fix: getAuthMode returns 'none' for AWS, Basic Auth, NTLM

[prateek-bruno]

Description

Jira

getAuthMode wasn't working correctly for these types:

• AWS
• Basic Auth
• NTLM

This PR along with fixing the getAuthMode for them, adds proper E2E test for all types of auth mode, so getAuthMode works correctly for all.

Contribution Checklist:

• I've used AI significantly to create this pull request
• The pull request only addresses one issue or adds one feature.
• The pull request does not introduce any breaking changes
• I have added screenshots or gifs to help explain the change if applicable.
• I have read the contribution guidelines.
• Create an issue and link to the pull request.

Summary by CodeRabbit

• New Features

  • Enhanced automatic detection of authentication modes for all supported authentication types (API Key, OAuth2, NTLM, AWS SigV4, Digest, Basic, Bearer, OAuth1, WSSE)

• Tests

  • Comprehensive test coverage for authentication mode detection with new test fixtures and collection runner validation

[coderabbitai]

Walkthrough

This refactoring decouples authentication configuration retention from transport cleanup by moving auth object deletion from immediate post-usage cleanup to a dedicated axios request interceptor. Auth config properties are now preserved on the request object for script access, then stripped before transport.

Changes

Cohort / File(s)	Summary
Axios Request Interceptor Stripping packages/bruno-cli/src/utils/axios-instance.js, packages/bruno-electron/src/ipc/network/axios-instance.js	Added helper function to strip auth config properties from axios config in request interceptor, ensuring configs remain available at runtime but are removed before adapter execution.
Request Object Cleanup Removal packages/bruno-cli/src/runner/run-single-request.js, packages/bruno-electron/src/ipc/network/index.js, packages/bruno-requests/src/auth/oauth1-request-authorization.ts	Removed explicit deletion of ntlmConfig, awsv4config, oauth1config, and related auth properties after setup, allowing them to persist on the request object.
Auth Mode Detection Updates packages/bruno-js/src/bruno-request.js	Updated getAuthMode() to detect authentication using retained config properties (basicAuth, ntlmConfig, awsv4config) instead of deleted fields.
Auth Mode Test Suite tests/auth/auth-mode/auth-mode-runner.spec.ts, packages/bruno-cli/tests/utils/axios-instance.spec.js, packages/bruno-electron/tests/network/axios-instance.spec.js	Added comprehensive test coverage for auth config stripping behavior and auth mode detection across multiple authentication types (Basic, Bearer, OAuth1/2, NTLM, AWS SigV4, Digest, WSSE, API Key).
Auth Mode Test Fixtures tests/auth/auth-mode/fixtures/collections/auth-mode-test/*	Added 15 BRU fixture files covering all authentication modes with pre-request and test assertions validating req.getAuthMode() detection.
Auth Mode Test Configuration tests/auth/auth-mode/fixtures/collections/auth-mode-test/bruno.json, tests/auth/auth-mode/init-user-data/preferences.json	Added collection metadata and test initialization configuration for auth-mode test suite.
Test Cleanup tests/auth/apikey/apikey-runner.spec.ts	Removed legacy API key auth mode runner test file.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• fix: allow user to delete default bruno headers in pre-request #7331: Modifies Axios request interceptor stripping to handle header deletion before adapter execution, paralleling the auth config stripping approach.
• feat: js api supports get path params (#5235) #6762: Removes request property cleanup (pathParams) in the same network index.js file, following the same pattern of delegating cleanup to interceptors.
• feat: add new parameter "apiKeyHeaderName" for "apikey" mode #7762: Modifies auth state preservation and detection flow by retaining auth config fields and updating BrunoRequest.getAuthMode() logic.

Suggested labels

size/XXL

Suggested reviewers

• helloanoop
• lohit-bruno
• naman-bruno
• bijin-bruno

Poem

🔐 Auth configs now gracefully dance,
No longer deleted on first glance—
Preserved for scripts, then stripped with care,
Before the transport takes the dare.
Request and interceptor unite their force,
A cleaner flow, a better course! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title accurately summarizes the main fix: getAuthMode was returning 'none' for AWS, Basic Auth, and NTLM authentication types, and this PR corrects that behavior.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

tests/auth/auth-mode/auth-mode-runner.spec.ts (1)

28-37: ⚡ Quick win

Consider test.step for clearer Playwright reporting.

This test flow is already clean; wrapping setup/run/assert into test.step blocks would make failures easier to localize in reports.

Suggested refactor

   for (const mode of ['safe', 'developer'] as const) {
     test(`detects auth modes in ${mode} mode`, async ({ pageWithUserData: page }) => {
-      await setSandboxMode(page, COLLECTION_NAME, mode);
-      await runCollection(page, COLLECTION_NAME);
-
-      await validateRunnerResults(page, {
-        totalRequests: EXPECTED_REQUESTS.length,
-        passed: EXPECTED_REQUESTS.length,
-        failed: 0,
-        skipped: 0
-      });
+      await test.step('configure sandbox mode', async () => {
+        await setSandboxMode(page, COLLECTION_NAME, mode);
+      });
+
+      await test.step('run auth-mode collection', async () => {
+        await runCollection(page, COLLECTION_NAME);
+      });
+
+      await test.step('validate runner results', async () => {
+        await validateRunnerResults(page, {
+          totalRequests: EXPECTED_REQUESTS.length,
+          passed: EXPECTED_REQUESTS.length,
+          failed: 0,
+          skipped: 0
+        });
+      });
     });
   }

As per coding guidelines: "Promote the use of test.step as much as possible so the generated reports are easier to read."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/auth/auth-mode/auth-mode-runner.spec.ts` around lines 28 - 37, Wrap the
three logical phases of the test `test('detects auth modes in ${mode} mode'...)`
into Playwright `test.step` calls to improve reporting: create steps around the
setup (call to setSandboxMode with COLLECTION_NAME), the execution (call to
runCollection with page and COLLECTION_NAME), and the assertions (call to
validateRunnerResults with EXPECTED_REQUESTS.length and the result shape).
Update the test body to call these functions inside descriptive `test.step`
blocks so failures are reported per step while keeping existing calls to
setSandboxMode, runCollection, and validateRunnerResults intact.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@tests/auth/auth-mode/auth-mode-runner.spec.ts`:
- Around line 28-37: Wrap the three logical phases of the test `test('detects
auth modes in ${mode} mode'...)` into Playwright `test.step` calls to improve
reporting: create steps around the setup (call to setSandboxMode with
COLLECTION_NAME), the execution (call to runCollection with page and
COLLECTION_NAME), and the assertions (call to validateRunnerResults with
EXPECTED_REQUESTS.length and the result shape). Update the test body to call
these functions inside descriptive `test.step` blocks so failures are reported
per step while keeping existing calls to setSandboxMode, runCollection, and
validateRunnerResults intact.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ac8409ae-47f0-4eed-bf92-77e40ed47d93

📥 Commits

Reviewing files that changed from the base of the PR and between 13a9f9b and 6cc743c.

📒 Files selected for processing (30)

• packages/bruno-cli/src/runner/run-single-request.js
• packages/bruno-cli/src/utils/axios-instance.js
• packages/bruno-cli/tests/utils/axios-instance.spec.js
• packages/bruno-electron/src/ipc/network/axios-instance.js
• packages/bruno-electron/src/ipc/network/index.js
• packages/bruno-electron/tests/network/axios-instance.spec.js
• packages/bruno-js/src/bruno-request.js
• packages/bruno-js/tests/bruno-request-auth-mode.spec.js
• packages/bruno-requests/src/auth/oauth1-request-authorization.ts
• tests/auth/apikey/apikey-runner.spec.ts
• tests/auth/auth-mode/auth-mode-runner.spec.ts
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/api-key-header.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/api-key-query.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/aws-sigv4.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/basic-auth.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/bearer.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/bruno.json
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/digest.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-aws-sigv4/folder.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-aws-sigv4/inherited-aws-sigv4.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-basic-auth/folder.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-basic-auth/inherited-basic-auth.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-ntlm/folder.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/inherit-ntlm/inherited-ntlm.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/no-auth.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/ntlm.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/oauth1.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/oauth2.bru
• tests/auth/auth-mode/fixtures/collections/auth-mode-test/wsse.bru
• tests/auth/auth-mode/init-user-data/preferences.json

💤 Files with no reviewable changes (4)

• packages/bruno-requests/src/auth/oauth1-request-authorization.ts
• packages/bruno-cli/src/runner/run-single-request.js
• tests/auth/apikey/apikey-runner.spec.ts
• packages/bruno-electron/src/ipc/network/index.js