RequestBuilder::basic_auth sets header to "authorization:Sensitive" with None password.

[SmolPatches]

I've been playing around with reqwest and I noticed that basic_auth wasn't working as I expected.
Here is some code below for spotify's oauth workflow.

    let basic_auth = BASE64_STANDARD.encode(format!("{}:{}", spot_id, spot_secret));
    let req = client
        .post("https://accounts.spotify.com/api/token")
        .form(&form) // send queries here
        //.header("Authorization", format!("Basic {}", basic_auth))
        .basic_auth(basic_auth, None::<&str>)
        .build()
        .unwrap();

The Spotify Endpoint here expects,
Authorization: Basic <base64 encoded client_id:client_secret>
I thought that by passing None for the password that I could get this to work, but after printing headers manually, I realized I was unexpectedly sending requests w/ authorization: sensitive.
Obv this was a trivial fix, instead of using bearer just add the header myself, but I wanted to know if anyone else found this behavior a little odd.
Do you think that it'd be beneficial to add some documentation to the method here to note this behavior?
Regardless thanks for the work you guys put into reqwest :)

[seanmonstar]

Note that it doesn't send the string value "sensitive", the header value is just marked as being sensitive and so won't print the actual contents in a Debug context.

[SmolPatches]

OH LOL, is there an configuration to have it printed despite this or am I expected to run a proxy or a middleware to retrieve the live value?

[seanmonstar]

You could use connection_verbose(true) to see the bytes written to the socket. (If you also turn on a logger to see the verbose logs.)