Skip to content

test(agent-proxy): cover username-only basic auth rewrite#316

Draft
saifsmailbox98 wants to merge 2 commits into
mainfrom
saif/age2-39-implement-secrets-brokering-infisical-agent-proxy-improvements-1
Draft

test(agent-proxy): cover username-only basic auth rewrite#316
saifsmailbox98 wants to merge 2 commits into
mainfrom
saif/age2-39-implement-secrets-brokering-infisical-agent-proxy-improvements-1

Conversation

@saifsmailbox98

Copy link
Copy Markdown
Contributor

Description 📣

Basic auth on a proxied service now allows a username with no password (Authorization: Basic base64(username:)), which is how APIs like Ashby authenticate. No production code change was needed here since applyCredentials already sets haveBasic on the username alone and emits an empty password segment when none is present. This just adds a test to lock that behavior in.

Companion PR (backend/frontend/docs): Infisical/infisical#7296

Type ✨

  • Bug fix
  • New feature
  • Improvement
  • Breaking change
  • Documentation

Tests 🛠️

TestBasicAuthUsernameOnly asserts a username-only credential produces Authorization: Basic dXNlcjo= (base64("user:")).

go test ./packages/agentproxy/ -run TestBasicAuth

@linear

linear Bot commented Jul 15, 2026

Copy link
Copy Markdown

AGE2-39

@infisical-review-police

Copy link
Copy Markdown

💬 Discussion in Slack: #pr-review-cli-316-test-agent-proxy-cover-username-only-basic-auth-rewrite

Posted by Review Police — reviews, comments, new commits, and CI failures will stream into this channel.

@greptile-apps

greptile-apps Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds a single test, TestBasicAuthUsernameOnly, to lock in the behavior where a username-only Basic Auth credential produces Authorization: Basic dXNlcjo= (base64("user:")). No production code was changed.

  • The new test mirrors the structure of the existing TestBasicAuthFromTwoCredentials exactly, differing only by omitting the password credential.
  • The expected value dXNlcjo= is correct for base64("user:") and matches what the production applyCredentials function already emits (it concatenates basicUser + ":" + basicPass where basicPass defaults to "").

Confidence Score: 5/5

Only a test file is modified; no production logic changes.

The new test is self-contained, correctly structured, and validates a real edge case (username-only Basic Auth) using the same patterns as the rest of the test suite. The expected base64 value is accurate and the production code path exercised was already correct — the test just adds coverage for it.

No files require special attention.

Important Files Changed

Filename Overview
packages/agentproxy/rewrite_test.go Adds TestBasicAuthUsernameOnly to assert that a username-only credential produces the correct Basic Auth header (base64("user:") == dXNlcjo=); follows existing test patterns precisely.

Reviews (1): Last reviewed commit: "test(agent-proxy): cover username-only b..." | Re-trigger Greptile

@saifsmailbox98
saifsmailbox98 marked this pull request as draft July 19, 2026 00:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant