Merge pull request #4886 from sanish-bruno/fix/bearer-undefined

fix: handle undefined bearer token to send an empty string instead
2026-06-24 21:25:45 +00:00 · 2025-06-14 21:50:08 +05:30
parent 2521e980ea 66fe1528df
commit a7ba23d97e
4 changed files with 32 additions and 5 deletions
--- a/packages/bruno-cli/src/runner/prepare-request.js
+++ b/packages/bruno-cli/src/runner/prepare-request.js
@@ -47,7 +47,7 @@ const prepareRequest = (item = {}, collection = {}) => {
    }

    if (collectionAuth.mode === 'bearer') {
-      axiosRequest.headers['Authorization'] = `Bearer ${get(collectionAuth, 'bearer.token')}`;
+      axiosRequest.headers['Authorization'] = `Bearer ${get(collectionAuth, 'bearer.token', '')}`;
    }

    if (collectionAuth.mode === 'apikey') {
@@ -174,7 +174,7 @@ const prepareRequest = (item = {}, collection = {}) => {
    }

    if (request.auth.mode === 'bearer') {
-      axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token')}`;
+      axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token', '')}`;
    }

    if (request.auth.mode === 'wsse') {
--- a/packages/bruno-electron/src/ipc/network/prepare-request.js
+++ b/packages/bruno-electron/src/ipc/network/prepare-request.js
@@ -27,7 +27,7 @@ const setAuthHeaders = (axiosRequest, request, collectionRoot) => {
        };
        break;
      case 'bearer':
-        axiosRequest.headers['Authorization'] = `Bearer ${get(collectionAuth, 'bearer.token')}`;
+        axiosRequest.headers['Authorization'] = `Bearer ${get(collectionAuth, 'bearer.token', '')}`;
        break;
      case 'digest':
        axiosRequest.digestConfig = {
@@ -152,7 +152,7 @@ const setAuthHeaders = (axiosRequest, request, collectionRoot) => {
        };
        break;
      case 'bearer':
-        axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token')}`;
+        axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token', '')}`;
        break;
      case 'digest':
        axiosRequest.digestConfig = {
--- a/packages/bruno-tests/collection/auth/bearer/via
+++ b/packages/bruno-tests/collection/auth/bearer/via
@@ -0,0 +1,27 @@
+meta {
+  name: Bearer Auth undefined
+  type: http
+  seq: 2
+}
+
+get {
+  url: {{host}}/api/auth/bearer/protected
+  body: none
+  auth: bearer
+}
+
+headers {
+  Authorization: Bearer {{bearer_auth_token}}
+}
+
+assert {
+  res.body.message: eq Unauthorized
+  res.status: eq 401
+}
+
+tests {
+  test("selected auth overrides Authorization header always", function() {
+    const authHeader =  req.getHeader("Authorization")
+    expect(authHeader).to.eql("Bearer ")
+  })
+}
--- a/packages/bruno-tests/collection/auth/bearer/via
+++ b/packages/bruno-tests/collection/auth/bearer/via
@@ -11,7 +11,7 @@ get {
 }

 headers {
-  Authorization: Bearer your_secret_token
+  Authorization: Bearer {{bearer_auth_token}}
 }

 vars:pre-request {