Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for bearer auth in .netrc #267

Merged
merged 4 commits into from
Aug 12, 2022
Merged

Support for bearer auth in .netrc #267

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
66ea980
Add support for bearer auth in .netrc
porglezomp Aug 4, 2022
eac4259
Add CLI tests for --auth-type=bearer + .netrc
porglezomp Aug 6, 2022
702b0cf
Move a docs paragraph around
porglezomp Aug 12, 2022
55b1f1e
Remove Auth::supports_netrc since it's always true
porglezomp Aug 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/auth.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,9 @@ impl Auth {

pub fn from_netrc(auth_type: AuthType, entry: netrc::Entry) -> Option<Auth> {
match auth_type {
AuthType::basic => Some(Auth::Basic(entry.login, Some(entry.password))),
AuthType::bearer => None,
AuthType::digest => Some(Auth::Digest(entry.login, entry.password)),
AuthType::basic => Some(Auth::Basic(entry.login?, Some(entry.password))),
AuthType::bearer => Some(Auth::Bearer(entry.password)),
AuthType::digest => Some(Auth::Digest(entry.login?, entry.password)),
}
}

Expand All @@ -49,7 +49,7 @@ impl Auth {
pub fn supports_netrc(auth_type: AuthType) -> bool {
match auth_type {
AuthType::basic => true,
AuthType::bearer => false,
AuthType::bearer => true,
porglezomp marked this conversation as resolved.
Show resolved Hide resolved
AuthType::digest => true,
}
}
Expand Down
27 changes: 22 additions & 5 deletions src/netrc.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@
//!
//! - The default entry doesn't have to be at the end of the file.
//!
//! This implementation additionally handles entries with just a password and no login,
//! to support using .netrc for bearer auth.
porglezomp marked this conversation as resolved.
Show resolved Hide resolved
//!
//! HTTPie uses the implementation from Python's standard library
//! (with a wrapper from requests).
//!
Expand All @@ -35,7 +38,7 @@ use crate::utils::get_home_dir;

#[derive(Debug, PartialEq, Eq)]
pub struct Entry {
pub login: String,
pub login: Option<String>,
pub password: String,
}

Expand Down Expand Up @@ -217,7 +220,7 @@ impl<'a, R: BufRead> Parser<'a, R> {
let state = self.state;
self.state = EntryState::Wrong;

if let (Some(login), Some(password)) = (login.or(account), password) {
if let (login, Some(password)) = (login.or(account), password) {
let entry = Entry { login, password };
match state {
EntryState::Wrong => unreachable!("netrc: Should not have been storing info"),
Expand Down Expand Up @@ -317,9 +320,16 @@ mod tests {
machine example.com password pass
default login user
";
notfound(MISSING_USER, COM);
found(MISSING_USER, COM, None, "pass");
notfound(MISSING_USER, ORG);

const DEFAULT_PASSWORD_MISSING_USER: &str = "
machine example.com password pass
default password def
";
found(DEFAULT_PASSWORD_MISSING_USER, COM, None, "pass");
found(DEFAULT_PASSWORD_MISSING_USER, ORG, None, "def");

const DEFAULT_LAST: &str = "
machine example.com login ex password am
default login def password ault
Expand Down Expand Up @@ -438,13 +448,20 @@ mod tests {
notfound(STRANGE_CHARACTERS, COM);
}

fn found(netrc: &str, host: url::Host<&str>, login: &str, password: &str) {
#[track_caller]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't know about that attribute, this is great

fn found(
netrc: &str,
host: url::Host<&str>,
login: impl Into<Option<&'static str>>,
password: &str,
) {
let entry = Parser::new(netrc.as_bytes(), host).parse().unwrap();
let entry = entry.expect("Didn't find entry");
assert_eq!(entry.login, login);
assert_eq!(entry.login.as_deref(), login.into());
assert_eq!(entry.password, password);
}

#[track_caller]
fn notfound(netrc: &str, host: url::Host<&str>) {
let entry = Parser::new(netrc.as_bytes(), host).parse().unwrap();
assert!(entry.is_none(), "Found entry");
Expand Down
39 changes: 39 additions & 0 deletions tests/cli.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -836,6 +836,45 @@ fn netrc_env_user_password_auth() {
.success();
}

#[test]
fn netrc_env_no_bearer_auth_unless_specified() {
// Test that we don't pass an authorization header if the .netrc contains no username,
// and the --auth-type=bearer flag isn't explicitly specified.
let server = server::http(|req| async move {
assert!(req.headers().get("Authorization").is_none());
hyper::Response::default()
});

let mut netrc = NamedTempFile::new().unwrap();
writeln!(netrc, "machine {}\npassword pass", server.host()).unwrap();

get_command()
.env("NETRC", netrc.path())
.arg(server.base_url())
.assert()
.success();
}

#[test]
fn netrc_env_auth_type_bearer() {
// If we're using --auth-type=bearer, test that it's properly sent with a .netrc that
// contains only a password and no username.
let server = server::http(|req| async move {
assert_eq!(req.headers()["Authorization"], "Bearer pass");
hyper::Response::default()
});

let mut netrc = NamedTempFile::new().unwrap();
writeln!(netrc, "machine {}\npassword pass", server.host()).unwrap();

get_command()
.env("NETRC", netrc.path())
.arg(server.base_url())
.arg("--auth-type=bearer")
.assert()
.success();
}

#[test]
fn netrc_file_user_password_auth() {
for netrc_file in &[".netrc", "_netrc"] {
Expand Down