SCANJLIB-224 Use Bearer scheme when a token is provided

henryju · henryju · commit ef45725e287a · 2024-05-31T08:36:55.000+02:00
diff --git a/lib/src/main/java/org/sonarsource/scanner/lib/internal/http/ServerConnection.java b/lib/src/main/java/org/sonarsource/scanner/lib/internal/http/ServerConnection.java
@@ -49,19 +49,21 @@ public class ServerConnection {
   private String restApiBaseUrl;
   private String userAgent;
   @Nullable
-  private String credentials;
+  private String token;
+  @Nullable
+  private String login;
+  @Nullable
+  private String password;
   private OkHttpClient httpClient;
 
   public void init(Map<String, String> bootstrapProperties, Path sonarUserHome) {
     webApiBaseUrl = removeTrailingSlash(bootstrapProperties.get(ScannerProperties.HOST_URL));
     restApiBaseUrl = removeTrailingSlash(bootstrapProperties.get(ScannerProperties.API_BASE_URL));
     userAgent = format("%s/%s", bootstrapProperties.get(InternalProperties.SCANNER_APP),
       bootstrapProperties.get(InternalProperties.SCANNER_APP_VERSION));
-    String token = bootstrapProperties.get(ScannerProperties.SONAR_TOKEN);
-    String login = bootstrapProperties.getOrDefault(ScannerProperties.SONAR_LOGIN, token);
-    if (login != null) {
-      credentials = Credentials.basic(login, bootstrapProperties.getOrDefault(ScannerProperties.SONAR_PASSWORD, ""));
-    }
+    this.token = bootstrapProperties.get(ScannerProperties.SONAR_TOKEN);
+    this.login = bootstrapProperties.get(ScannerProperties.SONAR_LOGIN);
+    this.password = bootstrapProperties.get(ScannerProperties.SONAR_PASSWORD);
     httpClient = OkHttpClientFactory.create(bootstrapProperties, sonarUserHome);
   }
 
@@ -158,8 +160,12 @@ private ResponseBody callUrl(String url, boolean authentication, @Nullable Strin
       .get()
       .url(url)
       .addHeader("User-Agent", userAgent);
-    if (authentication && credentials != null) {
-      requestBuilder.header("Authorization", credentials);
+    if (authentication) {
+      if (token != null) {
+        requestBuilder.header("Authorization",  "Bearer " + token);
+      } else if (login != null) {
+        requestBuilder.header("Authorization", Credentials.basic(login, password != null ? password : ""));
+      }
     }
     if (acceptHeader != null) {
       requestBuilder.header("Accept", acceptHeader);
diff --git a/lib/src/test/java/org/sonarsource/scanner/lib/internal/http/ServerConnectionTest.java b/lib/src/test/java/org/sonarsource/scanner/lib/internal/http/ServerConnectionTest.java
@@ -136,7 +136,7 @@ void should_authenticate_with_token() throws Exception {
     assertThat(content).isEqualTo(HELLO_WORLD);
 
     sonarqube.verify(getRequestedFor(anyUrl())
-      .withHeader("Authorization", equalTo("Basic " + Base64.getEncoder().encodeToString("some_token:".getBytes(StandardCharsets.UTF_8)))));
+      .withHeader("Authorization", equalTo("Bearer some_token")));
   }
 
   @Test

Original file line number	Diff line number	Diff line change
`@@ -136,7 +136,7 @@ void should_authenticate_with_token() throws Exception {`
`136`	`136`	`assertThat(content).isEqualTo(HELLO_WORLD);`
`137`	`137`
`138`	`138`	`sonarqube.verify(getRequestedFor(anyUrl())`
`139`		`- .withHeader("Authorization", equalTo("Basic " + Base64.getEncoder().encodeToString("some_token:".getBytes(StandardCharsets.UTF_8)))));`
	`139`	`+ .withHeader("Authorization", equalTo("Bearer some_token")));`
`140`	`140`	`}`
`141`	`141`
`142`	`142`	`@Test`