diff options
| author | David RodrÃguez <[email protected]> | 2021-08-24 12:02:29 +0200 |
|---|---|---|
| committer | Hiroshi SHIBATA <[email protected]> | 2021-08-31 19:06:14 +0900 |
| commit | 1e290c31f4fdfd330b9cd1d5c7fe61efa4ab066c (patch) | |
| tree | 0d3e58f3df45c7ab430375fe27550db6f6df6a65 /lib/rubygems/uri.rb | |
| parent | f0c6cc14b10616a61d3113dd5a88291fe915461b (diff) | |
[rubygems/rubygems] Merge `Gem::UriParser` and `Gem::PrintableUri` into a `Gem::Uri` class
The new class is a wrapper on top of an URI. And then, when you want
credentials redacted, you call `#redacted` that returns a copy of itself,
but with credentials redacted.
https://github.com/rubygems/rubygems/commit/9581c2740a
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/4789
Diffstat (limited to 'lib/rubygems/uri.rb')
| -rw-r--r-- | lib/rubygems/uri.rb | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/lib/rubygems/uri.rb b/lib/rubygems/uri.rb new file mode 100644 index 0000000000..031d7e01c3 --- /dev/null +++ b/lib/rubygems/uri.rb @@ -0,0 +1,102 @@ +# frozen_string_literal: true + +## +# The Uri handles rubygems source URIs. +# + +class Gem::Uri + def initialize(source_uri) + @parsed_uri = parse(source_uri) + end + + def redacted + return self unless valid_uri? + + if token? || oauth_basic? + with_redacted_user + elsif password? + with_redacted_password + else + self + end + end + + def to_s + @parsed_uri.to_s + end + + def redact_credentials_from(text) + return text unless valid_uri? && password? + + text.sub(password, 'REDACTED') + end + + def method_missing(method_name, *args, &blk) + if @parsed_uri.respond_to?(method_name) + @parsed_uri.send(method_name, *args, &blk) + else + super + end + end + + def respond_to_missing?(method_name, include_private = false) + @parsed_uri.respond_to?(method_name, include_private) || super + end + + private + + ## + # Parses the #uri, raising if it's invalid + + def parse!(uri) + require "uri" + + raise URI::InvalidURIError unless uri + + # Always escape URI's to deal with potential spaces and such + # It should also be considered that source_uri may already be + # a valid URI with escaped characters. e.g. "{DESede}" is encoded + # as "%7BDESede%7D". If this is escaped again the percentage + # symbols will be escaped. + begin + URI.parse(uri) + rescue URI::InvalidURIError + URI.parse(URI::DEFAULT_PARSER.escape(uri)) + end + end + + ## + # Parses the #uri, returning the original uri if it's invalid + + def parse(uri) + return uri unless uri.is_a?(String) + + parse!(uri) + rescue URI::InvalidURIError + uri + end + + def with_redacted_user + clone.tap {|uri| uri.user = 'REDACTED' } + end + + def with_redacted_password + clone.tap {|uri| uri.password = 'REDACTED' } + end + + def valid_uri? + !@parsed_uri.is_a?(String) + end + + def password? + !!password + end + + def oauth_basic? + password == 'x-oauth-basic' + end + + def token? + !user.nil? && password.nil? + end +end |