nkemnitz opened a new issue, #783:
URL: https://github.com/apache/arrow-rs-object-store/issues/783
**Describe the bug**
`ClientOptions::client()` applies user `default_headers`
(`src/client/mod.rs:843`) and
also sets `.no_gzip()...` (`mod.rs:929`). The GCP token providers reuse that
same client
(`src/gcp/builder.rs:606-608`). So a data-plane `Accept-Encoding: gzip`
header leaks onto
the OAuth token POST (`src/gcp/credential.rs:613-637`,
`accounts.google.com/o/oauth2/token`);
Google returns gzip, `no_gzip` skips decoding, and `.json()` fails →
`Error::TokenResponseBody`.
The client tells the server "send gzip" while telling reqwest "don't decode
gzip".
**To Reproduce**
```rust
let mut h = http::HeaderMap::new();
h.insert("accept-encoding", "gzip".parse().unwrap());
let store = GoogleCloudStorageBuilder::from_env()
.with_bucket_name("my-bucket")
.with_client_options(ClientOptions::new().with_default_headers(h))
.build()?;
store.get(&"x".into()).await?; // authorized_user ADC: token fetch fails
before the GET
```
Error: `Generic { store: "GCS", source: TokenResponseBody(... "expected
value at line 1 column 1") }`.
(`Accept-Encoding: gzip` is legitimate: it makes GCS serve
`Content-Encoding: gzip` objects as raw gzip.)
**Expected behavior**
Setting `default_headers` for the data plane should not break authentication.
**Additional context**
-
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]