python-poetry · Secrus · Aug 22, 2022 · Jun 25, 2022 · Jun 25, 2022 · Jun 25, 2022
diff --git a/src/poetry/utils/password_manager.py b/src/poetry/utils/password_manager.py
@@ -172,12 +172,22 @@ def set_pypi_token(self, name: str, token: str) -> None:
         else:
             self.keyring.set_password(name, "__token__", token)
 
-    def get_pypi_token(self, name: str) -> str | None:
-        if not self.keyring.is_available():
-            token: str | None = self._config.get(f"pypi-token.{name}")
-            return token
-
-        return self.keyring.get_password(name, "__token__")
+    def get_pypi_token(self, repo_name: str) -> str | None:
+        """Get PyPi token.
+
+        First checks the environment variables for a token,
+        then the configured username/password and the
+        available keyring.
+
+        :param repo_name:  Name of repository.
+        :return: Returns a token as a string if found, otherwise None.
+        """
+        token = self._config.get(f"pypi-token.{repo_name}")
+        return (
+            token
+            if token is not None
+            else self.keyring.get_password(repo_name, "__token__")
+        )
 
     def delete_pypi_token(self, name: str) -> None:
         if not self.keyring.is_available():

diff --git a/tests/utils/test_password_manager.py b/tests/utils/test_password_manager.py
@@ -3,6 +3,7 @@
 import os
 
 from typing import TYPE_CHECKING
+from unittest import mock
 
 import pytest
 
@@ -231,3 +232,49 @@ def test_get_http_auth_from_environment_variables(
 
     assert auth["username"] == "bar"
     assert auth["password"] == "baz"
+
+
+def test_get_pypi_token_with_env_var_positive(
+    config: Config, with_simple_keyring: None, dummy_keyring: DummyBackend
+):
+    sample_token = "sampletoken-1234"
+    repo_name = "foo"
+    manager = PasswordManager(config)
+
+    with mock.patch.dict(
+        os.environ,
+        {f"POETRY-PYPI-TOKEN-{repo_name}".upper().replace("-", "_"): sample_token},
+    ):
+        result_token = manager.get_pypi_token(repo_name)
+
+    assert result_token == sample_token
+
+
+def test_get_pypi_token_with_env_var_negative(
+    config: Config, with_simple_keyring: None, dummy_keyring: DummyBackend
+):
+    sample_token = "sampletoken-1234"
+    repo_name = "foo"
+    manager = PasswordManager(config)
+
+    with mock.patch.dict(
+        os.environ,
+        {
+            "POETRY-PYPI-TOKEN-{repo_name}".upper().replace("-", "_"): sample_token
+            + "somestuff"
+        },
+    ):
+        result_token = manager.get_pypi_token(repo_name)
+
+    assert result_token != sample_token
+
+
+def test_get_pypi_token_with_env_var_not_available(
+    config: Config, with_simple_keyring: None, dummy_keyring: DummyBackend
+):
+    repo_name = "foo"
+    manager = PasswordManager(config)
+
+    result_token = manager.get_pypi_token(repo_name)
+
+    assert result_token is None