From 03b70172e04c62a76440d2e889ac76ffa49567ba Mon Sep 17 00:00:00 2001
From: murgatroid99 <mlumish@google.com>
Date: Mon, 24 Feb 2020 10:39:48 -0800
Subject: [PATCH] grpc-js: Detect and error on multiple auth headers

---
 packages/grpc-js/src/call-credentials-filter.ts | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/packages/grpc-js/src/call-credentials-filter.ts b/packages/grpc-js/src/call-credentials-filter.ts
index a58f10ee..f3fe2f4d 100644
--- a/packages/grpc-js/src/call-credentials-filter.ts
+++ b/packages/grpc-js/src/call-credentials-filter.ts
@@ -20,6 +20,7 @@ import { Call } from './call-stream';
 import { Channel } from './channel';
 import { BaseFilter, Filter, FilterFactory } from './filter';
 import { Metadata } from './metadata';
+import { Status } from './constants';
 
 export class CallCredentialsFilter extends BaseFilter implements Filter {
   private serviceUrl: string;
@@ -50,6 +51,12 @@ export class CallCredentialsFilter extends BaseFilter implements Filter {
     });
     const resultMetadata = await metadata;
     resultMetadata.merge(await credsMetadata);
+    if (resultMetadata.get('authorization').length > 1) {
+      this.stream.cancelWithStatus(
+        Status.INTERNAL,
+        '"authorization" metadata cannot have multiple values'
+      );
+    }
     return resultMetadata;
   }
 }