fix(client): allow updating header/query affecting fields in toBuilder()

stainless-app[bot] · stainless-app[bot] · commit f2b664a8fe0a · 2026-03-18T09:05:17.000Z
diff --git a/brand-dev-java-core/src/main/kotlin/com/branddev/api/core/ClientOptions.kt b/brand-dev-java-core/src/main/kotlin/com/branddev/api/core/ClientOptions.kt
@@ -403,13 +403,14 @@ private constructor(
             headers.put("X-Stainless-Runtime", "JRE")
             headers.put("X-Stainless-Runtime-Version", getJavaVersion())
             headers.put("X-Stainless-Kotlin-Version", KotlinVersion.CURRENT.toString())
+            // We replace after all the default headers to allow end-users to overwrite them.
+            headers.replaceAll(this.headers.build())
+            queryParams.replaceAll(this.queryParams.build())
             apiKey.let {
                 if (!it.isEmpty()) {
-                    headers.put("Authorization", "Bearer $it")
+                    headers.replace("Authorization", "Bearer $it")
                 }
             }
-            headers.replaceAll(this.headers.build())
-            queryParams.replaceAll(this.queryParams.build())
 
             return ClientOptions(
                 httpClient,
diff --git a/brand-dev-java-core/src/test/kotlin/com/branddev/api/core/ClientOptionsTest.kt b/brand-dev-java-core/src/test/kotlin/com/branddev/api/core/ClientOptionsTest.kt
@@ -16,6 +16,29 @@ internal class ClientOptionsTest {
 
     private val httpClient = mock<HttpClient>()
 
+    @Test
+    fun putHeader_canOverwriteDefaultHeader() {
+        val clientOptions =
+            ClientOptions.builder()
+                .httpClient(httpClient)
+                .putHeader("User-Agent", "My User Agent")
+                .apiKey("My API Key")
+                .build()
+
+        assertThat(clientOptions.headers.values("User-Agent")).containsExactly("My User Agent")
+    }
+
+    @Test
+    fun toBuilder_bearerAuthCanBeUpdated() {
+        var clientOptions =
+            ClientOptions.builder().httpClient(httpClient).apiKey("My API Key").build()
+
+        clientOptions = clientOptions.toBuilder().apiKey("another My API Key").build()
+
+        assertThat(clientOptions.headers.values("Authorization"))
+            .containsExactly("Bearer another My API Key")
+    }
+
     @Test
     fun toBuilder_whenOriginalClientOptionsGarbageCollected_doesNotCloseOriginalClient() {
         var clientOptions =
