From b214161b38642da75a38a100548d3809731746ff Mon Sep 17 00:00:00 2001
From: Takumi Sue <23391543+mikutas@users.noreply.github.com>
Date: Tue, 27 Sep 2022 23:56:01 +0900
Subject: [PATCH] fix: add authorization from cookie to metadata (#9663)

Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com>

Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com>
---
 server/apiserver/argoserver.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/server/apiserver/argoserver.go b/server/apiserver/argoserver.go
index 2abeaed13f0c..4d79ac50a6ae 100644
--- a/server/apiserver/argoserver.go
+++ b/server/apiserver/argoserver.go
@@ -380,8 +380,13 @@ func (as *argoServer) newHTTPServer(ctx context.Context, port int, artifactServe
 	mux.Handle("/oauth2/callback", handlers.ProxyHeaders(http.HandlerFunc(as.oAuth2Service.HandleCallback)))
 	mux.HandleFunc("/metrics", func(w http.ResponseWriter, r *http.Request) {
 		if os.Getenv("ARGO_SERVER_METRICS_AUTH") != "false" {
-			header := metadata.New(map[string]string{"authorization": r.Header.Get("Authorization")})
-			ctx := metadata.NewIncomingContext(context.Background(), header)
+			md := metadata.New(map[string]string{"authorization": r.Header.Get("Authorization")})
+			for _, c := range r.Cookies() {
+				if c.Name == "authorization" {
+					md.Append("cookie", c.Value)
+				}
+			}
+			ctx := metadata.NewIncomingContext(context.Background(), md)
 			if _, err := as.gatekeeper.Context(ctx); err != nil {
 				log.WithError(err).Error("failed to authenticate /metrics endpoint")
 				w.WriteHeader(403)