rgw: Remove invalid Content-Type header RGW OIDC discovery requests

RGW sends OIDC discovery and JWKS requests with an incorrect application/x-www-form-urlencoded Content-Type header, causing 415 (Unsupported Media Type) responses from some identity providers including AWS EKS. This PR removes this header for the GET requests as it was a hold-over from a previous change where the endpoint was previously an HTTP POST https://github.com/ceph/ceph/commit/7566664f89be062e0c9f3519dc60b94c8af5e2a4 and was carried through to the current implementation https://github.com/ceph/ceph/commit/803570cd4f7ffbb3d7a329b0b9450748b3ca335d

Fixes: https://tracker.ceph.com/issues/73877
Signed-off-by: Jonathan Suever <suever@gmail.com>

diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc
index e2d16d56988b0b7ef022a76171e48c00ee84e5de..5a211302cbfddeb67ffe2b5295bc27e10a61f88b 100644 (file)
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -313,9 +313,6 @@ WebTokenEngine::get_cert_url(const string& iss, const DoutPrefixProvider *dpp, o
 
   RGWHTTPTransceiver openidc_req(cct, "GET", openidc_wellknown_url, &openidc_resp);
 
-  //Headers
-  openidc_req.append_header("Content-Type", "application/x-www-form-urlencoded");
-
   int res = openidc_req.process(dpp, y);
   if (res < 0) {
     ldpp_dout(dpp, 10) << "HTTP request res: " << res << dendl;
@@ -620,8 +617,6 @@ WebTokenEngine::validate_signature(const DoutPrefixProvider* dpp, const jwt::dec
     // Get certificate
     bufferlist cert_resp;
     RGWHTTPTransceiver cert_req(cct, "GET", cert_url, &cert_resp);
-    //Headers
-    cert_req.append_header("Content-Type", "application/x-www-form-urlencoded");
 
     int res = cert_req.process(dpp, y);
     if (res < 0) {