Merge pull request #721 from Foda/BBBasicLoginFixMaster

J Wyman · web-flow · commit ed7e810cb44d · 2018-08-09T16:46:08.000-04:00
bitbucket: Fixed basic auth with new username (master)
diff --git a/Bitbucket.Authentication/Src/Authentication.cs b/Bitbucket.Authentication/Src/Authentication.cs
@@ -407,11 +407,12 @@ private Credential GenerateCredentials(TargetUri targetUri, string username,
             ref AuthenticationResult result)
         {
             var credentials = (Credential)result.Token;
-            var realUsername = GetRealUsername(result.RemoteUsername, username);
 
-            if (!targetUri.ContainsUserInfo)
+            // No user info in Uri, or it's a basic login so we need to personalize the credentials.
+            if (!targetUri.ContainsUserInfo || result.Token.Type == TokenType.Personal)
             {
                 // No user info in Uri so personalize the credentials.
+                var realUsername = GetRealUsername(result.RemoteUsername, username);
                 credentials = new Credential(realUsername, credentials.Password);
             }
 
diff --git a/Bitbucket.Authentication/Src/OAuth/SimpleServer.cs b/Bitbucket.Authentication/Src/OAuth/SimpleServer.cs
@@ -56,14 +56,19 @@ public static async Task<string> WaitForURLAsync(string url, CancellationToken c
                 var context = await listener.GetContextAsync().RunWithCancellation(cancellationToken);
                 rawUrl = context.Request.RawUrl;
 
+                Thread.Sleep(100); // Wait 100ms without this the server closes before the complete response has been written
+                
                 // Serve back a simple authentication message.
                 var html = GetSuccessString();
-                context.Response.ContentType = "text/html";
-                context.Response.OutputStream.WriteStringUtf8(html);
-
-                Thread.Sleep(100); // Wait 100ms without this the server closes before the complete response has been written
+                var buffer = System.Text.Encoding.UTF8.GetBytes(html);
+                context.Response.ContentLength64 = buffer.Length;
+                Task responseTask = context.Response.OutputStream.WriteAsync(buffer, 0, buffer.Length).ContinueWith((task) =>
+                {
+                    context.Response.OutputStream.Close();
+                    listener.Stop();
+                });
 
-                context.Response.Close();
+                Thread.Sleep(100);
             }
             catch (TimeoutException ex)
             {
diff --git a/Bitbucket.Authentication/Test/AuthenticationTest.cs b/Bitbucket.Authentication/Test/AuthenticationTest.cs
@@ -471,6 +471,46 @@ public async void VerifyInteractiveLoginDoesNotAquireInvalidBasicAuthCredentials
             credentialStore.Verify(c => c.WriteCredentials(It.IsAny<TargetUri>(), It.IsAny<Credential>()), Times.Never);
         }
 
+        [Fact]
+        public async void VerifyInteractiveLoginDoesNotAquireInvalidBasicAuthCredentialsWithUsername()
+        {
+            var bitbucketUrl = "https://bitbucket.org";
+            var credentialStore = new Mock<ICredentialStore>();
+
+            // mock the result that normally causes issues
+            var validAuthenticationResult = new AuthenticationResult(AuthenticationResultType.Success)
+            {
+                Token = new Token(_validPassword, TokenType.Personal),
+                RemoteUsername = _validUsername
+            };
+
+            var targetUri = new TargetUri(bitbucketUrl);
+
+            // Mock the behaviour of IAuthority.AcquireToken() to basically mimic BasicAuthAuthenticator.GetAuthAsync() validating the useername/password
+            var authority = new Mock<IAuthority>();
+            authority
+                .Setup(a => a.AcquireToken(It.IsAny<TargetUri>(), It.IsAny<Credential>(), It.IsAny<AuthenticationResultType>(), It.IsAny<TokenScope>()))
+                // return 'success' with the validated credentials
+                .Returns(Task.FromResult(validAuthenticationResult));
+
+            var bbAuth = new Authentication(RuntimeContext.Default, credentialStore.Object, 
+                MockInvalidBasicAuthCredentialsAquireCredentialsCallback, MockValidAquireAuthenticationOAuthCallback, authority.Object);
+
+            // perform login with username
+            var credentials = await bbAuth.InteractiveLogon(targetUri, _validUsername);
+
+            Assert.NotNull(credentials);
+            Assert.Equal(_validUsername, credentials.Username);
+            Assert.Equal(_validPassword, credentials.Password);
+
+            // attempted to validate credentials
+            authority.Verify(a => a.AcquireToken(It.IsAny<TargetUri>(), It.IsAny<Credential>(), It.IsAny<AuthenticationResultType>(),
+                It.IsAny<TokenScope>()), Times.Once);
+           
+            // must have a valid attempt to store the valid credentials
+            credentialStore.Verify(c => c.WriteCredentials(It.IsAny<TargetUri>(), credentials), Times.Once);
+        }
+
         [Fact]
         public async void VerifyInteractiveLoginDoesNothingIfUserDoesNotEnterCredentials()
         {

Original file line number	Diff line number	Diff line change
`@@ -407,11 +407,12 @@ private Credential GenerateCredentials(TargetUri targetUri, string username,`
`407`	`407`	`ref AuthenticationResult result)`
`408`	`408`	`{`
`409`	`409`	`var credentials = (Credential)result.Token;`
`410`		`- var realUsername = GetRealUsername(result.RemoteUsername, username);`
`411`	`410`
`412`		`- if (!targetUri.ContainsUserInfo)`
	`411`	`+ // No user info in Uri, or it's a basic login so we need to personalize the credentials.`
	`412`	`+ if (!targetUri.ContainsUserInfo \|\| result.Token.Type == TokenType.Personal)`
`413`	`413`	`{`
`414`	`414`	`// No user info in Uri so personalize the credentials.`
	`415`	`+ var realUsername = GetRealUsername(result.RemoteUsername, username);`
`415`	`416`	`credentials = new Credential(realUsername, credentials.Password);`
`416`	`417`	`}`
`417`	`418`