Skip to content
This repository has been archived by the owner on Jul 15, 2023. It is now read-only.

Clear basic auth entries in non-user URI format, where present #907

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 26 additions & 1 deletion Microsoft.Alm.Authentication/Src/BasicAuthentication.cs
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,32 @@ public override async Task<bool> DeleteCredentials(TargetUri targetUri)
if (targetUri is null)
throw new ArgumentNullException(nameof(targetUri));

return await _credentialStore.DeleteCredentials(targetUri);
// Delete the credentials for the explicit target uri first.

var initResult = await _credentialStore.DeleteCredentials(targetUri);

// If we deleted per user then we should try and delete the host level credentials too if
// they match the username.
var hostTargetUri = new TargetUri(targetUri.ToString(false, true, true));
var hostCredentials = await GetCredentials(hostTargetUri);

if (hostCredentials is null)
{
Trace.WriteLine($"No entry found for {hostTargetUri}, nothing more to delete");
return initResult;
}

var hostUsername = hostCredentials.Username;
var encodedUsername = Uri.EscapeDataString(targetUri.UserInfo);
if (encodedUsername != hostUsername)
{
Trace.WriteLine($"{hostTargetUri} entry has username {hostUsername} != {encodedUsername}, not deleting");
return initResult;
}

Trace.WriteLine($"Also deleting generic entry for {hostTargetUri} with username {hostUsername}");
return await _credentialStore.DeleteCredentials(hostTargetUri);

}

public override async Task<Credential> GetCredentials(TargetUri targetUri)
Expand Down
37 changes: 37 additions & 0 deletions Microsoft.Alm.Authentication/Test/BasicAuthTests.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,23 @@ public async Task BasicAuthDeleteCredentialsTest()
Assert.Null(await basicAuth.CredentialStore.ReadCredentials(targetUri));
}

[Fact]
public async Task BasicAuthUserUriDeleteCredentialsTest()
{
TargetUri targetUserUri = new TargetUri("http://username@localhost");
TargetUri targetGenericUri = new TargetUri("http://localhost");
BasicAuthentication basicAuth = GetBasicAuthentication(RuntimeContext.Default, "basic-delete-user");

await basicAuth.CredentialStore.WriteCredentials(targetUserUri, new Credential("username", "password"));
await basicAuth.CredentialStore.WriteCredentials(targetGenericUri, new Credential("username", "password"));

/* User-included format is what comes out of "erase" action, so that's what we want to test */
await basicAuth.DeleteCredentials(targetUserUri);

Assert.Null(await basicAuth.CredentialStore.ReadCredentials(targetUserUri));
Assert.Null(await basicAuth.CredentialStore.ReadCredentials(targetGenericUri));
}

[Fact]
public async Task BasicAuthGetCredentialsTest()
{
Expand All @@ -41,6 +58,26 @@ public async Task BasicAuthGetCredentialsTest()
Assert.NotNull(credentials = await basicAuth.GetCredentials(targetUri));
}

[Fact]
public async Task BasicAuthUserUriGetCredentialsTest()
{
TargetUri targetUserUri = new TargetUri("http://username@localhost");
TargetUri targetGenericUri = new TargetUri("http://localhost");

BasicAuthentication basicAuth = GetBasicAuthentication(RuntimeContext.Default, "basic-get-user");

Credential credentials = null;

Assert.Null(credentials = await basicAuth.GetCredentials(targetGenericUri));
Assert.Null(credentials = await basicAuth.GetCredentials(targetUserUri));

credentials = new Credential("username", "password");

await basicAuth.CredentialStore.WriteCredentials(targetGenericUri, credentials);

Assert.NotNull(credentials = await basicAuth.GetCredentials(targetUserUri));
}

[Fact]
public async Task BasicAuthSetCredentialsTest()
{
Expand Down