fix: auth scheme override with empty value #954 (#956)

Author: jeevatkm

client.go

@@ -450,6 +450,8 @@ func (c *Client) R() *Request {
 		PathParams:    map[string]string{},
 		RawPathParams: map[string]string{},
 		Debug:         c.Debug,
+		AuthScheme:    c.AuthScheme,
+		Token:         c.Token,
 
 		client:              c,
 		multipartFiles:      []*File{},
@@ -1464,6 +1466,7 @@ func createClient(hc *http.Client) *Client {
 		XMLMarshal:             xml.Marshal,
 		XMLUnmarshal:           xml.Unmarshal,
 		HeaderAuthorizationKey: http.CanonicalHeaderKey("Authorization"),
+		AuthScheme:             "Bearer",
 
 		jsonEscapeHTML:      true,
 		httpClient:          hc,

middleware.go

@@ -298,21 +298,9 @@ func addCredentials(c *Client, r *Request) error {
 		}
 	}
 
-	// Set the Authorization Header Scheme
-	var authScheme string
-	if !IsStringEmpty(r.AuthScheme) {
-		authScheme = r.AuthScheme
-	} else if !IsStringEmpty(c.AuthScheme) {
-		authScheme = c.AuthScheme
-	} else {
-		authScheme = "Bearer"
-	}
-
-	// Build the Token Auth header
-	if !IsStringEmpty(r.Token) { // takes precedence
-		r.RawRequest.Header.Set(c.HeaderAuthorizationKey, authScheme+" "+r.Token)
-	} else if !IsStringEmpty(c.Token) {
-		r.RawRequest.Header.Set(c.HeaderAuthorizationKey, authScheme+" "+c.Token)
+	// Build the token Auth header
+	if !IsStringEmpty(r.Token) {
+		r.RawRequest.Header.Set(c.HeaderAuthorizationKey, strings.TrimSpace(r.AuthScheme+" "+r.Token))
 	}
 
 	return nil

request_test.go

@@ -681,13 +681,31 @@ func TestRequestAuthScheme(t *testing.T) {
 		SetAuthScheme("OAuth").
 		SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF")
 
-	resp, err := c.R().
-		SetAuthScheme("Bearer").
-		SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request").
-		Get(ts.URL + "/profile")
+	t.Run("override auth scheme", func(t *testing.T) {
+		resp, err := c.R().
+			SetAuthScheme("Bearer").
+			SetAuthToken("004DDB79-6801-4587-B976-F093E6AC44FF-Request").
+			Get(ts.URL + "/profile")
+
+		assertError(t, err)
+		assertEqual(t, http.StatusOK, resp.StatusCode())
+	})
+
+	t.Run("empty auth scheme GH954", func(t *testing.T) {
+		tokenValue := "004DDB79-6801-4587-B976-F093E6AC44FF"
+
+		// set client level
+		c.SetAuthScheme("").
+			SetAuthToken(tokenValue)
+
+		resp, err := c.R().
+			Get(ts.URL + "/profile")
+
+		assertError(t, err)
+		assertEqual(t, http.StatusOK, resp.StatusCode())
+		assertEqual(t, tokenValue, resp.Request.Header.Get(hdrAuthorizationKey))
+	})
 
-	assertError(t, err)
-	assertEqual(t, http.StatusOK, resp.StatusCode())
 }
 
 func TestRequestDigestAuth(t *testing.T) {

resty_test.go

@@ -501,19 +501,19 @@ func createAuthServerTLSOptional(t *testing.T, useTLS bool) *httptest.Server {
 			if r.URL.Path == "/profile" {
 				// 004DDB79-6801-4587-B976-F093E6AC44FF
 				auth := r.Header.Get("Authorization")
-				t.Logf("Bearer Auth: %v", auth)
+				t.Logf("Auth Header: %v", auth)
 
 				w.Header().Set(hdrContentTypeKey, "application/json; charset=utf-8")
 
-				if !strings.HasPrefix(auth, "Bearer ") {
+				if strings.HasPrefix(auth, "Basic ") {
 					w.Header().Set("Www-Authenticate", "Protected Realm")
 					w.WriteHeader(http.StatusUnauthorized)
 					_, _ = w.Write([]byte(`{ "id": "unauthorized", "message": "Invalid credentials" }`))
 
 					return
 				}
 
-				if auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF" || auth[7:] == "004DDB79-6801-4587-B976-F093E6AC44FF-Request" {
+				if strings.Contains(auth, "004DDB79-6801-4587-B976-F093E6AC44FF") {
 					_, _ = w.Write([]byte(`{ "id": "success", "message": "login successful" }`))
 				}
 			}