Skip to content

Commit

Permalink
don't save netrc auth in session
Browse files Browse the repository at this point in the history
  • Loading branch information
ducaale committed Oct 11, 2021
1 parent e483bee commit 291aab0
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 1 deletion.
6 changes: 5 additions & 1 deletion src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@ fn run(args: Cli) -> Result<i32> {
let mut exit_code: i32 = 0;
let mut resume: Option<u64> = None;
let mut auth = None;
let mut save_auth_in_session = true;

if args.url.scheme() == "https" {
let verify = args.verify.unwrap_or_else(|| {
Expand Down Expand Up @@ -326,12 +327,15 @@ fn run(args: Cli) -> Result<i32> {
} else if !args.ignore_netrc {
if let (Some(host), Some(netrc)) = (args.url.host_str(), read_netrc()) {
auth = Auth::from_netrc(&netrc, auth_type, host);
save_auth_in_session = false;
}
}

if let Some(auth) = &auth {
if let Some(ref mut s) = session {
s.save_auth(auth);
if save_auth_in_session {
s.save_auth(auth);
}
}
request_builder = match auth {
Auth::Basic(username, password) => {
Expand Down
47 changes: 47 additions & 0 deletions tests/cli.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1908,6 +1908,53 @@ fn bearer_auth_from_session_is_used() {
mock.assert();
}

#[test]
fn auth_netrc_is_not_persisted_in_session() {
let server = MockServer::start();
let mock = server.mock(|when, _| {
when.header("Authorization", "Basic dXNlcjpwYXNz");
});

let mut path_to_session = std::env::temp_dir();
let file_name = random_string();
path_to_session.push(file_name);
assert_eq!(path_to_session.exists(), false);

let mut netrc = tempfile::NamedTempFile::new().unwrap();
writeln!(
netrc,
"machine {}\nlogin user\npassword pass",
server.host()
)
.unwrap();

get_command()
.env("NETRC", netrc.path())
.arg(server.base_url())
.arg("hello:world")
.arg(format!("--session={}", path_to_session.to_string_lossy()))
.assert()
.success();

mock.assert();

let session_content = read_to_string(path_to_session).unwrap();
assert_eq!(
serde_json::from_str::<serde_json::Value>(&session_content).unwrap(),
serde_json::json!({
"__meta__": {
"about": "xh session file",
"xh": "0.0.0"
},
"auth": { "type": null, "raw_auth": null },
"cookies": {},
"headers": {
"hello": "world"
}
})
);
}

#[test]
fn print_intermediate_requests_and_responses() {
let server1 = MockServer::start();
Expand Down

0 comments on commit 291aab0

Please sign in to comment.