add --header flag to src auth token to print auth header

burmudar · burmudar · commit 38739ee2c8bb · 2026-03-17T16:41:39.000+02:00
- for access token print `Authorization: token &lt;token&gt;`
- for oauth token print `Authorization: Bearer &lt;token&gt;`
diff --git a/cmd/src/auth_token.go b/cmd/src/auth_token.go
@@ -23,6 +23,7 @@ type oauthTokenRefresher interface {
 
 func init() {
 	flagSet := flag.NewFlagSet("token", flag.ExitOnError)
+	header := flagSet.Bool("header", false, "print the token as an Authorization header")
 	usageFunc := func() {
 		fmt.Fprintf(flag.CommandLine.Output(), "Usage of 'src auth token':\n")
 		flagSet.PrintDefaults()
@@ -38,6 +39,7 @@ func init() {
 			return err
 		}
 
+		token = formatAuthTokenOutput(token, cfg.AuthMode(), *header)
 		fmt.Println(token)
 		return nil
 	}
@@ -66,3 +68,15 @@ func resolveAuthToken(ctx context.Context, cfg *config) (string, error) {
 
 	return token.AccessToken, nil
 }
+
+func formatAuthTokenOutput(token string, mode AuthMode, header bool) string {
+	if !header {
+		return token
+	}
+
+	if mode == AuthModeAccessToken {
+		return fmt.Sprintf("Authorization: token %s", token)
+	}
+
+	return fmt.Sprintf("Authorization: Bearer %s", token)
+}
diff --git a/cmd/src/auth_token_test.go b/cmd/src/auth_token_test.go
@@ -103,6 +103,53 @@ func TestResolveAuthToken(t *testing.T) {
 	})
 }
 
+func TestFormatAuthTokenOutput(t *testing.T) {
+	tests := []struct {
+		name   string
+		token  string
+		mode   AuthMode
+		header bool
+		want   string
+	}{
+		{
+			name:   "raw access token",
+			token:  "access-token",
+			mode:   AuthModeAccessToken,
+			header: false,
+			want:   "access-token",
+		},
+		{
+			name:   "raw oauth token",
+			token:  "oauth-token",
+			mode:   AuthModeOAuth,
+			header: false,
+			want:   "oauth-token",
+		},
+		{
+			name:   "authorization header for access token",
+			token:  "access-token",
+			mode:   AuthModeAccessToken,
+			header: true,
+			want:   "Authorization: token access-token",
+		},
+		{
+			name:   "authorization header for oauth token",
+			token:  "oauth-token",
+			mode:   AuthModeOAuth,
+			header: true,
+			want:   "Authorization: Bearer oauth-token",
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			if got := formatAuthTokenOutput(test.token, test.mode, test.header); got != test.want {
+				t.Fatalf("formatAuthTokenOutput(%q, %v, %v) = %q, want %q", test.token, test.mode, test.header, got, test.want)
+			}
+		})
+	}
+}
+
 func stubAuthTokenDependencies(t *testing.T) func() {
 	t.Helper()
 
