Merge pull request #5717 from berlinger-rarents/fix/5584_anon_redirect_bitbucket
prevent (prompt for) bitbucket auth when it redirectedpull/5779/head
Jordi Boggiano
GitHub
commit
183398fe5e
|
|
@ -246,7 +246,10 @@ class RemoteFilesystem
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($options['bitbucket-token'])) {
|
if (isset($options['bitbucket-token'])) {
|
||||||
$fileUrl .= (false === strpos($fileUrl, '?') ? '?' : '&') . 'access_token='.$options['bitbucket-token'];
|
// skip using the token for BitBucket downloads as these are not working with auth
|
||||||
|
if (!$this->isPublicBitBucketDownload($origFileUrl)) {
|
||||||
|
$fileUrl .= (false === strpos($fileUrl,'?') ? '?' : '&') . 'access_token=' . $options['bitbucket-token'];
|
||||||
|
}
|
||||||
unset($options['bitbucket-token']);
|
unset($options['bitbucket-token']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -342,6 +345,7 @@ class RemoteFilesystem
|
||||||
|
|
||||||
// check for bitbucket login page asking to authenticate
|
// check for bitbucket login page asking to authenticate
|
||||||
if ($originUrl === 'bitbucket.org'
|
if ($originUrl === 'bitbucket.org'
|
||||||
|
&& !$this->isPublicBitBucketDownload($fileUrl)
|
||||||
&& substr($fileUrl, -4) === '.zip'
|
&& substr($fileUrl, -4) === '.zip'
|
||||||
&& preg_match('{^text/html\b}i', $contentType)
|
&& preg_match('{^text/html\b}i', $contentType)
|
||||||
) {
|
) {
|
||||||
|
|
@ -982,4 +986,25 @@ class RemoteFilesystem
|
||||||
|
|
||||||
return parse_url($url, PHP_URL_HOST).':'.$port;
|
return parse_url($url, PHP_URL_HOST).':'.$port;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @link https://github.com/composer/composer/issues/5584
|
||||||
|
*
|
||||||
|
* @param string $urlToBitBucketFile URL to a file at bitbucket.org.
|
||||||
|
*
|
||||||
|
* @return bool Whether the given URL is a public BitBucket download which requires no authentication.
|
||||||
|
*/
|
||||||
|
private function isPublicBitBucketDownload($urlToBitBucketFile)
|
||||||
|
{
|
||||||
|
$path = parse_url($urlToBitBucketFile, PHP_URL_PATH);
|
||||||
|
|
||||||
|
// Path for a public download follows this pattern /{user}/{repo}/downloads/{whatever}
|
||||||
|
// {@link https://blog.bitbucket.org/2009/04/12/new-feature-downloads/}
|
||||||
|
$pathParts = explode('/', $path);
|
||||||
|
if (count($pathParts) >= 4 && $pathParts[2] != 'downloads') {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -191,6 +191,84 @@ class RemoteFilesystemTest extends \PHPUnit_Framework_TestCase
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provides URLs to public downloads at BitBucket.
|
||||||
|
*
|
||||||
|
* @return string[][]
|
||||||
|
*/
|
||||||
|
public function provideBitbucketPublicDownloadUrls()
|
||||||
|
{
|
||||||
|
return array(
|
||||||
|
array('https://bitbucket.org/seldaek/composer-live-test-repo/downloads/composer-unit-test-download-me.txt', '1234'),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests that a BitBucket public download is correctly retrieved.
|
||||||
|
*
|
||||||
|
* @param string $url
|
||||||
|
* @param string $contents
|
||||||
|
* @dataProvider provideBitbucketPublicDownloadUrls
|
||||||
|
*/
|
||||||
|
public function testBitBucketPublicDownload($url, $contents)
|
||||||
|
{
|
||||||
|
$io = $this
|
||||||
|
->getMockBuilder('Composer\IO\ConsoleIO')
|
||||||
|
->disableOriginalConstructor()
|
||||||
|
->getMock();
|
||||||
|
|
||||||
|
$rfs = new RemoteFilesystem($io);
|
||||||
|
$hostname = parse_url($url, PHP_URL_HOST);
|
||||||
|
|
||||||
|
$result = $rfs->getContents($hostname, $url, false);
|
||||||
|
|
||||||
|
$this->assertEquals($contents, $result);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests that a BitBucket public download is correctly retrieved when `bitbucket-oauth` is configured.
|
||||||
|
*
|
||||||
|
* @param string $url
|
||||||
|
* @param string $contents
|
||||||
|
* @dataProvider provideBitbucketPublicDownloadUrls
|
||||||
|
*/
|
||||||
|
public function testBitBucketPublicDownloadWithAuthConfigured($url, $contents)
|
||||||
|
{
|
||||||
|
$io = $this
|
||||||
|
->getMockBuilder('Composer\IO\ConsoleIO')
|
||||||
|
->disableOriginalConstructor()
|
||||||
|
->getMock();
|
||||||
|
|
||||||
|
$config = $this
|
||||||
|
->getMockBuilder('Composer\Config')
|
||||||
|
->getMock();
|
||||||
|
$config
|
||||||
|
->method('get')
|
||||||
|
->withAnyParameters()
|
||||||
|
->willReturn(array());
|
||||||
|
|
||||||
|
$io
|
||||||
|
->method('hasAuthentication')
|
||||||
|
->with('bitbucket.org')
|
||||||
|
->willReturn(true);
|
||||||
|
$io
|
||||||
|
->method('getAuthentication')
|
||||||
|
->with('bitbucket.org')
|
||||||
|
->willReturn(array(
|
||||||
|
'username' => 'x-token-auth',
|
||||||
|
// This token is fake, but it matches a valid token's pattern.
|
||||||
|
'password' => '1A0yeK5Po3ZEeiiRiMWLivS0jirLdoGuaSGq9NvESFx1Fsdn493wUDXC8rz_1iKVRTl1GINHEUCsDxGh5lZ='
|
||||||
|
));
|
||||||
|
|
||||||
|
|
||||||
|
$rfs = new RemoteFilesystem($io, $config);
|
||||||
|
$hostname = parse_url($url, PHP_URL_HOST);
|
||||||
|
|
||||||
|
$result = $rfs->getContents($hostname, $url, false);
|
||||||
|
|
||||||
|
$this->assertEquals($contents, $result);
|
||||||
|
}
|
||||||
|
|
||||||
protected function callGetOptionsForUrl($io, array $args = array(), array $options = array(), $fileUrl = '')
|
protected function callGetOptionsForUrl($io, array $args = array(), array $options = array(), $fileUrl = '')
|
||||||
{
|
{
|
||||||
$fs = new RemoteFilesystem($io, null, $options);
|
$fs = new RemoteFilesystem($io, null, $options);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue