API-Key: Drop Basic Auth when using API Key

Author: picandocodigo

elasticsearch-transport/lib/elasticsearch/transport/client.rb

@@ -100,7 +100,17 @@ def initialize(arguments={}, &block)
         @arguments[:http]               ||= {}
         @options[:http]                 ||= {}
 
-        @seeds = __extract_hosts(@arguments[:hosts] ||
+        if (@api_key = @arguments[:api_key])
+          @api_key = __encode(@api_key) if @api_key.is_a? Hash
+          @arguments[:transport_options].merge!(
+            headers: { 'Authorization' => "ApiKey #{@api_key}" }
+          )
+          @arguments.delete(:user)
+          @arguments.delete(:password)
+        end
+
+
+        @seeds ||= __extract_hosts(@arguments[:hosts] ||
                                      @arguments[:host] ||
                                      @arguments[:url] ||
                                      @arguments[:urls] ||
@@ -109,13 +119,6 @@ def initialize(arguments={}, &block)
 
         @send_get_body_as = @arguments[:send_get_body_as] || 'GET'
 
-        if (api_key = @arguments[:api_key])
-          api_key = __encode(api_key) if api_key.is_a? Hash
-          @arguments[:transport_options].merge!(
-            headers: { 'Authorization' => "ApiKey #{api_key}" }
-          )
-        end
-
         if @arguments[:request_timeout]
           @arguments[:transport_options][:request] = { :timeout => @arguments[:request_timeout] }
         end
@@ -209,8 +212,14 @@ def __parse_host(host)
                        raise ArgumentError, "Please pass host as a String, URI or Hash -- #{host.class} given."
                      end
 
-        @options[:http][:user] ||= host_parts[:user]
-        @options[:http][:password] ||= host_parts[:password]
+        if @api_key
+          # Remove Basic Auth if using API KEY
+          host_parts.delete(:user)
+          host_parts.delete(:password)
+        else
+          @options[:http][:user] ||= host_parts[:user]
+          @options[:http][:password] ||= host_parts[:password]
+        end
 
         host_parts[:port] = host_parts[:port].to_i if host_parts[:port]
         host_parts[:path].chomp!('/') if host_parts[:path]

elasticsearch-transport/spec/elasticsearch/transport/client_spec.rb

@@ -49,28 +49,47 @@
     let(:client) do
       described_class.new(api_key: 'an_api_key')
     end
+    let(:authorization_header) do
+      client.transport.connections.first.connection.headers['Authorization']
+    end
 
     it 'Adds the ApiKey header to the connection' do
-      expect(client.transport.connections.first.connection.headers['Authorization']).to eq('ApiKey an_api_key')
+      expect(authorization_header).to eq('ApiKey an_api_key')
     end
   end
 
   context 'when an un-encoded api_key is provided' do
     let(:client) do
-      described_class.new(api_key: {id: 'my_id', api_key: 'my_api_key'})
+      described_class.new(api_key: { id: 'my_id', api_key: 'my_api_key' })
+    end
+    let(:authorization_header) do
+      client.transport.connections.first.connection.headers['Authorization']
     end
 
     it 'Adds the ApiKey header to the connection' do
-      expect(
-        client.transport.connections.first.connection.headers['Authorization']
-      ).to eq("ApiKey #{Base64.strict_encode64('my_id:my_api_key')}")
+      expect(authorization_header).to eq("ApiKey #{Base64.strict_encode64('my_id:my_api_key')}")
     end
   end
 
-  describe 'adapter' do
+  context 'when basic auth and api_key are provided' do
+    let(:client) do
+      described_class.new(
+        api_key: { id: 'my_id', api_key: 'my_api_key' },
+        host: 'http://elastic:password@localhost:9200'
+      )
+    end
+    let(:authorization_header) do
+      client.transport.connections.first.connection.headers['Authorization']
+    end
 
-    context 'when no adapter is specified' do
+    it 'removes basic auth credentials' do
+      expect(authorization_header).not_to match(/^Basic/)
+      expect(authorization_header).to match(/^ApiKey/)
+    end
+  end
 
+  describe 'adapter' do
+    context 'when no adapter is specified' do
       let(:adapter) do
         client.transport.connections.all.first.connection.builder.handlers
       end