From 9c5ba29b3bc9eea18a092280e587a61685902566 Mon Sep 17 00:00:00 2001
From: Karl Hepworth <karl@previousnext.com.au>
Date: Wed, 20 Sep 2023 09:47:27 +1000
Subject: [PATCH] Add support for authorization header (#2)

---
 src/commands/scan.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/commands/scan.yml b/src/commands/scan.yml
index dfddf05..4484e4e 100644
--- a/src/commands/scan.yml
+++ b/src/commands/scan.yml
@@ -2,6 +2,11 @@ description: >
   Scan with OWASP Zap and report results to Slack
 
 parameters:
+  auth_header:
+    default: ""
+    type: string
+    description: "Data content for the Authorization header"
+
   endpoint:
     type: string
     description: "The endpoint which will be scanned by OWASP Zap"
@@ -40,9 +45,11 @@ steps:
                  --network=host \
                  -v $(pwd)/zap/home:/home/zap/:rw \
                  -v $(pwd)/zap/wrk:/zap/wrk/:rw \
+                 <<#parameters.auth_header>>-e ZAP_AUTH_HEADER_VALUE=<<parameters.auth_header>><</parameters.auth_header>> \
                  << parameters.owasp-zap-image >> \
                  << parameters.script >> \
                  -t "<< parameters.endpoint >>" \
+                 -I \
                  -J report.json \
                  -r report.html