feat: do not call keyring when user in config and password in environment variables (#7928)

a07ae361 · Riccardo Albertazzi · GitHub · 73bc4eb1 · a07ae361 · a07ae361
Commit a07ae361 authored May 16, 2023 by Riccardo Albertazzi Committed by GitHub May 16, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 41 additions and 14 deletions

src/poetry/utils/password_manager.py
+7 -10

tests/utils/test_password_manager.py
+34 -4

No files found.
--- a/src/poetry/utils/password_manager.py
+++ b/src/poetry/utils/password_manager.py
@@ -193,16 +193,13 @@ class PasswordManager:
        self.keyring.delete_password(name, "__token__")

    def get_http_auth(self, name: str) -> dict[str, str | None] | None:
-        auth = self._config.get(f"http-basic.{name}")
-        if not auth:
-            username = self._config.get(f"http-basic.{name}.username")
-            password = self._config.get(f"http-basic.{name}.password")
-            if not username and not password:
-                return None
-        else:
-            username, password = auth["username"], auth.get("password")
-            if password is None:
-                password = self.keyring.get_password(name, username)
+        username = self._config.get(f"http-basic.{name}.username")
+        password = self._config.get(f"http-basic.{name}.password")
+        if not username and not password:
+            return None
+
+        if not password:
+            password = self.keyring.get_password(name, username)

        return {
            "username": username,

--- a/tests/utils/test_password_manager.py
+++ b/tests/utils/test_password_manager.py
@@ -3,6 +3,7 @@ from __future__ import annotations
 import os

 from typing import TYPE_CHECKING
+from unittest.mock import MagicMock

 import pytest

@@ -222,7 +223,7 @@ def test_fail_keyring_should_be_unavailable(


 def test_get_http_auth_from_environment_variables(
-    environ: None, config: Config, with_simple_keyring: None
+    environ: None, config: Config
 ) -> None:
    os.environ["POETRY_HTTP_BASIC_FOO_USERNAME"] = "bar"
    os.environ["POETRY_HTTP_BASIC_FOO_PASSWORD"] = "baz"
@@ -230,10 +231,39 @@ def test_get_http_auth_from_environment_variables(
    manager = PasswordManager(config)

    auth = manager.get_http_auth("foo")
-    assert auth is not None
+    assert auth == {"username": "bar", "password": "baz"}

-    assert auth["username"] == "bar"
-    assert auth["password"] == "baz"
+
+def test_get_http_auth_does_not_call_keyring_when_credentials_in_environment_variables(
+    environ: None, config: Config
+) -> None:
+    os.environ["POETRY_HTTP_BASIC_FOO_USERNAME"] = "bar"
+    os.environ["POETRY_HTTP_BASIC_FOO_PASSWORD"] = "baz"
+
+    manager = PasswordManager(config)
+    manager._keyring = MagicMock()
+
+    auth = manager.get_http_auth("foo")
+    assert auth == {"username": "bar", "password": "baz"}
+    manager._keyring.get_password.assert_not_called()
+
+
+def test_get_http_auth_does_not_call_keyring_when_password_in_environment_variables(
+    environ: None, config: Config
+) -> None:
+    config.merge(
+        {
+            "http-basic": {"foo": {"username": "bar"}},
+        }
+    )
+    os.environ["POETRY_HTTP_BASIC_FOO_PASSWORD"] = "baz"
+
+    manager = PasswordManager(config)
+    manager._keyring = MagicMock()
+
+    auth = manager.get_http_auth("foo")
+    assert auth == {"username": "bar", "password": "baz"}
+    manager._keyring.get_password.assert_not_called()


 def test_get_pypi_token_with_env_var_positive(