Create URICredentialsFilter module for filtering out authentication

credentials from uris

2 files changed, 28 insertions, 0 deletions

diff --git a/lib/bundler.rb b/lib/bundler.rb
index 8288f839..ace1e7f3 100644
--- a/lib/bundler.rb
+++ b/lib/bundler.rb
@@ -52,6 +52,7 @@ module Bundler
   autoload :SourceList,             "bundler/source_list"
   autoload :RubyGemsGemInstaller,   "bundler/rubygems_gem_installer"
   autoload :UI,                     "bundler/ui"
+  autoload :URICredentialsFilter,   "bundler/uri_credentials_filter"
 
   class << self
     attr_writer :bundle_path
diff --git a/lib/bundler/uri_credentials_filter.rb b/lib/bundler/uri_credentials_filter.rb
new file mode 100644
index 00000000..b1c4d289
--- /dev/null
+++ b/lib/bundler/uri_credentials_filter.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module Bundler
+  module URICredentialsFilter
+  module_function
+
+    def anonymized_uri(uri_to_anonymize)
+      return uri_to_anonymize if uri_to_anonymize.nil?
+      uri = uri_to_anonymize.dup
+      uri = URI(uri.to_s) unless uri.is_a?(URI)
+      uri.user = uri.password = nil if uri.userinfo
+      uri
+    rescue URI::InvalidURIError # uri is not canonical uri scheme
+      uri
+    end
+
+    def credentials_filtered_string(str_to_filter, uri)
+      return str_to_filter if uri.nil? || str_to_filter.nil?
+      str_with_no_credentials = str_to_filter.dup
+      anonymous_uri_str = anonymized_uri(uri).to_s
+      uri_str = uri.to_s
+      if anonymous_uri_str != uri_str
+        str_with_no_credentials = str_with_no_credentials.gsub(uri_str, anonymous_uri_str)
+      end
+      str_with_no_credentials
+    end
+  end
+end