From 139fcc0648459916986abbb3a5b3097b1af1aee6 Mon Sep 17 00:00:00 2001
From: Phil Greenberg <phil@entefy.com>
Date: Sat, 21 Mar 2015 19:23:57 -0700
Subject: [PATCH] Adding handling for no auth method and null bearer

Removed unnecessary test case
---
 lib/auth.js               |  6 ++++--
 tests/test-bearer-auth.js | 42 +++++++++++++++++++++++++++++++++------
 2 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/lib/auth.js b/lib/auth.js
index bd49dfc88..13c3ac8f3 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -42,7 +42,7 @@ Auth.prototype.bearer = function (bearer, sendImmediately) {
     if (typeof bearer === 'function') {
       bearer = bearer()
     }
-    var authHeader = 'Bearer ' + bearer
+    var authHeader = 'Bearer ' + (bearer || '')
     self.sentAuth = true
     return authHeader
   }
@@ -114,7 +114,9 @@ Auth.prototype.onRequest = function (user, pass, sendImmediately, bearer) {
     , request = self.request
 
   var authHeader
-  if (bearer !== undefined) {
+  if (bearer === undefined && user === undefined) {
+    throw new Error('no auth mechanism defined')
+  } else if (bearer !== undefined) {
     authHeader = self.bearer(bearer, sendImmediately)
   } else {
     authHeader = self.basic(user, pass, sendImmediately)
diff --git a/tests/test-bearer-auth.js b/tests/test-bearer-auth.js
index fcc3f31d8..be32505ad 100644
--- a/tests/test-bearer-auth.js
+++ b/tests/test-bearer-auth.js
@@ -49,7 +49,7 @@ tape('setup', function(t) {
   })
 })
 
-tape('', function(t) {
+tape('bearer auth', function(t) {
   request({
     'method': 'GET',
     'uri': 'http://localhost:6767/test/',
@@ -64,7 +64,7 @@ tape('', function(t) {
   })
 })
 
-tape('', function(t) {
+tape('bearer auth with default sendImmediately', function(t) {
   // If we don't set sendImmediately = false, request will send bearer auth
   request({
     'method': 'GET',
@@ -95,7 +95,7 @@ tape('', function(t) {
   })
 })
 
-tape('', function(t) {
+tape('using .auth, sendImmediately = false', function(t) {
   request
     .get('http://localhost:6767/test/')
     .auth(null, null, false, 'theToken')
@@ -106,7 +106,7 @@ tape('', function(t) {
     })
 })
 
-tape('', function(t) {
+tape('using .auth, sendImmediately = true', function(t) {
   request
     .get('http://localhost:6767/test/')
     .auth(null, null, true, 'theToken')
@@ -117,7 +117,7 @@ tape('', function(t) {
     })
 })
 
-tape('', function(t) {
+tape('bearer is a function', function(t) {
   request({
     'method': 'GET',
     'uri': 'http://localhost:6767/test/',
@@ -132,7 +132,7 @@ tape('', function(t) {
   })
 })
 
-tape('', function(t) {
+tape('bearer is a function, path = test2', function(t) {
   // If we don't set sendImmediately = false, request will send bearer auth
   request({
     'method': 'GET',
@@ -147,6 +147,36 @@ tape('', function(t) {
   })
 })
 
+tape('no auth method', function(t) {
+  t.throws(function() {
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test2/',
+      'auth': {
+        'bearer': undefined
+      }
+    }, function(error, res, body) {
+      t.fail('Requests without a valid auth mechanism are not valid')
+      t.end()
+    })
+  }, /no auth mechanism defined/)
+  t.end()
+})
+
+tape('null bearer', function(t) {
+  request({
+    'method': 'GET',
+    'uri': 'http://localhost:6767/test2/',
+    'auth': {
+      'bearer': null
+    }
+  }, function(error, res, body) {
+    t.equal(res.statusCode, 401)
+    t.equal(numBearerRequests, 12)
+    t.end()
+  })
+})
+
 tape('cleanup', function(t) {
   bearerServer.close(function() {
     t.end()