set auth header instead of token

eluhr · eluhr · commit f8410d0b2931 · 2026-03-19T15:44:58.000+01:00
diff --git a/src/HttpClient.php b/src/HttpClient.php
@@ -92,11 +92,6 @@ protected function resolveTokenProvider(): ?AccessTokenProviderInterface
         return $this->tokenProvider;
     }
 
-    protected function getAccessToken(): ?string
-    {
-        return $this->resolveTokenProvider()?->getAccessToken();
-    }
-
     protected function clientConfig(): array
     {
         return [
@@ -114,16 +109,15 @@ protected function clientConfig(): array
 
     /**
      * Merge request options with per-request auth header.
-     * Resolves the access token at request time to avoid stale tokens.
-     * Only adds Authorization header when a token is available.
+     * Only adds Authorization header when the provider returns a value.
      */
     protected function requestOptions(array $options = []): array
     {
-        $token = $this->getAccessToken();
-        if ($token !== null) {
+        $authHeader = $this->resolveTokenProvider()?->getAuthorizationHeader();
+        if ($authHeader !== null) {
             $options[RequestOptions::HEADERS] = array_merge(
                 $options[RequestOptions::HEADERS] ?? [],
-                ['Authorization' => 'Bearer ' . $token]
+                ['Authorization' => $authHeader]
             );
         }
         return $options;
diff --git a/src/auth/AccessTokenProviderInterface.php b/src/auth/AccessTokenProviderInterface.php
@@ -5,7 +5,8 @@
 interface AccessTokenProviderInterface
 {
     /**
-     * Returns the current access token, or null when no token is available (skips auth header).
+     * Returns the full Authorization header value (e.g. "Bearer xxx", "Basic xxx"),
+     * or null when no auth is available (skips Authorization header).
      */
-    public function getAccessToken(): ?string;
+    public function getAuthorizationHeader(): ?string;
 }
diff --git a/src/auth/TokenProvider.php b/src/auth/TokenProvider.php
@@ -7,15 +7,21 @@
 /**
  * Configurable token provider for static API keys, service tokens, or no auth.
  *
- * - Set $token for a static token
- * - Set neither for unauthenticated requests (null token → no Authorization header)
+ * - Set $token and optionally $scheme to control the Authorization header
+ * - Omit $token for unauthenticated requests (null → no Authorization header)
  */
 class TokenProvider extends BaseObject implements AccessTokenProviderInterface
 {
     public ?string $token = null;
 
-    public function getAccessToken(): ?string
+    public string $scheme = 'Bearer';
+
+    public function getAuthorizationHeader(): ?string
     {
-        return $this->token ?: null;
+        if (empty($this->token)) {
+            return null;
+        }
+
+        return $this->scheme . ' ' . $this->token;
     }
 }
diff --git a/tests/auth/TokenProviderTest.php b/tests/auth/TokenProviderTest.php
@@ -14,28 +14,34 @@ public function testImplementsInterface(): void
         $this->assertInstanceOf(AccessTokenProviderInterface::class, $provider);
     }
 
-    public function testReturnsStaticToken(): void
+    public function testReturnsBearerHeaderByDefault(): void
     {
         $provider = new TokenProvider(['token' => 'my-api-key']);
-        $this->assertSame('my-api-key', $provider->getAccessToken());
+        $this->assertSame('Bearer my-api-key', $provider->getAuthorizationHeader());
+    }
+
+    public function testCustomScheme(): void
+    {
+        $provider = new TokenProvider(['token' => 'my-api-key', 'scheme' => 'Basic']);
+        $this->assertSame('Basic my-api-key', $provider->getAuthorizationHeader());
     }
 
     public function testReturnsNullWhenTokenIsNull(): void
     {
         $provider = new TokenProvider();
-        $this->assertNull($provider->getAccessToken());
+        $this->assertNull($provider->getAuthorizationHeader());
     }
 
     public function testReturnsNullWhenTokenIsEmpty(): void
     {
         $provider = new TokenProvider(['token' => '']);
-        $this->assertNull($provider->getAccessToken());
+        $this->assertNull($provider->getAuthorizationHeader());
     }
 
     public function testNullAuthWhenNothingConfigured(): void
     {
         $provider = new TokenProvider();
-        $this->assertNull($provider->getAccessToken());
-        $this->assertNull($provider->getAccessToken());
+        $this->assertNull($provider->getAuthorizationHeader());
+        $this->assertNull($provider->getAuthorizationHeader());
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,8 @@`
`5`	`5`	`interface AccessTokenProviderInterface`
`6`	`6`	`{`
`7`	`7`	`/**`
`8`		`- * Returns the current access token, or null when no token is available (skips auth header).`
	`8`	`+ * Returns the full Authorization header value (e.g. "Bearer xxx", "Basic xxx"),`
	`9`	`+ * or null when no auth is available (skips Authorization header).`
`9`	`10`	`*/`
`10`		`- public function getAccessToken(): ?string;`
	`11`	`+ public function getAuthorizationHeader(): ?string;`
`11`	`12`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,15 +7,21 @@`
`7`	`7`	`/**`
`8`	`8`	`* Configurable token provider for static API keys, service tokens, or no auth.`
`9`	`9`	`*`
`10`		`- * - Set $token for a static token`
`11`		`- * - Set neither for unauthenticated requests (null token → no Authorization header)`
	`10`	`+ * - Set $token and optionally $scheme to control the Authorization header`
	`11`	`+ * - Omit $token for unauthenticated requests (null → no Authorization header)`
`12`	`12`	`*/`
`13`	`13`	`class TokenProvider extends BaseObject implements AccessTokenProviderInterface`
`14`	`14`	`{`
`15`	`15`	`public ?string $token = null;`
`16`	`16`
`17`		`- public function getAccessToken(): ?string`
	`17`	`+ public string $scheme = 'Bearer';`
	`18`	`+`
	`19`	`+ public function getAuthorizationHeader(): ?string`
`18`	`20`	`{`
`19`		`- return $this->token ?: null;`
	`21`	`+ if (empty($this->token)) {`
	`22`	`+ return null;`
	`23`	`+ }`
	`24`	`+`
	`25`	`+ return $this->scheme . ' ' . $this->token;`
`20`	`26`	`}`
`21`	`27`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14,28 +14,34 @@ public function testImplementsInterface(): void`
`14`	`14`	`$this->assertInstanceOf(AccessTokenProviderInterface::class, $provider);`
`15`	`15`	`}`
`16`	`16`
`17`		`- public function testReturnsStaticToken(): void`
	`17`	`+ public function testReturnsBearerHeaderByDefault(): void`
`18`	`18`	`{`
`19`	`19`	`$provider = new TokenProvider(['token' => 'my-api-key']);`
`20`		`- $this->assertSame('my-api-key', $provider->getAccessToken());`
	`20`	`+ $this->assertSame('Bearer my-api-key', $provider->getAuthorizationHeader());`
	`21`	`+ }`
	`22`	`+`
	`23`	`+ public function testCustomScheme(): void`
	`24`	`+ {`
	`25`	`+ $provider = new TokenProvider(['token' => 'my-api-key', 'scheme' => 'Basic']);`
	`26`	`+ $this->assertSame('Basic my-api-key', $provider->getAuthorizationHeader());`
`21`	`27`	`}`
`22`	`28`
`23`	`29`	`public function testReturnsNullWhenTokenIsNull(): void`
`24`	`30`	`{`
`25`	`31`	`$provider = new TokenProvider();`
`26`		`- $this->assertNull($provider->getAccessToken());`
	`32`	`+ $this->assertNull($provider->getAuthorizationHeader());`
`27`	`33`	`}`
`28`	`34`
`29`	`35`	`public function testReturnsNullWhenTokenIsEmpty(): void`
`30`	`36`	`{`
`31`	`37`	`$provider = new TokenProvider(['token' => '']);`
`32`		`- $this->assertNull($provider->getAccessToken());`
	`38`	`+ $this->assertNull($provider->getAuthorizationHeader());`
`33`	`39`	`}`
`34`	`40`
`35`	`41`	`public function testNullAuthWhenNothingConfigured(): void`
`36`	`42`	`{`
`37`	`43`	`$provider = new TokenProvider();`
`38`		`- $this->assertNull($provider->getAccessToken());`
`39`		`- $this->assertNull($provider->getAccessToken());`
	`44`	`+ $this->assertNull($provider->getAuthorizationHeader());`
	`45`	`+ $this->assertNull($provider->getAuthorizationHeader());`
`40`	`46`	`}`
`41`	`47`	`}`