Skip to content

Commit 4cfccd0

Browse files
Copilotswissspidy
Copilot
and
swissspidy
committed
Add empty string checks for GitHub and GitLab tokens
Co-authored-by: swissspidy <841956+swissspidy@users.noreply.github.com>
1 parent 3715993 commit 4cfccd0

2 files changed

Lines changed: 68 additions & 2 deletions

File tree

src/Package_Command.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1412,7 +1412,7 @@ private function set_composer_auth_env_var() {
14121412

14131413
// GitHub OAuth token.
14141414
$github_token = getenv( 'GITHUB_TOKEN' );
1415-
if ( ! isset( $composer_auth['github-oauth'] ) && is_string( $github_token ) ) {
1415+
if ( ! isset( $composer_auth['github-oauth'] ) && is_string( $github_token ) && '' !== $github_token ) {
14161416
$composer_auth['github-oauth'] = [ 'github.com' => $github_token ];
14171417
$changed = true;
14181418
}
@@ -1426,7 +1426,7 @@ private function set_composer_auth_env_var() {
14261426

14271427
// GitLab personal access token.
14281428
$gitlab_token = getenv( 'GITLAB_TOKEN' );
1429-
if ( ! isset( $composer_auth['gitlab-token'] ) && is_string( $gitlab_token ) ) {
1429+
if ( ! isset( $composer_auth['gitlab-token'] ) && is_string( $gitlab_token ) && '' !== $gitlab_token ) {
14301430
$composer_auth['gitlab-token'] = [ 'gitlab.com' => $gitlab_token ];
14311431
$changed = true;
14321432
}

tests/PackageAuthTest.php

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -257,4 +257,70 @@ public function test_env_tokens_dont_override_composer_auth() {
257257
$this->assertArrayHasKey( 'github-oauth', $auth_array );
258258
$this->assertSame( 'existing_token', $auth_array['github-oauth']['github.com'] );
259259
}
260+
261+
/**
262+
* Test that empty GITHUB_TOKEN is ignored.
263+
*/
264+
public function test_empty_github_token_ignored() {
265+
putenv( 'GITHUB_TOKEN=' );
266+
267+
$this->invoke_set_composer_auth();
268+
269+
$composer_auth = getenv( 'COMPOSER_AUTH' );
270+
// No auth should be set because the token was empty
271+
$this->assertFalse( $composer_auth );
272+
}
273+
274+
/**
275+
* Test that empty GITLAB_TOKEN is ignored.
276+
*/
277+
public function test_empty_gitlab_token_ignored() {
278+
putenv( 'GITLAB_TOKEN=' );
279+
280+
$this->invoke_set_composer_auth();
281+
282+
$composer_auth = getenv( 'COMPOSER_AUTH' );
283+
// No auth should be set because the token was empty
284+
$this->assertFalse( $composer_auth );
285+
}
286+
287+
/**
288+
* Test that empty GITLAB_OAUTH_TOKEN is ignored.
289+
*/
290+
public function test_empty_gitlab_oauth_token_ignored() {
291+
putenv( 'GITLAB_OAUTH_TOKEN=' );
292+
293+
$this->invoke_set_composer_auth();
294+
295+
$composer_auth = getenv( 'COMPOSER_AUTH' );
296+
// No auth should be set because the token was empty
297+
$this->assertFalse( $composer_auth );
298+
}
299+
300+
/**
301+
* Test that empty BITBUCKET credentials are ignored.
302+
*/
303+
public function test_empty_bitbucket_credentials_ignored() {
304+
putenv( 'BITBUCKET_CONSUMER_KEY=' );
305+
putenv( 'BITBUCKET_CONSUMER_SECRET=' );
306+
307+
$this->invoke_set_composer_auth();
308+
309+
$composer_auth = getenv( 'COMPOSER_AUTH' );
310+
// No auth should be set because the credentials were empty
311+
$this->assertFalse( $composer_auth );
312+
}
313+
314+
/**
315+
* Test that empty HTTP_BASIC_AUTH is ignored.
316+
*/
317+
public function test_empty_http_basic_auth_ignored() {
318+
putenv( 'HTTP_BASIC_AUTH=' );
319+
320+
$this->invoke_set_composer_auth();
321+
322+
$composer_auth = getenv( 'COMPOSER_AUTH' );
323+
// No auth should be set because the value was empty
324+
$this->assertFalse( $composer_auth );
325+
}
260326
}

0 commit comments

Comments
 (0)