fix: custom authorization header should not be overwritten (#584)

supabase · Oct 10, 2022 · 2f271f8 · 2f271f8
1 parent 0e298d5
commit 2f271f8
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/src/SupabaseClient.ts b/src/SupabaseClient.ts
@@ -248,7 +248,7 @@ export default class SupabaseClient<
     }
     return new SupabaseAuthClient({
       url: this.authUrl,
-      headers: { ...headers, ...authHeaders },
+      headers: { ...authHeaders, ...headers },
       storageKey: storageKey,
       autoRefreshToken,
       persistSession,

diff --git a/test/SupabaseAuthClient.test.ts b/test/SupabaseAuthClient.test.ts
@@ -1,5 +1,5 @@
 import { SupabaseAuthClient } from '../src/lib/SupabaseAuthClient'
-import { SupabaseClientOptions } from '../src/lib/types'
+import SupabaseClient from '../src/SupabaseClient'
 import { DEFAULT_HEADERS } from '../src/lib/constants'
 
 const DEFAULT_OPTIONS = {
@@ -23,3 +23,13 @@ test('it should create a new instance of the class', () => {
   const authClient = new SupabaseAuthClient(authSettings)
   expect(authClient).toBeInstanceOf(SupabaseAuthClient)
 })
+
+test('_initSupabaseAuthClient should overwrite authHeaders if headers are provided', () => {
+  const authClient = new SupabaseClient('https://example.supabase.com', 'supabaseKey')[
+    '_initSupabaseAuthClient'
+  ](authSettings, {
+    Authorization: 'Bearer custom-auth-header',
+  })
+  expect(authClient['headers']['Authorization']).toBe('Bearer custom-auth-header')
+  expect(authClient['headers']['apikey']).toBe('supabaseKey')
+})