From af1c40412ad2911928cf72e9316fb84ebe304d51 Mon Sep 17 00:00:00 2001
From: Daniel Hrabovcak <thespiritxiii@gmail.com>
Date: Tue, 5 Dec 2023 16:46:50 -0500
Subject: [PATCH] Allow using empty Authorization credentials

Signed-off-by: Daniel Hrabovcak <thespiritxiii@gmail.com>
---
 config/http_config.go      |  6 +++---
 config/http_config_test.go | 21 +++++++++++++++++++++
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/config/http_config.go b/config/http_config.go
index 4763549b..14ee6738 100644
--- a/config/http_config.go
+++ b/config/http_config.go
@@ -546,10 +546,10 @@ func NewRoundTripperFromConfig(cfg HTTPClientConfig, name string, optFuncs ...HT
 
 		// If a authorization_credentials is provided, create a round tripper that will set the
 		// Authorization header correctly on each request.
-		if cfg.Authorization != nil && len(cfg.Authorization.Credentials) > 0 {
-			rt = NewAuthorizationCredentialsRoundTripper(cfg.Authorization.Type, cfg.Authorization.Credentials, rt)
-		} else if cfg.Authorization != nil && len(cfg.Authorization.CredentialsFile) > 0 {
+		if cfg.Authorization != nil && len(cfg.Authorization.CredentialsFile) > 0 {
 			rt = NewAuthorizationCredentialsFileRoundTripper(cfg.Authorization.Type, cfg.Authorization.CredentialsFile, rt)
+		} else if cfg.Authorization != nil {
+			rt = NewAuthorizationCredentialsRoundTripper(cfg.Authorization.Type, cfg.Authorization.Credentials, rt)
 		}
 		// Backwards compatibility, be nice with importers who would not have
 		// called Validate().
diff --git a/config/http_config_test.go b/config/http_config_test.go
index 4ebe038b..72d1e798 100644
--- a/config/http_config_test.go
+++ b/config/http_config_test.go
@@ -269,6 +269,27 @@ func TestNewClientFromConfig(t *testing.T) {
 					fmt.Fprint(w, ExpectedMessage)
 				}
 			},
+		}, {
+			clientConfig: HTTPClientConfig{
+				Authorization: &Authorization{
+					Type: AuthorizationType,
+				},
+				TLSConfig: TLSConfig{
+					CAFile:             TLSCAChainPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
+					ServerName:         "",
+					InsecureSkipVerify: false},
+			},
+			handler: func(w http.ResponseWriter, r *http.Request) {
+				bearer := r.Header.Get("Authorization")
+				if strings.TrimSpace(bearer) != AuthorizationType {
+					fmt.Fprintf(w, "The expected Bearer Authorization (%s) differs from the obtained Bearer Authorization (%s)",
+						AuthorizationType, bearer)
+				} else {
+					fmt.Fprint(w, ExpectedMessage)
+				}
+			},
 		}, {
 			clientConfig: HTTPClientConfig{
 				Authorization: &Authorization{