Respond with 401 in case of missing Authorization header

Author: notxcain

zio-http/jvm/src/test/scala/zio/http/endpoint/UnauthorizedSpec.scala

@@ -0,0 +1,24 @@
+package zio.http.endpoint
+
+import zio.ZIO
+import zio.test._
+
+import zio.http._
+import zio.http.codec._
+
+object UnauthorizedSpec extends ZIOSpecDefault {
+  override def spec =
+    suite("UnauthorizedSpec")(
+      test("should 401 Unauthorized when required authorization header is missing") {
+        val endpoint = Endpoint(Method.GET / "test")
+          .header(HeaderCodec.authorization)
+          .out[Unit]
+        val route    = endpoint.implement(_ => ZIO.unit)
+        val request  =
+          Request(method = Method.GET, url = url"/test")
+        for {
+          response <- route.toRoutes.runZIO(request)
+        } yield assertTrue(Status.Unauthorized == response.status)
+      },
+    )
+}

zio-http/shared/src/main/scala/zio/http/codec/HttpCodecError.scala

@@ -33,6 +33,9 @@ object HttpCodecError {
   final case class MissingHeader(headerName: String)                                           extends HttpCodecError {
     def message = s"Missing header $headerName"
   }
+  final case object MissingAuthorizationHeader                                                 extends HttpCodecError {
+    def message = "Missing header Authorization"
+  }
   final case class MalformedMethod(expected: zio.http.Method, actual: zio.http.Method)         extends HttpCodecError {
     def message = s"Expected $expected but found $actual"
   }

zio-http/shared/src/main/scala/zio/http/codec/internal/EncoderDecoder.scala

@@ -384,7 +384,10 @@ private[codec] object EncoderDecoder {
                 .getOrElse(throw HttpCodecError.MalformedHeader(codec.name, codec.textCodec))
 
             case None =>
-              throw HttpCodecError.MissingHeader(codec.name)
+              if (codec.name == Header.Authorization.name)
+                throw HttpCodecError.MissingAuthorizationHeader
+              else
+                throw HttpCodecError.MissingHeader(codec.name)
           },
       )
 

zio-http/shared/src/main/scala/zio/http/endpoint/Endpoint.scala

@@ -27,7 +27,7 @@ import zio.schema.Schema
 
 import zio.http.Header.Accept.MediaTypeWithQFactor
 import zio.http._
-import zio.http.codec._
+import zio.http.codec.{StatusCodec, _}
 import zio.http.endpoint.Endpoint.{OutErrors, defaultMediaTypes}
 
 /**
@@ -340,9 +340,10 @@ final case class Endpoint[PathInput, Input, Err, Output, Auth <: AuthType](
               case Some(HttpCodecError.CustomError("SchemaTransformationFailure", message))
                   if maybeUnauthedResponse.isDefined && message.endsWith(" auth required") =>
                 maybeUnauthedResponse.get
-              case Some(_) =>
+              case Some(HttpCodecError.MissingAuthorizationHeader) =>
+                Handler.succeed(Response.unauthorized)
+              case Some(error)                                     =>
                 Handler.fromFunctionZIO { (request: zio.http.Request) =>
-                  val error    = cause.defects.head.asInstanceOf[HttpCodecError]
                   val response = {
                     val outputMediaTypes =
                       (
@@ -355,7 +356,7 @@ final case class Endpoint[PathInput, Input, Err, Output, Auth <: AuthType](
                   }
                   ZIO.succeed(response)
                 }
-              case None    =>
+              case None                                            =>
                 Handler.failCause(cause)
             }
           }