httpie · jkbrzt · Dec 1, 2021 · Nov 29, 2021
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ This project adheres to [Semantic Versioning](https://semver.org/).
 - Added support for receving multiple HTTP headers with the same name, individually. ([#1207](https://github.com/httpie/httpie/issues/1207))
 - Added support for keeping `://` in the URL argument to allow quick conversions of pasted URLs into HTTPie calls just by adding a space after the protocol name (`$ https ://pie.dev` → `https://pie.dev`). ([#1195](https://github.com/httpie/httpie/issues/1195))
 - Added support for basic JSON types on `--form`/`--multipart` when using JSON only operators (`:=`/`:=@`). ([#1212](https://github.com/httpie/httpie/issues/1212))
+- Added support for `bearer` authentication method ([#1215](https://github.com/httpie/httpie/issues/1215)).
 
 ## [2.6.0](https://github.com/httpie/httpie/compare/2.5.0...2.6.0) (2021-10-14)
 

diff --git a/docs/README.md b/docs/README.md
@@ -1003,10 +1003,10 @@ the [sessions](#sessions) feature.
 
 The currently supported authentication schemes are Basic and Digest (see [auth plugins](#auth-plugins) for more). There are two flags that control authentication:
 
-|              Flag | Arguments                                                                                                                                                                                                                                                                                                                                 |
-| ----------------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-|      `--auth, -a` | Pass a `username:password` pair as the argument. Or, if you only specify a username (`-a username`), you’ll be prompted for the password before the request is sent. To send an empty password, pass `username:`. The `username:password@hostname` URL syntax is supported as well (but credentials passed via `-a` have higher priority) |
-| `--auth-type, -A` | Specify the auth mechanism. Possible values are `basic`, `digest`, or the name of any [auth plugins](#auth-plugins) you have installed. The default value is `basic` so it can often be omitted                                                                                                                                           |
+|              Flag | Arguments                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| ----------------: | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+|      `--auth, -a` | Pass either a `username:password` pair or a `token` as the argument. If the selected authenticated method requires username/password combination and if you only specify a username (`-a username`), you’ll be prompted for the password before the request is sent. To send an empty password, pass `username:`. The `username:password@hostname` URL syntax is supported as well (but credentials passed via `-a` have higher priority) |
+| `--auth-type, -A` | Specify the auth mechanism. Possible values are `basic`, `digest`, `bearer` or the name of any [auth plugins](#auth-plugins) you have installed. The default value is `basic` so it can often be omitted                                                                                                                                                                                                                                  |
 
 ### Basic auth
 
@@ -1020,6 +1020,12 @@ $ http -a username:password pie.dev/basic-auth/username/password
 $ http -A digest -a username:password pie.dev/digest-auth/httpie/username/password
 ```
 
+### Bearer auth
+
+```bash
+https -A bearer -a token pie.dev/bearer
+```
+
 ### Password prompt
 
 ```bash

diff --git a/httpie/cli/definition.py b/httpie/cli/definition.py
@@ -554,10 +554,11 @@
 auth.add_argument(
     '--auth', '-a',
     default=None,
-    metavar='USER[:PASS]',
+    metavar='USER[:PASS] | TOKEN',
     help='''
-    If only the username is provided (-a username), HTTPie will prompt
-    for the password.
+    For username/password based authentication mechanisms (e.g
+    basic auth or digest auth) if only the username is provided
+    (-a username), HTTPie will prompt for the password.
 
     ''',
 )

diff --git a/httpie/plugins/builtin.py b/httpie/plugins/builtin.py
@@ -34,6 +34,16 @@ def make_header(username: str, password: str) -> str:
         return f'Basic {token}'
 
 
+class HTTPBearerAuth(requests.auth.AuthBase):
+
+    def __init__(self, token: str) -> None:
+        self.token = token
+
+    def __call__(self, request: requests.PreparedRequest) -> requests.PreparedRequest:
+        request.headers['Authorization'] = f'Bearer {self.token}'
+        return request
+
+
 class BasicAuthPlugin(BuiltinAuthPlugin):
     name = 'Basic HTTP auth'
     auth_type = 'basic'
@@ -56,3 +66,14 @@ def get_auth(
         password: str
     ) -> requests.auth.HTTPDigestAuth:
         return requests.auth.HTTPDigestAuth(username, password)
+
+
+class BearerAuthPlugin(BuiltinAuthPlugin):
+    name = 'Bearer HTTP Auth'
+    auth_type = 'bearer'
+    netrc_parse = False
+    auth_parse = False
+
+    # noinspection PyMethodOverriding
+    def get_auth(self, **kwargs) -> requests.auth.HTTPDigestAuth:
+        return HTTPBearerAuth(self.raw_auth)
diff --git a/httpie/plugins/registry.py b/httpie/plugins/registry.py
@@ -1,5 +1,5 @@
 from .manager import PluginManager
-from .builtin import BasicAuthPlugin, DigestAuthPlugin
+from .builtin import BasicAuthPlugin, DigestAuthPlugin, BearerAuthPlugin
 from ..output.formatters.headers import HeadersFormatter
 from ..output.formatters.json import JSONFormatter
 from ..output.formatters.xml import XMLFormatter
@@ -13,6 +13,7 @@
 plugin_manager.register(
     BasicAuthPlugin,
     DigestAuthPlugin,
+    BearerAuthPlugin,
     HeadersFormatter,
     JSONFormatter,
     XMLFormatter,

diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -25,6 +25,19 @@ def test_digest_auth(httpbin_both, argument_name):
     assert r.json == {'authenticated': True, 'user': 'user'}
 
 
+@pytest.mark.parametrize('token', [
+    'token_1',
+    'long_token' * 5,
+    'user:style',
+])
+def test_bearer_auth(httpbin_both, token):
+    r = http('--auth-type', 'bearer', '--auth', token,
+             httpbin_both + '/bearer')
+
+    assert HTTP_OK in r
+    assert r.json == {'authenticated': True, 'token': token}
+
+
 @mock.patch('httpie.cli.argtypes.AuthCredentials._getpass',
             new=lambda self, prompt: 'password')
 def test_password_prompt(httpbin):