Fix source references not being locked for legacy packages (#1635)

poetry/packages/locker.py

@@ -139,7 +139,7 @@ class Locker(object):
                 package.add_dependency(dep_name, constraint)
 
             if "source" in info:
-                package.source_type = info["source"]["type"]
+                package.source_type = info["source"].get("type", "")
                 package.source_url = info["source"]["url"]
                 package.source_reference = info["source"]["reference"]
 
@@ -294,11 +294,12 @@ class Locker(object):
 
             data["dependencies"] = dependencies
 
-        if package.source_type:
+        if package.source_url:
             data["source"] = {
-                "type": package.source_type,
                 "url": package.source_url,
                 "reference": package.source_reference,
             }
+            if package.source_type:
+                data["source"]["type"] = package.source_type
 
         return data

tests/packages/test_locker.py

@@ -212,3 +212,37 @@ A = []
         _ = locker.lock_data
 
     assert "Unable to read the lock file" in str(e.value)
+
+
+def test_locking_legacy_repository_package_should_include_source_section(root, locker):
+    package_a = get_package("A", "1.0.0")
+    package_a.source_url = "https://foo.bar"
+    package_a.source_reference = "legacy"
+    packages = [package_a]
+
+    locker.set_lock_data(root, packages)
+
+    with locker.lock.open(encoding="utf-8") as f:
+        content = f.read()
+
+    expected = """[[package]]
+category = "main"
+description = ""
+name = "A"
+optional = false
+python-versions = "*"
+version = "1.0.0"
+
+[package.source]
+reference = "legacy"
+url = "https://foo.bar"
+
+[metadata]
+content-hash = "115cf985d932e9bf5f540555bbdd75decbb62cac81e399375fc19f6277f8c1d8"
+python-versions = "*"
+
+[metadata.files]
+A = []
+"""
+
+    assert expected == content