Previously, `AuthHelper` consumed the authentication credentials for GitLab domains and added access tokens as GitLab-specific headers.
[Composer repositories now supported in GitLab](https://php.watch/articles/composer-gitlab-repositories) require standard Authorization headers with a personal access to function, which failed to work due to out GitLab-specific headers.
With this commit, AuthHelper checks if the password is an access token, and falls through to HTTP basic authentication even if the domain name is a GitLab domain name.
* master: (59 commits)
Update deps
Reuse repository manager and others directly from the Composer instance, refs #9057
Fix usage of create-project with local filesystem repos
Fix return value
Add support for multiple --repository additions in create-project, and make --add-repository delete the lock file, fixes#8853
Remove cygwin php handling in UAC elevation
Clean up a little to make impl less invasive and to handle replacers/providers
Supply event dispatcher in Create Project Command
Avoid attempting to use /etc/xdg as base config home, fixes#9053, refs #9045
Create an issue @ Docker repository on tag
Mark transaction classes internal, refs #8827
Prepare 1.10.9 release
Remove highest/lowest builds for 1.10 maintenance branch
Fix bitbucket detection of redirects to login page, fixes#9041
Fix doc comment
Fixed spelling mistake
Add Windows UAC elevation to self-update command
GitLab: clarify interactive auth prompt
Improve support for XDG and default to XDG config dir if both that and ~/.composer are available, fixes#9045Fix#9033 - inconsistent behavior with minor-only flag
...
* RemoteFilesystemTest: simplifying some mock expectations calls
- will($this->returnValue()) to willReturn()
- will($this->returnCallBack()) to willReturnCallback()
* RemoteFilesystemTest: extracting identical mocks for IOInterface into a separate getIOInterfaceMock() method
* RemoteFilesystemTest: converting protected helper methods to private.
* RemoteFilesystemTest: moving getConfigMock() private method after the public methods (with other private methods)
* adding RemoteFileSystemTest::testCopyWithRetryAuthFailureFalse() unit test.
* Allow optional injecting of AuthHelper into RemoteFilesystem constructor.
* adding RemoteFileSystemTest::testCopyWithSuccessOnRetry() unit test.
* using backward compatible @expectedException in RemoteFilesystemTest.php
* RemoteFilesystemTest: extracting RemoteFilesystem with mocked method creation into a separate method.
* RemoteFilesystemTest: extracting AuthHelper with mocked method creation into a separate method.
* Add AuthHelper::addAuthenticationHeader() test on missing authentication credentials.
* Add AuthHelper::addAuthenticationHeader() test on bearer password.
* Add AuthHelper::addAuthenticationHeader() test on Github token.
* Add AuthHelper::addAuthenticationHeader() test on Gitlab Oauth token.
* Add $authenticationDisplayMessage write expectation to AuthHelper::addAuthenticationHeader() tests.
* Add AuthHelper::addAuthenticationHeader() test on Gitlab private token.
* Add AuthHelper::addAuthenticationHeader() test on Bitbucket Oauth token.
* Add AuthHelper::addAuthenticationHeader() test on Bitbucket public urls.
* Add AuthHelper::addAuthenticationHeader() test on Basic Http Authentication.
* Add AuthHelper::isPublicBitBucketDownload() tests.
* Rename AuthHelperTest $credentials variable to $auth.
* Add AuthHelper::storeAuth() test for auto-store option.
* Add AuthHelper::storeAuth() test for user prompt and y(es) answer.
* Add AuthHelper::storeAuth() test for user prompt and n(o) answer.
* Add AuthHelper::storeAuth() test for user prompt with invalid answer.
* Add AuthHelper::promptAuthIfNeeded() test for Github authentication failure.
- add GitHub hard dependency mock (new GitHub(...) mock)
* Run AuthHelper::promptAuthIfNeeded() tests only with PHP > 5.3
* Run AuthHelper::promptAuthIfNeeded() tests only with PHP >= 5.4
* Run AuthHelper::promptAuthIfNeeded() tests only with PHP 5.4
* Exclude PHPStan analyses of '../tests/Composer/Test/Util/Mocks/*'
* Exclude AuthHelper::promptAuthIfNeeded() tests from current pull request.
* Extract repetitive AuthHelperTest authentication expectation into a method.
Nils Adermann