Add api_token field to client configuration for reading API tokens from env vars

RobGeada · RobGeada · commit daca788dfa46 · 2025-11-03T14:10:32.000Z
Signed-off-by: Rob Geada &lt;rob@geada.net&gt;
diff --git a/src/clients.rs b/src/clients.rs
@@ -254,7 +254,11 @@ pub async fn create_http_client(
         .layer(http_trace_layer())
         .layer(TimeoutLayer::new(request_timeout))
         .service(client);
-    Ok(HttpClient::new(base_url, client))
+    Ok(HttpClient::new(
+        base_url,
+        service_config.api_token.clone(),
+        client,
+    ))
 }
 
 pub async fn create_grpc_client<C: Debug + Clone>(
diff --git a/src/clients/http.rs b/src/clients/http.rs
@@ -119,15 +119,17 @@ pub trait HttpClientExt: Client {
 pub struct HttpClient {
     base_url: Url,
     health_url: Url,
+    api_token: Option<String>,
     inner: HttpClientInner,
 }
 
 impl HttpClient {
-    pub fn new(base_url: Url, inner: HttpClientInner) -> Self {
+    pub fn new(base_url: Url, api_token: Option<String>, inner: HttpClientInner) -> Self {
         let health_url = base_url.join("health").unwrap();
         Self {
             base_url,
             health_url,
+            api_token,
             inner,
         }
     }
@@ -140,6 +142,21 @@ impl HttpClient {
         self.base_url.join(path).unwrap()
     }
 
+    /// Injects the API token as a Bearer token in the Authorization header if configured and present in the environment.
+    fn inject_api_token(&self, headers: &mut HeaderMap) -> Result<(), Error> {
+        if let Some(env_var) = &self.api_token
+            && let Ok(token) = std::env::var(env_var)
+        {
+            headers.insert(
+                http::header::AUTHORIZATION,
+                HeaderValue::from_str(&format!("Bearer {}", token)).map_err(|e| Error::Http {
+                    code: StatusCode::INTERNAL_SERVER_ERROR,
+                    message: format!("invalid authorization header: {e}"),
+                })?,
+            );
+        }
+        Ok(())
+    }
     pub async fn get(
         &self,
         url: Url,
@@ -162,11 +179,14 @@ impl HttpClient {
         &self,
         url: Url,
         method: Method,
-        headers: HeaderMap,
+        mut headers: HeaderMap,
         body: impl RequestBody,
     ) -> Result<Response, Error> {
         let ctx = Span::current().context();
+
+        self.inject_api_token(&mut headers)?;
         let headers = trace::with_traceparent_header(&ctx, headers);
+
         let mut builder = hyper::http::request::Builder::new()
             .method(method)
             .uri(url.as_uri());
diff --git a/src/config.rs b/src/config.rs
@@ -86,6 +86,8 @@ pub struct ServiceConfig {
     pub http2_keep_alive_interval: Option<u64>,
     /// Keep-alive timeout in seconds for client calls [currently only for grpc generation]
     pub keep_alive_timeout: Option<u64>,
+    /// Name of environment variable that contains the API key to use for this service [currently only for http generation]
+    pub api_token: Option<String>,
 }
 
 impl ServiceConfig {
@@ -101,6 +103,7 @@ impl ServiceConfig {
             max_retries: None,
             http2_keep_alive_interval: None,
             keep_alive_timeout: None,
+            api_token: None,
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -86,6 +86,8 @@ pub struct ServiceConfig {`
`86`	`86`	`pub http2_keep_alive_interval: Option<u64>,`
`87`	`87`	`/// Keep-alive timeout in seconds for client calls [currently only for grpc generation]`
`88`	`88`	`pub keep_alive_timeout: Option<u64>,`
	`89`	`+ /// Name of environment variable that contains the API key to use for this service [currently only for http generation]`
	`90`	`+ pub api_token: Option<String>,`
`89`	`91`	`}`
`90`	`92`
`91`	`93`	`impl ServiceConfig {`
`@@ -101,6 +103,7 @@ impl ServiceConfig {`
`101`	`103`	`max_retries: None,`
`102`	`104`	`http2_keep_alive_interval: None,`
`103`	`105`	`keep_alive_timeout: None,`
	`106`	`+ api_token: None,`
`104`	`107`	`}`
`105`	`108`	`}`
`106`	`109`	`}`