From 64fc8ffe3d3b99e4f104e0bcf00e7212593e99ca Mon Sep 17 00:00:00 2001 From: berlinger-rarents Date: Tue, 27 Sep 2016 11:41:16 +0200 Subject: [PATCH] prevent (prompt for) auth for bitbucket public downloads #5584 --- src/Composer/Util/RemoteFilesystem.php | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php index 22611f444..bfc063ecd 100644 --- a/src/Composer/Util/RemoteFilesystem.php +++ b/src/Composer/Util/RemoteFilesystem.php @@ -175,6 +175,27 @@ class RemoteFilesystem return $value; } + /** + * @link https://github.com/composer/composer/issues/5584 + * + * @param string $urlToBitBucketFile URL to a file at bitbucket.org. + * + * @return bool Whether the given URL is a public BitBucket download which requires no authentication. + */ + public static function urlIsPublicBitBucketDownload($urlToBitBucketFile) + { + $path = parse_url($urlToBitBucketFile, PHP_URL_PATH); + + // Path for a public download follows this pattern /{user}/{repo}/downloads/{whatever} + // {@link https://blog.bitbucket.org/2009/04/12/new-feature-downloads/} + $pathParts = explode('/', $path); + if (count($pathParts) >= 4 && $pathParts[2] != 'downloads') { + return true; + } + + return false; + } + /** * Get file content or copy action. * @@ -342,9 +363,9 @@ class RemoteFilesystem // check for bitbucket login page asking to authenticate if ($originUrl === 'bitbucket.org' + && !self::urlIsPublicBitBucketDownload($fileUrl) && substr($fileUrl, -4) === '.zip' && preg_match('{^text/html\b}i', $contentType) - && $statusCode != 302 ) { $result = false; if ($this->retryAuthFailure) {