From 99dd0c2aa7b67cb675965534c011d69514aea363 Mon Sep 17 00:00:00 2001
From: DanRJ <daniel.rustadj@gmail.com>
Date: Wed, 22 Mar 2023 14:36:55 +0100
Subject: [PATCH] Add OverwriteAuthorizationHeader flag (#12)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Add OverwriteAuthorizationHeader flag so consumers can choose to always overwrite any existing Authorization header

Co-authored-by: Bjørn Dybvik Langfors <bjorn@langfors.no>
---
 .../Config/MaskinportenSettings.cs                           | 5 +++++
 .../Handlers/MaskinportenTokenHandler.cs                     | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/Altinn.ApiClients.Maskinporten/Config/MaskinportenSettings.cs b/src/Altinn.ApiClients.Maskinporten/Config/MaskinportenSettings.cs
index 2d57b0e..5df0147 100644
--- a/src/Altinn.ApiClients.Maskinporten/Config/MaskinportenSettings.cs
+++ b/src/Altinn.ApiClients.Maskinporten/Config/MaskinportenSettings.cs
@@ -78,5 +78,10 @@ public class MaskinportenSettings
         /// Optional. Enabels verbose logging that should only be enabled when troubleshooting. Will cause logging (with severity "Information") of assertions.  
         /// </summary>
         public bool? EnableDebugLogging { get; set; }
+
+        /// <summary>
+        /// Optional. Overwrites existing Authorization-header if set. Default: ignore existing Authorization-header.
+        /// </summary>
+        public bool? OverwriteAuthorizationHeader { get; set; }
     }
 }
diff --git a/src/Altinn.ApiClients.Maskinporten/Handlers/MaskinportenTokenHandler.cs b/src/Altinn.ApiClients.Maskinporten/Handlers/MaskinportenTokenHandler.cs
index ed45767..d9c7f76 100644
--- a/src/Altinn.ApiClients.Maskinporten/Handlers/MaskinportenTokenHandler.cs
+++ b/src/Altinn.ApiClients.Maskinporten/Handlers/MaskinportenTokenHandler.cs
@@ -21,7 +21,9 @@ public MaskinportenTokenHandler(IMaskinportenService maskinporten, IClientDefini
 
         protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
         {
-            if (request.Headers.Authorization == null)
+            if (request.Headers.Authorization == null ||
+                (_clientDefinition.ClientSettings.OverwriteAuthorizationHeader .HasValue &&
+                _clientDefinition.ClientSettings.OverwriteAuthorizationHeader .Value))
             {
                 TokenResponse tokenResponse = await GetTokenResponse(cancellationToken);
                 if (tokenResponse != null)