From 4eae6333618abba51d2f968347ec8f2f7cb74d89 Mon Sep 17 00:00:00 2001 From: "Jeevanandam M." Date: Fri, 17 Jan 2025 19:54:14 -0800 Subject: [PATCH] fix: auth scheme override with empty value #954 (#956) --- client.go | 3 +++ middleware.go | 18 +++--------------- request_test.go | 30 ++++++++++++++++++++++++------ resty_test.go | 6 +++--- 4 files changed, 33 insertions(+), 24 deletions(-) diff --git a/client.go b/client.go index 7ab33ae8..9307ddd4 100644 --- a/client.go +++ b/client.go @@ -450,6 +450,8 @@ func (c *Client) R() *Request { PathParams: map[string]string{}, RawPathParams: map[string]string{}, Debug: c.Debug, + AuthScheme: c.AuthScheme, + Token: c.Token, client: c, multipartFiles: []*File{}, @@ -1464,6 +1466,7 @@ func createClient(hc *http.Client) *Client { XMLMarshal: xml.Marshal, XMLUnmarshal: xml.Unmarshal, HeaderAuthorizationKey: http.CanonicalHeaderKey("Authorization"), + AuthScheme: "Bearer", jsonEscapeHTML: true, httpClient: hc, diff --git a/middleware.go b/middleware.go index 91eed9b2..8aac3791 100644 --- a/middleware.go +++ b/middleware.go @@ -298,21 +298,9 @@ func addCredentials(c *Client, r *Request) error { } } - // Set the Authorization Header Scheme - var authScheme string - if !IsStringEmpty(r.AuthScheme) { - authScheme = r.AuthScheme - } else if !IsStringEmpty(c.AuthScheme) { - authScheme = c.AuthScheme - } else { - authScheme = "Bearer" - } - - // Build the Token Auth header - if !IsStringEmpty(r.Token) { // takes precedence - r.RawRequest.Header.Set(c.HeaderAuthorizationKey, authScheme+" "+r.Token) - } else if !IsStringEmpty(c.Token) { - r.RawRequest.Header.Set(c.HeaderAuthorizationKey, authScheme+" "+c.Token) + // Build the token Auth header + if !IsStringEmpty(r.Token) { + r.RawRequest.Header.Set(c.HeaderAuthorizationKey, strings.TrimSpace(r.AuthScheme+" "+r.Token)) } return nil diff --git a/request_test.go b/request_test.go index 6bdf198d..d7eafbe4 100644 --- a/request_test.go +++ b/request_test.go @@ -681,13 +681,31 @@ func TestRequestAuthScheme(t *testing.T) { SetAuthScheme("OAuth"). SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF") - resp, err := c.R(). - SetAuthScheme("Bearer"). - SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request"). - Get(ts.URL + "/profile") + t.Run("override auth scheme", func(t *testing.T) { + resp, err := c.R(). + SetAuthScheme("Bearer"). + SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request"). + Get(ts.URL + "/profile") + + assertError(t, err) + assertEqual(t, http.StatusOK, resp.StatusCode()) + }) + + t.Run("empty auth scheme GH954", func(t *testing.T) { + tokenValue := "004DDB79-6801-4587-B976-F093E6AC44FF" + + // set client level + c.SetAuthScheme(""). + SetAuthToken(tokenValue) + + resp, err := c.R(). + Get(ts.URL + "/profile") + + assertError(t, err) + assertEqual(t, http.StatusOK, resp.StatusCode()) + assertEqual(t, tokenValue, resp.Request.Header.Get(hdrAuthorizationKey)) + }) - assertError(t, err) - assertEqual(t, http.StatusOK, resp.StatusCode()) } func TestRequestDigestAuth(t *testing.T) { diff --git a/resty_test.go b/resty_test.go index a148b0a0..7637c4bb 100644 --- a/resty_test.go +++ b/resty_test.go @@ -501,11 +501,11 @@ func createAuthServerTLSOptional(t *testing.T, useTLS bool) *httptest.Server { if r.URL.Path == "/profile" { // 004DDB79-6801-4587-B976-F093E6AC44FF auth := r.Header.Get("Authorization") - t.Logf("Bearer Auth: %v", auth) + t.Logf("Auth Header: %v", auth) w.Header().Set(hdrContentTypeKey, "application/json; charset=utf-8") - if !strings.HasPrefix(auth, "Bearer ") { + if strings.HasPrefix(auth, "Basic ") { w.Header().Set("Www-Authenticate", "Protected Realm") w.WriteHeader(http.StatusUnauthorized) _, _ = w.Write([]byte(`{ "id": "unauthorized", "message": "Invalid credentials" }`)) @@ -513,7 +513,7 @@ func createAuthServerTLSOptional(t *testing.T, useTLS bool) *httptest.Server { return } - if auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF" || auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF-Request" { + if strings.Contains(auth, "004DDB79-6801-4587-B976-F093E6AC44FF") { _, _ = w.Write([]byte(`{ "id": "success", "message": "login successful" }`)) } }