From a7733762799b7df2e83a3dca8141ab9eba0244f8 Mon Sep 17 00:00:00 2001
From: MS <ms@taler.net>
Date: Tue, 25 May 2021 10:28:37 +0200
Subject: include Authorization header

---
 bin/taler-deployment-config-instances | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/bin/taler-deployment-config-instances b/bin/taler-deployment-config-instances
index cff8316..c7dec85 100755
--- a/bin/taler-deployment-config-instances
+++ b/bin/taler-deployment-config-instances
@@ -25,11 +25,12 @@ MERCHANT_BACKEND_BASE_URL = expect_env("TALER_ENV_MERCHANT_BACKEND")
 TALER_ENV_NAME = expect_env("TALER_ENV_NAME")
 TALER_CONFIG_CURRENCY = expect_env("TALER_CONFIG_CURRENCY")
 TALER_ENV_FRONTENDS_APITOKEN = expect_env("TALER_ENV_FRONTENDS_APITOKEN")
-
+authotization_header = {"Authorization": f"Bearer {TALER_ENV_FRONTENDS_APITOKEN}"}
 def ensure_instance(instance_id, name, payto_uris, auth):
     # FIXME: Use auth once the default instance also uses token auth
     instance_response = requests.get(
-        urljoin(MERCHANT_BACKEND_BASE_URL, f"private/instances/${instance_id}")
+        urljoin(MERCHANT_BACKEND_BASE_URL, f"private/instances/${instance_id}"),
+        headers = authorization_header
     )
     if instance_response.status_code == 200:
         return
@@ -47,15 +48,20 @@ def ensure_instance(instance_id, name, payto_uris, auth):
         # FIXME: Eventually, this should be an actual secret token
         auth=auth,
     )
+    # Here authenticats as 'default' (with same credentials of other instances.)
     create_resp = requests.post(
-        urljoin(MERCHANT_BACKEND_BASE_URL, "private/instances"), json=req
+        urljoin(MERCHANT_BACKEND_BASE_URL, "private/instances"),
+        json=req,
+        headers = authorization_header
     )
     if create_resp.status_code < 200 or create_resp.status_code >= 300:
         print(f"Instance '{instance_id}' could not be (re)created, backend says: {create_resp.text}.  Updating its auth now")
         if instance_id != "Tutorial":
             patch_resp = requests.post(
                 urljoin(MERCHANT_BACKEND_BASE_URL,
-                f"instances/{instance_id}/private/auth"), json=auth
+                f"instances/{instance_id}/private/auth"),
+                json=auth,
+                headers = authorization_header
             )
             if patch_resp.status_code < 200 or patch_resp.status_code >= 300:
                 print(f"Failed to update auth of '{instance_id}'")
-- 
cgit v1.2.3