Fix basic auth failing when password field is empty or unset

Handle undefined username/password values by defaulting to empty string, preventing "undefined" from being encoded in the Authorization header. Fixes https://feedback.yaak.app/p/strange-basic-auth-behaviour-in-202612 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 16:51:55 -05:00 · 2026-01-28 15:06:16 -08:00
parent 9c45254952
commit c00d2e981f
3 changed files with 81 additions and 2 deletions
--- a/plugins/auth-basic/tests/index.test.ts
+++ b/plugins/auth-basic/tests/index.test.ts
@@ -0,0 +1,77 @@
+import type { Context } from '@yaakapp/api';
+import { describe, expect, test } from 'vitest';
+import { plugin } from '../src';
+
+const ctx = {} as Context;
+
+describe('auth-basic', () => {
+  test('Both username and password', async () => {
+    expect(
+      await plugin.authentication?.onApply(ctx, {
+        values: { username: 'user', password: 'pass' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({
+      setHeaders: [{ name: 'Authorization', value: `Basic ${Buffer.from('user:pass').toString('base64')}` }],
+    });
+  });
+
+  test('Empty password', async () => {
+    expect(
+      await plugin.authentication?.onApply(ctx, {
+        values: { username: 'apikey', password: '' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({
+      setHeaders: [{ name: 'Authorization', value: `Basic ${Buffer.from('apikey:').toString('base64')}` }],
+    });
+  });
+
+  test('Missing password (undefined)', async () => {
+    expect(
+      await plugin.authentication?.onApply(ctx, {
+        values: { username: 'apikey' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({
+      setHeaders: [{ name: 'Authorization', value: `Basic ${Buffer.from('apikey:').toString('base64')}` }],
+    });
+  });
+
+  test('Missing username (undefined)', async () => {
+    expect(
+      await plugin.authentication?.onApply(ctx, {
+        values: { password: 'secret' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({
+      setHeaders: [{ name: 'Authorization', value: `Basic ${Buffer.from(':secret').toString('base64')}` }],
+    });
+  });
+
+  test('No values (both undefined)', async () => {
+    expect(
+      await plugin.authentication?.onApply(ctx, {
+        values: {},
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({
+      setHeaders: [{ name: 'Authorization', value: `Basic ${Buffer.from(':').toString('base64')}` }],
+    });
+  });
+});