feat(storage-api-client): add Bearer token authentication support

devin-ai-integration[bot] · tomasfejfar · tomasfejfar · commit 8d72a77add0f · 2026-01-06T11:21:05.000+01:00
Add optional 'authType' config option to support OAuth Bearer token
authentication alongside the existing X-StorageApi-Token header.

- Add 'authType' config option: 'storage-token' (default) or 'bearer'
- When authType is 'bearer', send Authorization: Bearer header
- When authType is 'storage-token' (default), send X-StorageApi-Token header
- Fully backwards compatible - existing behavior unchanged

Co-Authored-By: Tomáš Fejfar &lt;tomas.fejfar@keboola.com&gt;
diff --git a/src/Keboola/StorageApi/Client.php b/src/Keboola/StorageApi/Client.php
@@ -72,6 +72,9 @@ class Client
     // Token string
     public $token;
 
+    // Authentication type: 'storage-token' (default) or 'bearer'
+    private string $authType = 'storage-token';
+
     // current run id sent with all request
     private $runId = null;
 
@@ -136,7 +139,7 @@ class Client
      *     ]);
      *
      * @param array $config Client configuration settings
-     *     - token: (required) Storage API token
+     *     - token: (required) Storage API token or OAuth access token (without "Bearer " prefix)
      *     - url: (required) Storage API URL
      *     - userAgent: custom user agent
      *     - backoffMaxTries: backoff maximum number of attempts
@@ -145,6 +148,7 @@ class Client
      *     - logger: instance of Psr\Log\LoggerInterface
      *     - jobPollRetryDelay: callable method which determines wait period for job polling
      *     - handler: custom Guzzle handler, allows mocking responses in tests
+     *     - authType: authentication type, either 'storage-token' (default) or 'bearer'
      */
     public function __construct(array $config = [])
     {
@@ -163,6 +167,13 @@ public function __construct(array $config = [])
         }
         $this->token = $config['token'];
 
+        if (isset($config['authType'])) {
+            if (!in_array($config['authType'], ['storage-token', 'bearer'], true)) {
+                throw new \InvalidArgumentException('authType must be either "storage-token" or "bearer"');
+            }
+            $this->authType = $config['authType'];
+        }
+
         if (isset($config['backoffMaxTries'])) {
             $this->backoffMaxTries = (int) $config['backoffMaxTries'];
         }
@@ -2878,10 +2889,14 @@ protected function request($method, $url, $options = [], $responseFileName = nul
         }
 
         $defaultHeaders = [
-            'X-StorageApi-Token' => $this->token,
             'Accept-Encoding' => 'gzip',
             'User-Agent' => $this->getUserAgent(),
         ];
+        if ($this->authType === 'bearer') {
+            $defaultHeaders['Authorization'] = 'Bearer ' . $this->token;
+        } else {
+            $defaultHeaders['X-StorageApi-Token'] = $this->token;
+        }
         if (isset($options['headers'])) {
             $requestOptions['headers'] = array_merge($options['headers'], $defaultHeaders);
         } else {
