issue-1182: Token propagation throws java.lang.UnsupportedOperationException when adding the token to the request header parameters (quarkiverse#1184) (quarkiverse#1189)

* issue-1182: Token propagation throws java.lang.UnsupportedOperationException when adding the token to the request header parameters

* Review comments 1

* Review comments 2

(cherry picked from commit c6e504a)

Author: wmedvede

client/oidc/src/main/java/io/quarkiverse/openapi/generator/oidc/providers/OAuth2AuthenticationProvider.java

@@ -6,7 +6,6 @@
 import java.util.List;
 
 import jakarta.ws.rs.client.ClientRequestContext;
-import jakarta.ws.rs.core.HttpHeaders;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -46,10 +45,14 @@ public void filter(ClientRequestContext requestContext) throws IOException {
                     .build());
         }
 
-        if (bearerToken != null && !bearerToken.isBlank()) {
-            requestContext.getHeaders().remove(HttpHeaders.AUTHORIZATION);
-            requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION,
+        if (!isEmptyOrBlank(bearerToken)) {
+            addAuthorizationHeader(requestContext.getHeaders(),
                     AuthUtils.authTokenOrBearer("Bearer", AbstractAuthProvider.sanitizeBearerToken(bearerToken)));
+        } else {
+            LOGGER.debug("No bearer token was found for the oauth2 security scheme: {}." +
+                    " You must verify that a Quarkus OIDC Client with the name: {} is properly configured," +
+                    " or the request header: {} is set when the token propagation is enabled.",
+                    getName(), getName(), getHeaderForPropagation(getOpenApiSpecId(), getName()));
         }
     }
 

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/AbstractAuthProvider.java

@@ -4,9 +4,11 @@
 import static io.quarkiverse.openapi.generator.providers.AbstractAuthenticationPropagationHeadersFactory.propagationHeaderName;
 
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
 
+import io.vertx.codegen.doc.Token;
 import jakarta.ws.rs.core.HttpHeaders;
 import jakarta.ws.rs.core.MultivaluedMap;
 
@@ -64,17 +66,21 @@ public boolean isTokenPropagation() {
     }
 
     public static String getTokenForPropagation(MultivaluedMap<String, Object> httpHeaders, String openApiSpecId,
-                                                String authName) {
-        String headerName = getHeaderName(openApiSpecId, authName) != null ? getHeaderName(openApiSpecId, authName)
-                : HttpHeaders.AUTHORIZATION;
+            String authName) {
+        String headerName = getHeaderForPropagation(openApiSpecId, authName);
         String propagatedHeaderName = propagationHeaderName(openApiSpecId, authName, headerName);
-        return Objects.toString(httpHeaders.getFirst(propagatedHeaderName));
+        return Objects.toString(httpHeaders.getFirst(propagatedHeaderName), null);
     }
 
     public String getTokenForPropagation(MultivaluedMap<String, Object> httpHeaders) {
         return getTokenForPropagation(httpHeaders, getOpenApiSpecId(), getName());
     }
 
+    public static String getHeaderForPropagation(String openApiSpecId, String authName) {
+        return getHeaderName(openApiSpecId, authName) != null ? getHeaderName(openApiSpecId, authName)
+                : HttpHeaders.AUTHORIZATION;
+    }
+
     public String getHeaderName() {
         return ConfigProvider.getConfig()
                 .getOptionalValue(getCanonicalAuthConfigPropertyName(AuthConfig.HEADER_NAME), String.class).orElse(null);
@@ -110,4 +116,13 @@ public static boolean isTokenPropagation(String openApiSpecId, String authName)
     public CredentialsProvider getCredentialsProvider() {
         return credentialsProvider;
     }
+
+
+    protected void addAuthorizationHeader(MultivaluedMap<String, Object> headers, String value) {
+        headers.put(HttpHeaders.AUTHORIZATION, Collections.singletonList(value));
+    }
+
+    protected static boolean isEmptyOrBlank(String value) {
+        return value == null || value.isBlank();
+    }
 }

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/BasicAuthenticationProvider.java

@@ -57,7 +57,7 @@ public void filter(ClientRequestContext requestContext) throws IOException {
                     " You must verify that the properties: {} and {} are properly configured, or the request header: {} is set when the token propagation is enabled.",
                     getName(), getCanonicalAuthConfigPropertyName(USER_NAME, getOpenApiSpecId(), getName()),
                     getCanonicalAuthConfigPropertyName(PASSWORD, getOpenApiSpecId(), getName()),
-                    getHeaderForPropagation());
+                    getHeaderForPropagation(getOpenApiSpecId(), getName()));
         }
     }
 }

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/BearerAuthenticationProvider.java

@@ -10,18 +10,13 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 /**
  * Provides bearer token authentication or any other valid scheme.
  *
  * @see <a href="https://swagger.io/docs/specification/authentication/bearer-authentication/">Bearer Authentication</a>
  */
 public class BearerAuthenticationProvider extends AbstractAuthProvider {
 
-    private static final Logger LOGGER = LoggerFactory.getLogger(BearerAuthenticationProvider.class);
-
     private final String scheme;
     private static final Logger LOGGER = LoggerFactory.getLogger(BearerAuthenticationProvider.class);
 
@@ -46,7 +41,7 @@ public void filter(ClientRequestContext requestContext) throws IOException {
             LOGGER.debug("No bearer token was found for the security scheme: {}." +
                     " You must verify that the property: {} is properly configured, or the request header: {} is set when the token propagation is enabled.",
                     getName(), getCanonicalAuthConfigPropertyName(BEARER_TOKEN, getOpenApiSpecId(), getName()),
-                    getHeaderForPropagation());
+                    getHeaderForPropagation(getOpenApiSpecId(), getName()));
         }
         LOGGER.debug("Header keys set in filtered requestContext: {}", requestContext.getHeaders().keySet());
     }