When authorization header exists, do not introduce token (required for proxying)

Change-Id: I3bdeee6ebdc2d02021921cdd827be12442bda1b7
diff --git a/lib/Kalamar/Plugin/Auth.pm b/lib/Kalamar/Plugin/Auth.pm
index 8f770a7..fc2cd8b 100644
--- a/lib/Kalamar/Plugin/Auth.pm
+++ b/lib/Kalamar/Plugin/Auth.pm
@@ -80,34 +80,50 @@
   $app->hook(
     before_korap_request => sub {
       my ($c, $tx) = @_;
-      my $auth_token = $c->auth->token or return;
       my $h = $tx->req->headers;
-      $h->header('Authorization' => $auth_token);
+
+      # If the request already has an Authorization
+      # header, respect it
+      unless ($h->authorization) {
+        my $auth_token = $c->auth->token or return;
+        $h->authorization($auth_token);
+
+      }
 
       # TODO:
       #   When a request fails because the access token timed out,
       #   rerequest with the refresh token.
+
+      # TODO:
+      #   Check if the auth_token is timed out
+
     }
   );
 
 
-  # Get the user token necessary for authorization
+  # Get or set the user token necessary for authorization
   $app->helper(
     'auth.token' => sub {
-      my $c = shift;
+      my ($c, $token) = @_;
 
-      # Get token from stash
-      my $token = $c->stash('auth');
+      unless ($token) {
+        # Get token from stash
+        $token = $c->stash('auth');
 
-      return $token if $token;
+        return $token if $token;
 
-      # Get auth from session
-      my $auth = $c->session('auth') or return;
+        # Get auth from session
+        $token = $c->session('auth') or return;
 
-      # Set token to stash
-      $c->stash(auth => $auth);
+        # Set token to stash
+        $c->stash(auth => $token);
 
-      return $auth;
+        return $token;
+      };
+
+      # Set auth token
+      $c->stash('auth' => $token);
+      $c->session('auth' => $token);
     }
   );
 
diff --git a/lib/Kalamar/Plugin/KalamarUser.pm b/lib/Kalamar/Plugin/KalamarUser.pm
index 60fadfe..9915e45 100644
--- a/lib/Kalamar/Plugin/KalamarUser.pm
+++ b/lib/Kalamar/Plugin/KalamarUser.pm
@@ -86,7 +86,6 @@
         'X-Forwarded-For' => $c->client_ip
       );
 
-
       # Emit Hook to alter request
       $c->app->plugins->emit_hook(
         before_korap_request => ($c, $tx)
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index d67837f..bd1dee8 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t
@@ -257,12 +257,38 @@
   ;
 
 
+# Test before_korap_request_hook
+my $app = $t->app;
+my $c = $app->build_controller;
+my $tx = $app->build_tx('GET', 'https://korap.ids-mannheim.de/');
+
+# Emit Hook to alter request
+$app->plugins->emit_hook(
+  before_korap_request => ($c, $tx)
+);
+
+ok(!$tx->req->headers->authorization, 'No authorization');
+
+# Set token
+$c->auth->token('abcd');
+
+# Emit Hook to alter request
+$app->plugins->emit_hook(
+  before_korap_request => ($c, $tx)
+);
+
+is($tx->req->headers->authorization, 'abcd', 'authorization');
+
+# Override authorization in header
+$tx->req->headers->authorization('xyz');
+
+# Emit Hook to alter request
+$app->plugins->emit_hook(
+  before_korap_request => ($c, $tx)
+);
+
+is($tx->req->headers->authorization, 'xyz', 'authorization');
+
 done_testing;
 __END__
 
-
-
-# Login mit falschem Nutzernamen:
-# 400 und:
-{"errors":[[2022,"LDAP Authentication failed due to unknown user or password!"]]}
-