Use Bearer authentication for Axios when contacting SonarQube Cloud

We can't do it for SonarQube Server as older versions were only supporting passing the token through BASIC authentication.

Author: henryju

src/common/latest/helpers/constants.ts

@@ -4,7 +4,7 @@ export const PROP_NAMES = {
   HOST_URL: "sonar.host.url",
   TOKEN: "sonar.token",
   LOGIN: "sonar.login",
-  PASSSWORD: "sonar.password",
+  PASSWORD: "sonar.password",
   ORG: "sonar.organization",
   PROJECTKEY: "sonar.projectKey",
   PROJECTNAME: "sonar.projectName",

src/common/latest/helpers/utils.ts

@@ -16,7 +16,7 @@ export function stringifyScannerParams(scannerParams: ScannerParams) {
 
 export function sanitizeScannerParams(scannerParams: ScannerParams) {
   delete scannerParams[PROP_NAMES.LOGIN];
-  delete scannerParams[PROP_NAMES.PASSSWORD];
+  delete scannerParams[PROP_NAMES.PASSWORD];
   return scannerParams;
 }
 

src/common/latest/sonarqube/Endpoint.ts

@@ -42,7 +42,6 @@ export default class Endpoint {
   }
 
   public get auth(): { username: string; password: string } {
-    // If using user/password
     if (
       !this.data.token &&
       this.data.username &&
@@ -57,11 +56,19 @@ export default class Endpoint {
   toAxiosOptions(): AxiosRequestConfig {
     const options: AxiosRequestConfig = {
       timeout: Endpoint.REQUEST_TIMEOUT,
-      auth: {
+    };
+
+    const isSonarCloud = Boolean(this.data.token);
+    if (isSonarCloud) {
+      options.headers = {
+        Authorization: `Bearer ${this.data.token}`
+      }
+    } else {
+      options.auth = {
         username: this.auth.username,
         password: this.auth.password,
-      },
-    };
+      }
+    }
 
     // Fetch proxy from environment
     // We ignore proxy set by agent proxy configuration, we need to discuss whether we want to itroduce it
@@ -100,8 +107,8 @@ export default class Endpoint {
 
     return {
       [PROP_NAMES.HOST_URL]: this.data.url,
-      [authKey]: this.data.token || this.data.username,
-      [PROP_NAMES.PASSSWORD]:
+      [authKey]: this.data.token ?? this.data.username,
+      [PROP_NAMES.PASSWORD]:
         this.data.password && this.data.password.length > 0 ? this.data.password : null,
       [PROP_NAMES.ORG]: this.data.organization,
     };

src/common/latest/sonarqube/__tests__/Endpoint-test.ts

@@ -31,7 +31,7 @@ it("On SonarQube Cloud, password is always null", () => {
 
   const result = Endpoint.getEndpoint("sonarcloud", EndpointType.Cloud);
 
-  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSSWORD]).toBeNull();
+  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSWORD]).toBeNull();
   expect(result.auth.password).toBe("");
 });
 
@@ -45,7 +45,7 @@ it("On SonarQube Server, password is empty should not be intepreted", () => {
 
   const result = Endpoint.getEndpoint("sonarqube", EndpointType.Server);
 
-  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSSWORD]).toBeNull();
+  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSWORD]).toBeNull();
   expect(result.auth.password).toBe("");
 });
 
@@ -58,7 +58,7 @@ it("On SonarQube Server password is not empty should be intepreted", () => {
 
   const result = Endpoint.getEndpoint("sonarqube", EndpointType.Server);
 
-  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSSWORD]).toEqual("P@ssword");
+  expect(result.toSonarProps("7.1.0")[PROP_NAMES.PASSWORD]).toEqual("P@ssword");
   expect(result.auth.password).toEqual("P@ssword");
 });