1
0
Fork 0

Merge branch '2.2' into main

pull/10757/head
Jordi Boggiano 2022-04-29 12:15:20 +02:00
commit 928e19e637
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
3 changed files with 51 additions and 1 deletions

View File

@ -137,6 +137,7 @@ class AuthHelper
$message = "\n".'Could not fetch '.$url.', enter your ' . $origin . ' credentials ' .($statusCode === 401 ? 'to access private repos' : 'to go over the API rate limit');
$gitLabUtil = new GitLab($this->io, $this->config, null);
$auth = null;
if ($this->io->hasAuthentication($origin)) {
$auth = $this->io->getAuthentication($origin);
if (in_array($auth['password'], array('gitlab-ci-token', 'private-token', 'oauth2'), true)) {
@ -149,6 +150,12 @@ class AuthHelper
) {
throw new TransportException('Could not authenticate against '.$origin, 401);
}
if ($auth !== null && $this->io->hasAuthentication($origin)) {
if ($auth === $this->io->getAuthentication($origin)) {
throw new TransportException("Invalid credentials for '" . $url . "', aborting.", $statusCode);
}
}
} elseif ($origin === 'bitbucket.org' || $origin === 'api.bitbucket.org') {
$askForOAuthToken = true;
$origin = 'bitbucket.org';

View File

@ -92,7 +92,14 @@ class GitLab
if (isset($token)) {
$username = is_array($token) ? $token["username"] : $token;
$password = is_array($token) ? $token["token"] : 'private-token';
$this->io->setAuthentication($originUrl, $username, $password);
// Composer expects the GitLab token to be stored as username and 'private-token' or 'gitlab-ci-token' to be stored as password
// Detect cases where this is reversed and resolve automatically resolve it
if (in_array($username, array('private-token', 'gitlab-ci-token', 'oauth2'), true)) {
$this->io->setAuthentication($originUrl, $password, $username);
} else {
$this->io->setAuthentication($originUrl, $username, $password);
}
return true;
}

View File

@ -12,6 +12,7 @@
namespace Composer\Test\Util;
use Composer\Downloader\TransportException;
use Composer\IO\IOInterface;
use Composer\Test\TestCase;
use Composer\Util\AuthHelper;
@ -511,6 +512,41 @@ class AuthHelperTest extends TestCase
$this->authHelper->storeAuth($origin, $storeAuth);
}
public function testPromptAuthIfNeededGitLabNoAuthChange(): void
{
self::expectException('Composer\Downloader\TransportException');
$origin = 'gitlab.com';
$this->io
->method('hasAuthentication')
->with($origin)
->willReturn(true);
$this->io
->method('getAuthentication')
->with($origin)
->willReturn(array(
'username' => 'gitlab-user',
'password' => 'gitlab-password',
));
$this->io
->expects($this->once())
->method('setAuthentication')
->with('gitlab.com', 'gitlab-user', 'gitlab-password');
$this->config
->method('get')
->willReturnMap(array(
array('github-domains', 0, array()),
array('gitlab-domains', 0, array('gitlab.com')),
array('gitlab-token', 0, array('gitlab.com' => array('username' => 'gitlab-user', 'token' => 'gitlab-password'))),
));
$this->authHelper->promptAuthIfNeeded('https://gitlab.com/acme/archive.zip', $origin, 404, 'GitLab requires authentication and it was not provided');
}
/**
* @param string $origin
* @param array<string, string|null> $auth