From 3d0d86e1253ecd30c8b1d9c730fd61225432a6a6 Mon Sep 17 00:00:00 2001
From: jo <ljonas@riseup.net>
Date: Sat, 8 Apr 2023 14:12:18 +0200
Subject: [PATCH] feat: add zabbix 6.4 header authentication

In Zabbix 6.4, the 'auth' parameter to method calls is deprecated.
Use the 'Authorization: Bearer' header instead.

Co-authored-by: Christian Ullrich <chris@chrullrich.net>
---
 pyzabbix/api.py   | 15 +++++++++++++--
 tests/api_test.py |  6 +++++-
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/pyzabbix/api.py b/pyzabbix/api.py
index e9ec2be..d3d2fe1 100644
--- a/pyzabbix/api.py
+++ b/pyzabbix/api.py
@@ -19,6 +19,7 @@
 logger.addHandler(logging.NullHandler())
 
 ZABBIX_5_4_0 = Version("5.4.0")
+ZABBIX_6_4_0 = Version("6.4.0")
 
 
 class ZabbixAPIException(Exception):
@@ -196,18 +197,28 @@ def do_request(
             "params": params or {},
             "id": self.id,
         }
+        headers = {}
 
         # We don't have to pass the auth token if asking for
         # the apiinfo.version or user.checkAuthentication
         anonymous_methods = {
             "apiinfo.version",
             "user.checkAuthentication",
+            "user.login",
         }
         if self.auth and method not in anonymous_methods:
-            payload["auth"] = self.auth
+            if self.version and self.version >= ZABBIX_6_4_0:
+                headers["Authorization"] = f"Bearer {self.auth}"
+            else:
+                payload["auth"] = self.auth
 
         logger.debug(f"Sending: {payload}")
-        resp = self.session.post(self.url, json=payload, timeout=self.timeout)
+        resp = self.session.post(
+            self.url,
+            json=payload,
+            headers=headers,
+            timeout=self.timeout,
+        )
         logger.debug(f"Response Code: {resp.status_code}")
 
         # NOTE: Getting a 412 response code means the headers are not in the
diff --git a/tests/api_test.py b/tests/api_test.py
index f0a9873..1effe85 100644
--- a/tests/api_test.py
+++ b/tests/api_test.py
@@ -268,7 +268,6 @@ def test_do_request(requests_mock, version):
         "jsonrpc": "2.0",
         "method": "host.get",
         "params": {},
-        "auth": "some_auth_key",
         "id": 0,
     }
     expect_headers = {
@@ -277,5 +276,10 @@ def test_do_request(requests_mock, version):
         "User-Agent": "python/pyzabbix",
     }
 
+    if zapi.version < Version("6.4.0"):
+        expect_json["auth"] = "some_auth_key"
+    else:
+        expect_headers["Authorization"] = "Bearer some_auth_key"
+
     assert found.json() == expect_json
     assert found.headers.items() >= expect_headers.items()