Skip to content
This repository was archived by the owner on Nov 28, 2022. It is now read-only.

Commit 02debab

Browse files
author
Dom Harrington
committed
Do not add auth headers if there is no value in the inputs
1 parent 6c5b88d commit 02debab

File tree

2 files changed

+25
-0
lines changed

2 files changed

+25
-0
lines changed

packages/api-explorer-ui/__tests__/lib/configure-security.test.js

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,16 @@ describe('configure-security', () => {
4141
},
4242
});
4343
});
44+
45+
test('should return with no header if user and password are blank', () => {
46+
const values = {
47+
auth: { test: { user: '', password: '' } },
48+
};
49+
50+
expect(configureSecurity({
51+
components: { securitySchemes: { test: { type: 'basic' } } },
52+
}, values, { test: {} })).toEqual(false);
53+
});
4454
});
4555

4656
describe('type=oauth2', () => {
@@ -60,6 +70,16 @@ describe('configure-security', () => {
6070
},
6171
});
6272
});
73+
74+
test('should return with no header if apiKey is blank', () => {
75+
const values = {
76+
auth: { test: '' },
77+
};
78+
79+
expect(configureSecurity({
80+
components: { securitySchemes: { test: { type: 'oauth2' } } },
81+
}, values, { test: {} })).toEqual(false);
82+
});
6383
});
6484

6585
describe('type=apiKey', () => {

packages/api-explorer-ui/src/lib/configure-security.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@ module.exports = function configureSecurity(oas, values, scheme) {
1313
const security = oas.components.securitySchemes[key];
1414

1515
if (security.type === 'basic') {
16+
// Return with no header if user and password are blank
17+
if (!(values.auth[key].user && values.auth[key].password)) return false;
18+
1619
return harValue('headers', {
1720
name: 'Authorization',
1821
value: `Basic ${new Buffer(`${values.auth[key].user}:${values.auth[key].password}`).toString('base64')}`,
@@ -43,6 +46,8 @@ module.exports = function configureSecurity(oas, values, scheme) {
4346
}
4447

4548
if (security.type === 'oauth2') {
49+
if (!values.auth[key]) return false;
50+
4651
return harValue('headers', {
4752
name: 'Authorization',
4853
value: `Bearer ${values.auth[key]}`,

0 commit comments

Comments
 (0)