Do not add auth headers if there is no value in the inputs

Author: Dom Harrington

packages/api-explorer-ui/__tests__/lib/configure-security.test.js

@@ -41,6 +41,16 @@ describe('configure-security', () => {
         },
       });
     });
+
+    test('should return with no header if user and password are blank', () => {
+      const values = {
+        auth: { test: { user: '', password: '' } },
+      };
+
+      expect(configureSecurity({
+        components: { securitySchemes: { test: { type: 'basic' } } },
+      }, values, { test: {} })).toEqual(false);
+    });
   });
 
   describe('type=oauth2', () => {
@@ -60,6 +70,16 @@ describe('configure-security', () => {
         },
       });
     });
+
+    test('should return with no header if apiKey is blank', () => {
+      const values = {
+        auth: { test: '' },
+      };
+
+      expect(configureSecurity({
+        components: { securitySchemes: { test: { type: 'oauth2' } } },
+      }, values, { test: {} })).toEqual(false);
+    });
   });
 
   describe('type=apiKey', () => {

packages/api-explorer-ui/src/lib/configure-security.js

@@ -13,6 +13,9 @@ module.exports = function configureSecurity(oas, values, scheme) {
   const security = oas.components.securitySchemes[key];
 
   if (security.type === 'basic') {
+    // Return with no header if user and password are blank
+    if (!(values.auth[key].user && values.auth[key].password)) return false;
+
     return harValue('headers', {
       name: 'Authorization',
       value: `Basic ${new Buffer(`${values.auth[key].user}:${values.auth[key].password}`).toString('base64')}`,
@@ -43,6 +46,8 @@ module.exports = function configureSecurity(oas, values, scheme) {
   }
 
   if (security.type === 'oauth2') {
+    if (!values.auth[key]) return false;
+
     return harValue('headers', {
       name: 'Authorization',
       value: `Bearer ${values.auth[key]}`,