public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Pass GitLab credential by HTTP header instead of query string to improve security

pull/3765/head
Jérôme Tamarelle 2015-02-17 18:26:42 +01:00
parent 48fc2eafa0
commit 802b57417a
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/Composer/Util/RemoteFilesystem.php
View File

@ -154,11 +154,6 @@ class RemoteFilesystem
unset($options['github-token']); unset($options['github-token']);
} }
if (isset($options['gitlab-token'])) {
$fileUrl .= (false === strpos($fileUrl, '?') ? '?' : '&') . 'private_token='.$options['gitlab-token'];
unset($options['gitlab-token']);
}
if (isset($options['http'])) { if (isset($options['http'])) {
$options['http']['ignore_errors'] = true; $options['http']['ignore_errors'] = true;
} }
@ -356,6 +351,14 @@ class RemoteFilesystem
) { ) {
throw new TransportException('Could not authenticate against '.$this->originUrl, 401); throw new TransportException('Could not authenticate against '.$this->originUrl, 401);
} }
// } else if ($this->config && in_array($this->originUrl, $this->config->get('gitlab-domains'), true)) {
// $message = "\n".'Could not fetch '.$this->fileUrl.', enter your GitLab private tolen to access private repos';
// $gitHubUtil = new GitHub($this->io, $this->config, null, $this);
// if (!$gitHubUtil->authorizeOAuth($this->originUrl)
// && (!$this->io->isInteractive() || !$gitHubUtil->authorizeOAuthInteractively($this->originUrl, $message))
// ) {
// throw new TransportException('Could not authenticate against '.$this->originUrl, 401);
// }
} else { } else {
// 404s are only handled for github // 404s are only handled for github
if ($httpStatus === 404) { if ($httpStatus === 404) {
@ -418,7 +421,7 @@ class RemoteFilesystem
if ('github.com' === $originUrl && 'x-oauth-basic' === $auth['password']) { if ('github.com' === $originUrl && 'x-oauth-basic' === $auth['password']) {
$options['github-token'] = $auth['username']; $options['github-token'] = $auth['username'];
} elseif ($auth['password'] === 'gitlab-private-token') { } elseif ($auth['password'] === 'gitlab-private-token') {
$options['gitlab-token'] = $auth['username']; $headers[] = 'Private-Token: '.$auth['username'];
}else { }else {
$authStr = base64_encode($auth['username'] . ':' . $auth['password']); $authStr = base64_encode($auth['username'] . ':' . $auth['password']);
$headers[] = 'Authorization: Basic '.$authStr; $headers[] = 'Authorization: Basic '.$authStr;