+                for k, v in request.META.items():
+                    if k.startswith("x-amz-sns-"):
+                        headers[k] = v
+
             response = self.make_request(request.method, url, headers, request.body)
             return HttpResponse(response.content, status=response.status_code)
 

diff --git a/engine/apps/user_management/tests/test_region.py b/engine/apps/user_management/tests/test_region.py
@@ -238,3 +238,36 @@ def test_user_schedule_export_token_raises_exception_organization_moved(
         assert False
     except OrganizationMovedException as e:
         assert e.organization == organization
+
+
+@patch("apps.user_management.middlewares.OrganizationMovedMiddleware.make_request")
+@pytest.mark.django_db
+def test_organization_moved_middleware_amazon_sns_headers(
+    mocked_make_request, make_organization_and_region, make_alert_receive_channel
+):
+    organization, region = make_organization_and_region()
+    organization.save()
+
+    alert_receive_channel = make_alert_receive_channel(
+        organization=organization,
+        integration="amazon_sns",
+    )
+
+    expected_sns_headers = {
+        "x-amz-sns-subscription-arn": "arn:aws:sns:xxxxxxxxxx:467989492352:oncall-test:3aab6edb-0c5e-4fa9-b876-64409d1f6c63",
+        "x-amz-sns-topic-arn": "arn:aws:sns:xxxxxxxxxx:467989492352:oncall-test",
+        "x-amz-sns-message-id": "473efe1d-8ea4-5252-8124-a3d5ff7408c5",
+        "x-amz-sns-message-type": "Notification",
+    }
+    expected_message = bytes(f"Redirected to {region.oncall_backend_url}", "utf-8")
+    mocked_make_request.return_value = HttpResponse(expected_message, status=status.HTTP_200_OK)
+
+    client = APIClient()
+    url = reverse("integrations:amazon_sns", kwargs={"alert_channel_key": alert_receive_channel.token})
+
+    data = {"value": "test"}
+    response = client.post(url, data, format="json", **expected_sns_headers)
+    assert mocked_make_request.called
+    assert expected_sns_headers.items() <= mocked_make_request.call_args.args[2].items()
+    assert response.content == expected_message
+    assert response.status_code == status.HTTP_200_OK