Merge pull request #66 from reubenmiller/fix-skip-basic-auth-if-empty

fix: don't set basic auth header if username or password is empty
reubenmiller · Jun 15, 2024 · 91b53e9 · 91b53e9
2 parents 756e2d8 + a65c45b
commit 91b53e9
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/pkg/c8y/client.go b/pkg/c8y/client.go
@@ -936,8 +936,13 @@ func (c *Client) SetBasicAuthorization(req *http.Request) {
 	} else {
 		headerUsername = c.Username
 	}
-	Logger.Infof("Current username: %s", c.HideSensitiveInformationIfActive(headerUsername))
-	req.SetBasicAuth(headerUsername, c.Password)
+
+	if headerUsername != "" && c.Password != "" {
+		Logger.Infof("Current username: %s", c.HideSensitiveInformationIfActive(headerUsername))
+		req.SetBasicAuth(headerUsername, c.Password)
+	} else {
+		Logger.Debug("Ignoring basic authorization header as either username or password is empty")
+	}
 }
 
 // SetAuthorization sets the configured authorization to the given request. By default it will set the Basic Authorization header