fix(auth): ensures / is URL encoded in sources auth environment var…

…iables (fix #3169) (#3170)
pdm-project · Sep 19, 2024 · 5db006a · 5db006a
1 parent ff9e871
commit 5db006a
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 5 deletions.
diff --git a/news/3169.bugfix.md b/news/3169.bugfix.md
@@ -0,0 +1 @@
+Ensures that  `/` is URL encoded in sources URL environment variables.
diff --git a/src/pdm/utils.py b/src/pdm/utils.py
@@ -244,7 +244,7 @@ def expand_env_vars(credential: str, quote: bool = False, env: Mapping[str, str]
 
     def replace_func(match: Match) -> str:
         rv = env.get(match.group(1), match.group(0))
-        return parse.quote(rv) if quote else rv
+        return parse.quote(rv, "") if quote else rv
 
     return re.sub(r"\$\{(.+?)\}", replace_func, credential)
 

diff --git a/tests/test_utils.py b/tests/test_utils.py
@@ -217,11 +217,11 @@ def test_expand_env_vars(given, expected, monkeypatch):
         ("https://example.org/path?arg=1", "https://example.org/path?arg=1"),
         (
             "https://${FOO}@example.org/path?arg=1",
-            "https://hello@example.org/path?arg=1",
+            "https://token%3Aoidc%2F1@example.org/path?arg=1",
         ),
         (
             "https://${FOO}:${BAR}@example.org/path?arg=1",
-            "https://hello:wo%3Arld@example.org/path?arg=1",
+            "https://token%3Aoidc%2F1:p%40ssword@example.org/path?arg=1",
         ),
         (
             "https://${FOOBAR}@example.org/path?arg=1",
@@ -230,8 +230,8 @@ def test_expand_env_vars(given, expected, monkeypatch):
     ],
 )
 def test_expand_env_vars_in_auth(given, expected, monkeypatch):
-    monkeypatch.setenv("FOO", "hello")
-    monkeypatch.setenv("BAR", "wo:rld")
+    monkeypatch.setenv("FOO", "token:oidc/1")
+    monkeypatch.setenv("BAR", "p@ssword")
     assert utils.expand_env_vars_in_auth(given) == expected