fix: custom authorization header should not be overwritten (#584)

kangmingtay · web-flow · commit 2f271f8418fd · 2022-10-10T22:04:58.000+08:00
diff --git a/src/SupabaseClient.ts b/src/SupabaseClient.ts
@@ -248,7 +248,7 @@ export default class SupabaseClient<
     }
     return new SupabaseAuthClient({
       url: this.authUrl,
-      headers: { ...headers, ...authHeaders },
+      headers: { ...authHeaders, ...headers },
       storageKey: storageKey,
       autoRefreshToken,
       persistSession,
diff --git a/test/SupabaseAuthClient.test.ts b/test/SupabaseAuthClient.test.ts
@@ -1,5 +1,5 @@
 import { SupabaseAuthClient } from '../src/lib/SupabaseAuthClient'
-import { SupabaseClientOptions } from '../src/lib/types'
+import SupabaseClient from '../src/SupabaseClient'
 import { DEFAULT_HEADERS } from '../src/lib/constants'
 
 const DEFAULT_OPTIONS = {
@@ -23,3 +23,13 @@ test('it should create a new instance of the class', () => {
   const authClient = new SupabaseAuthClient(authSettings)
   expect(authClient).toBeInstanceOf(SupabaseAuthClient)
 })
+
+test('_initSupabaseAuthClient should overwrite authHeaders if headers are provided', () => {
+  const authClient = new SupabaseClient('https://example.supabase.com', 'supabaseKey')[
+    '_initSupabaseAuthClient'
+  ](authSettings, {
+    Authorization: 'Bearer custom-auth-header',
+  })
+  expect(authClient['headers']['Authorization']).toBe('Bearer custom-auth-header')
+  expect(authClient['headers']['apikey']).toBe('supabaseKey')
+})

Original file line number	Diff line number	Diff line change
`@@ -248,7 +248,7 @@ export default class SupabaseClient<`
`248`	`248`	`}`
`249`	`249`	`return new SupabaseAuthClient({`
`250`	`250`	`url: this.authUrl,`
`251`		`- headers: { ...headers, ...authHeaders },`
	`251`	`+ headers: { ...authHeaders, ...headers },`
`252`	`252`	`storageKey: storageKey,`
`253`	`253`	`autoRefreshToken,`
`254`	`254`	`persistSession,`