Fix request authentication when credentials are included in URLs (#751)

* Fix authentication failure for some APIs

Fixes an issue which occurs when APIs return authentication information in the URLs embedded in JSON responses.

* Test authentication on same host with duplicated credentials

Add test to ensure that basic authentication credentials in request URLs does not break authentication when they credentials match. This test purposefully does not examine program behavior when URL credentials and session credentials are different.

poetry/repositories/auth.py

@@ -7,11 +7,11 @@ from poetry.utils._compat import urlparse
 
 class Auth(AuthBase):
     def __init__(self, url, username, password):  # type: (str, str, str) -> None
-        self._netloc = urlparse.urlparse(url).netloc
+        self._hostname = urlparse.urlparse(url).hostname
         self._auth = HTTPBasicAuth(username, password)
 
     def __call__(self, r):  # type: (Request) -> Request
-        if urlparse.urlparse(r.url).netloc != self._netloc:
+        if urlparse.urlparse(r.url).hostname != self._hostname:
             return r
 
         self._auth(r)

tests/repositories/test_auth.py

@@ -21,6 +21,20 @@ def test_auth_with_request_on_the_same_host():
     )
 
 
+def test_auth_with_request_with_same_authentication():
+    auth = Auth("https://poetry.eustace.io", "foo", "bar")
+
+    request = Request("GET", "https://foo:bar@poetry.eustace.io/docs/")
+    assert "Authorization" not in request.headers
+
+    request = auth(request)
+
+    assert "Authorization" in request.headers
+    assert request.headers["Authorization"] == "Basic {}".format(
+        decode(base64.b64encode(encode(":".join(("foo", "bar")))))
+    )
+
+
 def test_auth_with_request_on_different_hosts():
     auth = Auth("https://poetry.eustace.io", "foo", "bar")