Bugsnag plugin does not make authenticated API calls

[fhp]

Expected Behavior

Since version 0.5.0 of the proxy backend (changelog), it by default only accepts authenticated calls. Which is a good thing, and I would expect the bugsnag plugin to make authenticated calls, so everything is nice and secure.

Current Behavior

Currently, the bugsnag plugin does not send authenticated calls.

Steps to Reproduce

Update the @backstage/plugin-proxy-backend plugin to version 0.5.0 or higher.

Possible Solution

I think that in this file, the fetch() function has to be replaced by this.fetchApi.fetch(), and that solves the issue. I'd make a PR, but probably will mess up the dependency injection.

As a workaround (for others finding this bug), this also works (in the app-config.yaml):

proxy:
  '/bugsnag/api':
    target: 'https://api.bugsnag.com'
    headers:
      Authorization: 'token ${INTEGRATION_BUGSNAG_API_KEY}'
      X-version: '2'
    credentials: dangerously-allow-unauthenticated

The credentials: dangerously-allow-unauthenticated line removes the authentication check again.

Context

This makes upgrading packages (or to the new backend system, I'm not entirely sure) harder than it needs to be.

Your Environment

• @roadiehq/backstage-plugin-bugsnag version: 2.2.10
• @backstage/plugin-proxy-backend version: 0.5.5

[iain-b]

@fhp If you've got time to open a PR that would be much appreciated! otherwise thanks for reporting. We're in the process of upgrading to the new system but we've got a lot of ground to cover.