apply http data source service config to request

shekharnwagh · shekharnwagh · commit 4dc09026f19f · 2025-04-30T18:30:03.000-06:00
The generic http data source supports authentication config in the service config. This was not applied to the request, which now happens.
diff --git a/inc/Config/DataSource/HttpDataSource.php b/inc/Config/DataSource/HttpDataSource.php
@@ -98,11 +98,51 @@ protected static function get_service_config_schema(): array {
 		return ConfigSchemas::get_http_data_source_service_config_schema();
 	}
 
+	private static function get_auth_to_request_headers( array $service_config ): array {
+		if ( ! isset( $service_config['auth'] ) ) {
+			return [];
+		}
+
+		$auth_headers = [];
+		$auth = $service_config['auth'];
+
+		if ( $auth['type'] === 'bearer' ) {
+			$auth_headers['Authorization'] = 'Bearer ' . $auth['value'];
+		} elseif ( $auth['type'] === 'basic' ) {
+			$auth_headers['Authorization'] = 'Basic ' . base64_encode( $auth['value'] );
+		} elseif ( $auth['type'] === 'api-key' && $auth['add_to'] === 'header' ) {
+			$auth_headers[$auth['key']] = $auth['value'];
+		}
+
+		return $auth_headers;
+	}
+
+	private static function add_auth_to_endpoint( string|null $endpoint, array $service_config ): string|null {
+		if ( ! isset( $service_config['auth'] ) 
+			|| $service_config['auth']['type'] !== 'api-key' 
+			|| $service_config['auth']['add_to'] !== 'queryparams'
+			|| empty( $endpoint )
+		) {
+			return $endpoint;
+		}
+
+		$query_string = $service_config['auth']['key'] . '=' . $service_config['auth']['value'];
+		
+		return $endpoint . ( strpos( $endpoint, '?' ) === false ? '?' : '&' ) . $query_string;
+	}
+
 	protected static function map_service_config( array $service_config ): array {
+		$request_headers = $service_config['request_headers'] ?? [];
+		$endpoint = $service_config['endpoint'] ?? null; // Invalid, but we won't guess it.
+
+		$auth_headers = self::get_auth_to_request_headers( $service_config );
+		$request_headers = array_merge( $request_headers, $auth_headers );
+		$endpoint = self::add_auth_to_endpoint( $endpoint, $service_config );
+
 		return [
 			'display_name' => $service_config['display_name'] ?? static::SERVICE_NAME,
-			'endpoint' => $service_config['endpoint'] ?? null, // Invalid, but we won't guess it.
-			'request_headers' => $service_config['request_headers'] ?? [],
+			'endpoint' => $endpoint,
+			'request_headers' => $request_headers,
 		];
 	}
 
diff --git a/inc/Validation/ConfigSchemas.php b/inc/Validation/ConfigSchemas.php
@@ -152,7 +152,7 @@ private static function generate_http_data_source_service_config_schema(): array
 			'__version' => Types::integer(),
 			'auth' => Types::nullable(
 				Types::object( [
-					'add_to' => Types::nullable( Types::enum( 'header', 'query' ) ),
+					'add_to' => Types::nullable( Types::enum( 'header', 'queryparams' ) ),
 					'key' => Types::nullable( Types::skip_sanitize( Types::string() ) ),
 					'type' => Types::enum( 'basic', 'bearer', 'api-key', 'none' ),
 					'value' => Types::skip_sanitize( Types::string() ),
diff --git a/tests/inc/Config/HttpDataSourceTest.php b/tests/inc/Config/HttpDataSourceTest.php
@@ -4,6 +4,7 @@
 
 use PHPUnit\Framework\TestCase;
 use RemoteDataBlocks\Tests\Mocks\MockDataSource;
+use RemoteDataBlocks\Tests\Mocks\MockValidator;
 use WP_Error;
 
 class HttpDataSourceTest extends TestCase {
@@ -67,4 +68,158 @@ public function testMigrateConfigMethodCanBeOverridden_user_id_is_not_an_integer
 		$this->assertInstanceOf( WP_Error::class, $this->http_data_source );
 		$this->assertSame( 'testUserId must be an integer', $this->http_data_source->get_error_message() );
 	}
+
+	public function testBearerAuthHeaderIsAdded(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com',
+				'auth' => [
+					'type' => 'bearer',
+					'value' => 'test-token',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$headers = $this->http_data_source->get_request_headers();
+		$this->assertIsArray( $headers );
+		$this->assertArrayHasKey( 'Authorization', $headers );
+		$this->assertSame( 'Bearer test-token', $headers['Authorization'] );
+	}
+
+	public function testBasicAuthHeaderIsAdded(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com',
+				'auth' => [
+					'type' => 'basic',
+					'value' => 'user:pass',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$headers = $this->http_data_source->get_request_headers();
+		$this->assertIsArray( $headers );
+		$this->assertArrayHasKey( 'Authorization', $headers );
+		$this->assertSame( 'Basic ' . base64_encode( 'user:pass' ), $headers['Authorization'] );
+	}
+
+	public function testApiKeyHeaderIsAdded(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com',
+				'auth' => [
+					'type' => 'api-key',
+					'add_to' => 'header',
+					'key' => 'X-Api-Key',
+					'value' => 'test-api-key',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$headers = $this->http_data_source->get_request_headers();
+		$this->assertIsArray( $headers );
+		$this->assertArrayHasKey( 'X-Api-Key', $headers );
+		$this->assertSame( 'test-api-key', $headers['X-Api-Key'] );
+	}
+
+	public function testApiKeyQueryParamIsAdded(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com/data',
+				'auth' => [
+					'type' => 'api-key',
+					'add_to' => 'queryparams',
+					'key' => 'api_key',
+					'value' => 'test-api-key',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$endpoint = $this->http_data_source->get_endpoint();
+		$this->assertSame( 'http://example.com/data?api_key=test-api-key', $endpoint );
+	}
+
+	public function testApiKeyQueryParamIsAppended(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com/data?existing=true',
+				'auth' => [
+					'type' => 'api-key',
+					'add_to' => 'queryparams',
+					'key' => 'api_key',
+					'value' => 'test-api-key',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$endpoint = $this->http_data_source->get_endpoint();
+		$this->assertSame( 'http://example.com/data?existing=true&amp;api_key=test-api-key', $endpoint );
+	}
+
+	public function testNoAuthLeavesConfigUnchanged(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com/data',
+				'request_headers' => [ 'X-Custom' => 'value' ],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$headers = $this->http_data_source->get_request_headers();
+		$endpoint = $this->http_data_source->get_endpoint();
+
+		$this->assertIsArray( $headers );
+		$this->assertSame( [ 'X-Custom' => 'value' ], $headers );
+		$this->assertSame( 'http://example.com/data', $endpoint );
+	}
+
+	public function testExistingHeadersAreMergedWithAuthHeaders(): void {
+		$config = [
+			'service_config' => [
+				'__version' => 1,
+				'display_name' => 'Mock Data Source',
+				'endpoint' => 'http://example.com',
+				'request_headers' => [ 'X-Custom' => 'value' ],
+				'auth' => [
+					'type' => 'bearer',
+					'value' => 'test-token',
+				],
+			],
+		];
+		$this->http_data_source = MockDataSource::create( $config );
+
+		$this->assertNotInstanceOf( WP_Error::class, $this->http_data_source );
+		$headers = $this->http_data_source->get_request_headers();
+		$this->assertIsArray( $headers );
+		$this->assertSame(
+			[
+				'X-Custom' => 'value',
+				'Authorization' => 'Bearer test-token',
+			],
+			$headers
+		);
+	}
 }
