Merge branch 'master' into bug/opid-safe-access

shockey · web-flow · commit c910317d1fed · 2017-10-17T18:10:01.000-07:00
diff --git a/src/execute/swagger2/build-request.js b/src/execute/swagger2/build-request.js
@@ -66,7 +66,7 @@ export function applySecurities({request, securities = {}, operation = {}, spec}
       const schema = securityDef[key]
       const {type} = schema
       const accessToken = token && token.access_token
-      const tokenType = token && token.token_type
+      let tokenType = token && token.token_type
 
       if (auth) {
         if (type === 'apiKey') {
@@ -84,7 +84,8 @@ export function applySecurities({request, securities = {}, operation = {}, spec}
           }
         }
         else if (type === 'oauth2' && accessToken) {
-          result.headers.authorization = `${tokenType || 'Bearer'} ${accessToken}`
+          tokenType = (!tokenType || tokenType.toLowerCase() === 'bearer') ? 'Bearer' : tokenType
+          result.headers.authorization = `${tokenType} ${accessToken}`
         }
       }
     }
diff --git a/test/index-authorizations.js b/test/index-authorizations.js
@@ -175,6 +175,47 @@ describe('(instance) #execute', function () {
     })
   })
 
+  it('should replace any occurrence of `bearer` with `Bearer`', function () {
+    const spec = {
+      securityDefinitions: {
+        testBearer: {
+          type: 'oauth2',
+        }
+      },
+      paths: {
+        '/pet': {
+          get: {
+            operationId: 'getPets',
+            security: [{testBearer: []}]
+          }
+        }
+      }
+    }
+
+    const authorizations = {
+      testBearer: {
+        token: {
+          token_type: 'BeArEr',
+          access_token: 'one two'
+        }
+      }
+    }
+
+    return Swagger({spec, authorizations}).then((client) => {
+      const http = createSpy()
+      client.execute({http, operationId: 'getPets'})
+      expect(http.calls.length).toEqual(1)
+      expect(http.calls[0].arguments[0]).toEqual({
+        credentials: 'same-origin',
+        headers: {
+          authorization: 'Bearer one two'
+        },
+        method: 'GET',
+        url: '/pet'
+      })
+    })
+  })
+
   it('should add global securites', function () {
     const spec = {
       securityDefinitions: {

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ export function applySecurities({request, securities = {}, operation = {}, spec}`
`66`	`66`	`const schema = securityDef[key]`
`67`	`67`	`const {type} = schema`
`68`	`68`	`const accessToken = token && token.access_token`
`69`		`- const tokenType = token && token.token_type`
	`69`	`+ let tokenType = token && token.token_type`
`70`	`70`
`71`	`71`	`if (auth) {`
`72`	`72`	`if (type === 'apiKey') {`
`@@ -84,7 +84,8 @@ export function applySecurities({request, securities = {}, operation = {}, spec}`
`84`	`84`	`}`
`85`	`85`	`}`
`86`	`86`	`else if (type === 'oauth2' && accessToken) {`
`87`		- result.headers.authorization = `${tokenType \|\| 'Bearer'} ${accessToken}`
	`87`	`+ tokenType = (!tokenType \|\| tokenType.toLowerCase() === 'bearer') ? 'Bearer' : tokenType`
	`88`	+ result.headers.authorization = `${tokenType} ${accessToken}`
`88`	`89`	`}`
`89`	`90`	`}`
`90`	`91`	`}`