From 510b3d5c4975a345960d0ed95c59bade047d81d5 Mon Sep 17 00:00:00 2001 From: Stefan Teneff Date: Tue, 15 Jul 2025 12:14:00 +0300 Subject: [PATCH] fixes #11 When the client sends an authorization header basic auth is not applied --- lib/http-proxy/common.ts | 1 + .../http-proxy-passes-web-incoming.test.ts | 39 +++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/lib/http-proxy/common.ts b/lib/http-proxy/common.ts index 3667c7b..5ae4f62 100644 --- a/lib/http-proxy/common.ts +++ b/lib/http-proxy/common.ts @@ -82,6 +82,7 @@ export function setupOutgoing( } if (options.auth) { + delete outgoing.headers.authorization; outgoing.auth = options.auth; } diff --git a/lib/test/lib/http-proxy-passes-web-incoming.test.ts b/lib/test/lib/http-proxy-passes-web-incoming.test.ts index f32798f..7fc59fc 100644 --- a/lib/test/lib/http-proxy-passes-web-incoming.test.ts +++ b/lib/test/lib/http-proxy-passes-web-incoming.test.ts @@ -568,6 +568,45 @@ describe("#createProxyServer.web() using own http server", () => { }); }); +describe("with authorization request header", () => { + const headers = { + authorization: `Bearer ${Buffer.from("dummy-oauth-token").toString( + "base64" + )}`, + }; + + it("should proxy the request with the Authorization header set", (done) => { + const auth = "user:pass"; + const proxy = httpProxy.createProxyServer({ + target: address(8080), + auth, + }); + const proxyServer = http.createServer(proxy.web); + + const source = http.createServer((req, res) => { + source.close(); + proxyServer.close(); + expect(req).toEqual( + expect.objectContaining({ + method: "GET", + headers: expect.objectContaining({ + authorization: `Basic ${Buffer.from(auth).toString("base64")}`, + }), + }) + ); + res.end(); + done(); + }); + + proxyServer.listen(port(8081)); + source.listen(port(8080)); + + http.request(address(8081), { + headers + }).end(); + }); +}); + describe("#followRedirects", () => { it("gets some ports", async () => { for (let n = 8080; n < 8082; n++) {