diff --git a/src/Composer/Factory.php b/src/Composer/Factory.php
index 989975fde..a7610242f 100644
--- a/src/Composer/Factory.php
+++ b/src/Composer/Factory.php
@@ -190,6 +190,20 @@ class Factory
         }
         $config->setAuthConfigSource(new JsonConfigSource($file, true));
 
+        // load COMPOSER_AUTH environment variable if set
+        if ($composerAuthEnv = getenv('COMPOSER_AUTH')) {
+            $authData = json_decode($composerAuthEnv, true);
+
+            if (is_null($authData)) {
+                throw new \UnexpectedValueException('COMPOSER_AUTH environment variable is malformed, should be a valid JSON object');
+            }
+
+            if ($io && $io->isDebug()) {
+                $io->writeError('Loading auth config from COMPOESR_AUTH');
+            }
+            $config->merge(array('config' => $authData));
+        }
+
         return $config;
     }
 
diff --git a/src/Composer/IO/BaseIO.php b/src/Composer/IO/BaseIO.php
index a2ed28874..ad7e32df4 100644
--- a/src/Composer/IO/BaseIO.php
+++ b/src/Composer/IO/BaseIO.php
@@ -64,46 +64,21 @@ abstract class BaseIO implements IOInterface
         $gitlabOauth = $config->get('gitlab-oauth') ?: array();
         $httpBasic = $config->get('http-basic') ?: array();
 
-        // Use COMPOSER_AUTH environment variable if set
-        if ($composerAuthEnv = getenv('COMPOSER_AUTH')) {
-            $authData = json_decode($composerAuthEnv, true);
-
-            if (is_null($authData)) {
-                throw new \UnexpectedValueException('COMPOSER_AUTH environment variable is malformed');
-            }
-
-            if (isset($authData['github-oauth'])) {
-                $githubOauth = array_merge($githubOauth, $authData['github-oauth']);
-            }
-            if (isset($authData['gitlab-oauth'])) {
-                $gitlabOauth = array_merge($gitlabOauth, $authData['gitlab-oauth']);
-            }
-            if (isset($authData['http-basic'])) {
-                $httpBasic = array_merge($httpBasic, $authData['http-basic']);
-            }
-        }
-
         // reload oauth token from config if available
-        if ($githubOauth) {
-            foreach ($githubOauth as $domain => $token) {
-                if (!preg_match('{^[a-z0-9]+$}', $token)) {
-                    throw new \UnexpectedValueException('Your github oauth token for '.$domain.' contains invalid characters: "'.$token.'"');
-                }
-                $this->setAuthentication($domain, $token, 'x-oauth-basic');
+        foreach ($githubOauth as $domain => $token) {
+            if (!preg_match('{^[a-z0-9]+$}', $token)) {
+                throw new \UnexpectedValueException('Your github oauth token for '.$domain.' contains invalid characters: "'.$token.'"');
             }
+            $this->setAuthentication($domain, $token, 'x-oauth-basic');
         }
 
-        if ($gitlabOauth) {
-            foreach ($gitlabOauth as $domain => $token) {
-                $this->setAuthentication($domain, $token, 'oauth2');
-            }
+        foreach ($gitlabOauth as $domain => $token) {
+            $this->setAuthentication($domain, $token, 'oauth2');
         }
 
         // reload http basic credentials from config if available
-        if ($httpBasic) {
-            foreach ($httpBasic as $domain => $cred) {
-                $this->setAuthentication($domain, $cred['username'], $cred['password']);
-            }
+        foreach ($httpBasic as $domain => $cred) {
+            $this->setAuthentication($domain, $cred['username'], $cred['password']);
         }
 
         // setup process timeout