diff options
| author | James Wen <jrw2175@columbia.edu> | 2016-04-02 23:42:45 -0400 |
|---|---|---|
| committer | James Wen <jrw2175@columbia.edu> | 2016-04-03 23:48:12 -0400 |
| commit | a1ec005000359d8bb2638230e6231bf72a48d784 (patch) | |
| tree | 33898492bc6a4fde09cdfa8d630413032930930e | |
| parent | 3a09448d8b060f2688dbc73bfa1eb08e1bd126f3 (diff) | |
| download | bundler-a1ec005000359d8bb2638230e6231bf72a48d784.tar.gz | |
Create URICredentialsFilter module for filtering out authentication
credentials from uris
| -rw-r--r-- | lib/bundler.rb | 1 | ||||
| -rw-r--r-- | lib/bundler/uri_credentials_filter.rb | 27 | ||||
| -rw-r--r-- | spec/bundler/uri_credentials_filter_spec.rb | 106 |
3 files changed, 134 insertions, 0 deletions
diff --git a/lib/bundler.rb b/lib/bundler.rb index 8288f839e1..ace1e7f3c4 100644 --- a/lib/bundler.rb +++ b/lib/bundler.rb @@ -52,6 +52,7 @@ module Bundler autoload :SourceList, "bundler/source_list" autoload :RubyGemsGemInstaller, "bundler/rubygems_gem_installer" autoload :UI, "bundler/ui" + autoload :URICredentialsFilter, "bundler/uri_credentials_filter" class << self attr_writer :bundle_path diff --git a/lib/bundler/uri_credentials_filter.rb b/lib/bundler/uri_credentials_filter.rb new file mode 100644 index 0000000000..b1c4d289f4 --- /dev/null +++ b/lib/bundler/uri_credentials_filter.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true +module Bundler + module URICredentialsFilter + module_function + + def anonymized_uri(uri_to_anonymize) + return uri_to_anonymize if uri_to_anonymize.nil? + uri = uri_to_anonymize.dup + uri = URI(uri.to_s) unless uri.is_a?(URI) + uri.user = uri.password = nil if uri.userinfo + uri + rescue URI::InvalidURIError # uri is not canonical uri scheme + uri + end + + def credentials_filtered_string(str_to_filter, uri) + return str_to_filter if uri.nil? || str_to_filter.nil? + str_with_no_credentials = str_to_filter.dup + anonymous_uri_str = anonymized_uri(uri).to_s + uri_str = uri.to_s + if anonymous_uri_str != uri_str + str_with_no_credentials = str_with_no_credentials.gsub(uri_str, anonymous_uri_str) + end + str_with_no_credentials + end + end +end diff --git a/spec/bundler/uri_credentials_filter_spec.rb b/spec/bundler/uri_credentials_filter_spec.rb new file mode 100644 index 0000000000..3b542fb655 --- /dev/null +++ b/spec/bundler/uri_credentials_filter_spec.rb @@ -0,0 +1,106 @@ +# frozen_string_literal: true +require "spec_helper" + +describe Bundler::URICredentialsFilter do + subject { described_class } + + describe "#anonymized_uri" do + context "uri is a uri object" do + let(:uri) { URI("https://#{credentials}github.com/company/private-repo") } + + context "that contains credentials" do + let(:credentials) { "oauth_token:x-oauth-basic@" } + + it "returns the uri without the credentials" do + expect(subject.anonymized_uri(uri)).to eq(URI("https://github.com/company/private-repo")) + end + end + + context "that does not contains credentials" do + let(:credentials) { "" } + + it "returns the same uri" do + # https://github.com/company/private-repo is not a valid URI in ruby 1.8.7 + if RUBY_VERSION > "1.8.7" + expect(subject.anonymized_uri(uri)).to eq(URI(uri)) + else + expect(subject.anonymized_uri(uri)).to eq(uri) + end + end + end + end + + context "uri is a uri string" do + let(:uri) { "https://#{credentials}github.com/company/private-repo" } + + context "that contains credentials" do + let(:credentials) { "oauth_token:x-oauth-basic@" } + + it "returns the uri without the credentials" do + expect(subject.anonymized_uri(uri)).to eq(URI("https://github.com/company/private-repo")) + end + end + + context "that does not contains credentials" do + let(:credentials) { "" } + + it "returns the same uri" do + expect(subject.anonymized_uri(uri)).to eq(URI(uri)) + end + end + end + + context "uri is a non-uri format string (ex. path)" do + let(:uri) { "/path/to/repo" } + + it "returns the same uri" do + expect(subject.anonymized_uri(uri)).to eq(URI(uri)) + end + end + + context "uri is nil" do + let(:uri) { nil } + + it "returns nil" do + expect(subject.anonymized_uri(uri)).to be_nil + end + end + end + + describe "#credentials_filtered_string" do + let(:str_to_filter) { "This is a git message containing a uri #{uri}!" } + let(:credentials) { "" } + let(:uri) { URI("https://#{credentials}github.com/company/private-repo") } + + context "with a uri that contains credentials" do + let(:credentials) { "oauth_token:x-oauth-basic@" } + + it "returns the string without the credentials" do + expect(subject.credentials_filtered_string(str_to_filter, uri)).to eq( + "This is a git message containing a uri https://github.com/company/private-repo!") + end + end + + context "that does not contains credentials" do + it "returns the same string" do + expect(subject.credentials_filtered_string(str_to_filter, uri)).to eq(str_to_filter) + end + end + + context "string to filter is nil" do + let(:str_to_filter) { nil } + + it "returns nil" do + expect(subject.credentials_filtered_string(str_to_filter, uri)).to be_nil + end + end + + context "uri to filter out is nil" do + let(:uri) { nil } + + it "returns the same string" do + expect(subject.credentials_filtered_string(str_to_filter, uri)).to eq(str_to_filter) + end + end + end +end |