Merge branch '232636-add-support-for-fixing-composer-404' into 'master'

Support private token headers for composer Closes #232636 See merge request gitlab-org/gitlab!38641

Merge branch '232636-add-support-for-fixing-composer-404' into 'master'
Support private token headers for composer Closes #232636 See merge request gitlab-org/gitlab!38641
0e0f3adf · Sean McGivern · 3c0b6a9f · bcc83ffd · 0e0f3adf · 0e0f3adf
Commit 0e0f3adf authored Aug 21, 2020 by Sean McGivern
4 changed files
--- a/changelogs/unreleased/232636-add-support-for-fixing-composer-404.yml
+++ b/changelogs/unreleased/232636-add-support-for-fixing-composer-404.yml
+---
+title: Fix composer 404 issues with http auth
+merge_request: 38641
+author:
+type: fixed
--- a/doc/user/packages/composer_repository/index.md
+++ b/doc/user/packages/composer_repository/index.md
@@ -130,11 +130,8 @@ You also need to create a `auth.json` file with your GitLab credentials:

 ```json
 {
-    "http-basic": {
-        "gitlab.com": {
-            "username": "___token___",
-            "password": "<personal_access_token>"
-        }
+    "gitlab-token": {
+       "gitlab.com": "<personal_access_token>"
    }
 }
 ```

--- a/spec/requests/api/composer_packages_spec.rb
+++ b/spec/requests/api/composer_packages_spec.rb
--- a/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/composer_packages_shared_examples.rb
@@ -16,8 +16,11 @@ RSpec.shared_examples 'Composer package index' do |user_type, status, add_member
      subject

      expect(response).to have_gitlab_http_status(status)
-      expect(response).to match_response_schema('public_api/v4/packages/composer/index')
-      expect(json_response).to eq presenter.root
+
+      if status == :success
+        expect(response).to match_response_schema('public_api/v4/packages/composer/index')
+        expect(json_response).to eq presenter.root
+      end
    end
  end
 end
@@ -87,13 +90,22 @@ RSpec.shared_examples 'process Composer api request' do |user_type, status, add_
  end
 end

-RSpec.shared_context 'Composer auth headers' do |user_role, user_token|
+RSpec.shared_context 'Composer auth headers' do |user_role, user_token, auth_method = :token|
  let(:token) { user_token ? personal_access_token.token : 'wrong' }
-  let(:headers) { user_role == :anonymous ? {} : basic_auth_header(user.username, token) }
+
+  let(:headers) do
+    if user_role == :anonymous
+      {}
+    elsif auth_method == :token
+      { 'Private-Token' => token }
+    else
+      basic_auth_header(user.username, token)
+    end
+  end
 end

-RSpec.shared_context 'Composer api project access' do |project_visibility_level, user_role, user_token|
-  include_context 'Composer auth headers', user_role, user_token do
+RSpec.shared_context 'Composer api project access' do |project_visibility_level, user_role, user_token, auth_method|
+  include_context 'Composer auth headers', user_role, user_token, auth_method do
    before do
      project.update!(visibility_level: Gitlab::VisibilityLevel.const_get(project_visibility_level, false))
    end