From fccbd18a042cf990b3dfa4102f91a48fe8205d1a Mon Sep 17 00:00:00 2001
From: Fredrik Oseberg <fredrik.no@gmail.com>
Date: Thu, 7 Dec 2023 14:53:07 +0100
Subject: [PATCH] feat: add test that verifies header precedence

---
 .../tests/client-feature-toggles-auth.e2e.test.ts        | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/lib/features/client-feature-toggles/tests/client-feature-toggles-auth.e2e.test.ts b/src/lib/features/client-feature-toggles/tests/client-feature-toggles-auth.e2e.test.ts
index 683c8b70fb..833d5022a0 100644
--- a/src/lib/features/client-feature-toggles/tests/client-feature-toggles-auth.e2e.test.ts
+++ b/src/lib/features/client-feature-toggles/tests/client-feature-toggles-auth.e2e.test.ts
@@ -57,3 +57,12 @@ test('should allow requests to /api/client/features with x-unleash-auth header',
         .expect('Content-Type', /json/)
         .expect(200);
 });
+
+test('should use x-unleash-auth if both headers are set', async () => {
+    await app.request
+        .get('/api/client/features')
+        .set('x-unleash-auth', clientToken.secret)
+        .set('authorization', 'gibberish')
+        .expect('Content-Type', /json/)
+        .expect(200);
+});