Undefined index with the session token using app token

[C-Duv]

I get PHP notice about an undefined Session-Token index when authenticating on the API when setting an application token (using setAppToken()).

require_once __DIR__ . '/vendor/autoload.php';
$client = new Glpi\Api\Rest\Client(
    'http://localhost/glpi/apirest.php/',
    new GuzzleHttp\Client()
);
$client->setAppToken('abcdef....');
$client->initSessionByCredentials(
    'glpi',
    'glpi'
);
var_dump($client->getFullSession()['statusCode']);
$client->killSession();

Observed Results:

PHP Notice:  Undefined index: Session-Token in .../myexample/vendor/glpi-project/php-library-glpi/src/Glpi/Api/Rest/Client.php on line 137
PHP Stack trace:
PHP   1. {main}() .../myexample/test.php:0
PHP   2. Glpi\Api\Rest\Client->initSessionByCredentials() .../myexample/test.php:10
PHP   3. Glpi\Api\Rest\Client->request() .../myexample/vendor/glpi-project/php-library-glpi/src/Glpi/Api/Rest/Client.php:81
int(200)

Expected behavior:

There should be not "PHP Notice", only:

int(200)

If I disable the app_token filtering on GLPI server side and comment the `setAppToken()`` call, the PHP notice disappears.

I tried various settings and got the following:

Application token filtering on server side	Calling setAppToken()	Result
No	No	Works OK without notice/errors
No	Yes	PHP Notice: Undefined index: Session-Token (in Client.php:137) and PHP Notice: Undefined index: ERROR_WRONG_APP_TOKEN_PARAMETER (in ErrorHandler.php:69) and PHP Fatal error: Uncaught exception 'Exception' (in Client.php:8)
Yes	No	Works OK, it rejects the client because no token was provided (PHP Fatal error: Uncaught exception 'Exception' with message 'The current API requires an App-Token header for using its methods.')
Yes	Yes	PHP Notice: Undefined index: Session-Token

[C-Duv]

It looks like \Glpi\Api\Rest\Client::request() assumes \Glpi\Api\Rest\Client::addTokens() always returns a Session-Token, which is false.

[DIOHz0r]

The addTokens method is to add automaticly Session-Token wich it is always mandatory for call all GLPI Endpoints (excluding only for lostPassword and initSession). If Session-Token is not present then the problem was with a wrong init session.

[C-Duv]

So you are telling me to close this issue (#64) and the #67 PR?
I understand the PHP notices are generated because of the #65 bug on initSessionByUserToken() but shouldn't request() check what addTokens() returned anyway?