Don't send request if bearer token is empty. (#1236)

If during authorization error happened, token will be empty. We don't
propagate error, but at least request should not be sent in this case.

Relates-To: OLPEDGE-2607
Signed-off-by: Kostiantyn Zvieriev <[email protected]>

Author: kzvieriev

olp-cpp-sdk-core/src/client/OlpClient.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2019-2020 HERE Europe B.V.
+ * Copyright (C) 2019-2021 HERE Europe B.V.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -359,7 +359,7 @@ class OlpClient::OlpClientImpl {
       const ParametersType& query_params, const ParametersType& header_params,
       const RequestBodyType& post_body, const std::string& content_type) const;
 
-  void AddBearer(bool query_empty, http::NetworkRequest& request) const;
+  bool AddBearer(bool query_empty, http::NetworkRequest& request) const;
 
  private:
   using MutexType = std::shared_mutex;
@@ -398,25 +398,31 @@ void OlpClient::OlpClientImpl::SetSettings(const OlpClientSettings& settings) {
   settings_ = settings;
 }
 
-void OlpClient::OlpClientImpl::AddBearer(bool query_empty,
+bool OlpClient::OlpClientImpl::AddBearer(bool query_empty,
                                          http::NetworkRequest& request) const {
   const auto& settings = settings_.authentication_settings;
   if (!settings) {
-    return;
+    return true;
   }
 
   if (settings->api_key_provider) {
     const auto& api_key = settings->api_key_provider();
     request.WithUrl(request.GetUrl() + (query_empty ? "?" : "&") +
                     kApiKeyParam + api_key);
-    return;
+    return true;
   }
 
   if (settings->provider) {
-    std::string bearer =
-        http::kBearer + std::string(" ") + settings->provider();
+    const auto token = settings->provider();
+    if (token.empty()) {
+      return false;
+    }
+
+    const std::string bearer = http::kBearer + std::string(" ") + token;
     request.WithHeader(http::kAuthorizationHeader, bearer);
   }
+
+  return true;
 }
 
 std::shared_ptr<http::NetworkRequest> OlpClient::OlpClientImpl::CreateRequest(
@@ -475,7 +481,11 @@ CancellationToken OlpClient::OlpClientImpl::CallApi(
   auto network_request = CreateRequest(path, method, query_params,
                                        header_params, post_body, content_type);
 
-  AddBearer(query_params.empty(), *network_request);
+  if (!AddBearer(query_params.empty(), *network_request)) {
+    callback({static_cast<int>(http::ErrorCode::AUTHORIZATION_ERROR),
+              "Invalid bearer token."});
+    return CancellationToken();
+  }
 
   PendingUrlRequestPtr request_ptr = nullptr;
   auto& pending_requests = pending_requests_;
@@ -588,7 +598,10 @@ HttpResponse OlpClient::OlpClientImpl::CallApi(
   auto backdown_period =
       std::chrono::milliseconds(retry_settings.initial_backdown_period);
 
-  AddBearer(query_params.empty(), network_request);
+  if (!AddBearer(query_params.empty(), network_request)) {
+    return {static_cast<int>(http::ErrorCode::AUTHORIZATION_ERROR),
+            "Invalid bearer token."};
+  }
 
   auto response =
       SendRequest(network_request, settings_, retry_settings, context);

olp-cpp-sdk-core/tests/client/OlpClientTest.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2019-2020 HERE Europe B.V.
+ * Copyright (C) 2019-2021 HERE Europe B.V.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -1638,6 +1638,25 @@ TEST_P(OlpClientTest, ApiKey) {
   testing::Mock::VerifyAndClearExpectations(network.get());
 }
 
+TEST_P(OlpClientTest, EmptyBearerToken) {
+  // Make token provider generate empty strings. We expect no network requests
+  // made in this case.
+  auto authentication_settings = olp::client::AuthenticationSettings();
+  authentication_settings.provider = []() { return std::string(""); };
+  auto network = network_;
+  client_settings_.authentication_settings = authentication_settings;
+  client_.SetSettings(client_settings_);
+
+  EXPECT_CALL(*network, Send(_, _, _, _, _)).Times(0);
+
+  auto response =
+      call_wrapper_->CallApi("here.com", "GET", {}, {}, {}, nullptr, {});
+  EXPECT_EQ(response.GetStatus(),
+            static_cast<int>(http::ErrorCode::AUTHORIZATION_ERROR));
+
+  testing::Mock::VerifyAndClearExpectations(network.get());
+}
+
 INSTANTIATE_TEST_SUITE_P(, OlpClientTest,
                          ::testing::Values(CallApiType::ASYNC,
                                            CallApiType::SYNC));

tests/functional/olp-cpp-sdk-dataservice-read/VersionedLayerClientGetDataTest.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2020 HERE Europe B.V.
+ * Copyright (C) 2020-2021 HERE Europe B.V.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -71,6 +71,7 @@ TEST_F(VersionedLayerClientGetDataTest, GetDataFromPartitionAsync) {
   auto partition = std::to_string(0);
   const auto data = mockserver::ReadDefaultResponses::GenerateData();
   {
+    mock_server_client_->MockAuth();
     mock_server_client_->MockLookupResourceApiResponse(
         mockserver::ApiDefaultResponses::GenerateResourceApisResponse(
             kTestHrn));