choco
choco copied to clipboard
chocolatey
Auth cred for downloads
Very simply, when I call Install-ChocolateyPackage with a URL to download, I'd like to also pass to it a System.Net.ICredentials to the call so that I can use a download URL rather requires authentication.
The change is dead simple, just pass the credential object down the call chain until you hand it off to the System.Net.HttpWebRequest object. My question is what have I missed?
diff --git a/src/chocolatey.resources/helpers/functions/Get-ChocolateyWebFile.ps1 b/src/chocolatey.resources/helpers/functions/Get-ChocolateyWebFile.ps1
index d446fe6..93c53da 100644
--- a/src/chocolatey.resources/helpers/functions/Get-ChocolateyWebFile.ps1
+++ b/src/chocolatey.resources/helpers/functions/Get-ChocolateyWebFile.ps1
@@ -195,6 +195,7 @@ param(
[parameter(Mandatory=$false)][string] $checksumType = '',
[parameter(Mandatory=$false)][string] $checksum64 = '',
[parameter(Mandatory=$false)][string] $checksumType64 = $checksumType,
+ [parameter(Mandatory=$false)][Object] $credential = $null,
[parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
[parameter(Mandatory=$false)][switch] $getOriginalFileName,
[parameter(Mandatory=$false)][switch] $forceDownload,
@@ -261,7 +262,7 @@ param(
if ($url.StartsWith('http:')) {
try {
$httpsUrl = $url.Replace("http://", "https://")
- Get-WebHeaders -Url $httpsUrl -ErrorAction "Stop" | Out-Null
+ Get-WebHeaders -Url $httpsUrl -ErrorAction "Stop" -Credential $credential | Out-Null
$url = $httpsUrl
Write-Warning "Url has SSL/TLS available, switching to HTTPS for download"
} catch {
@@ -274,7 +275,7 @@ param(
$fileFullPath = $fileFullPath -replace '\\chocolatey\\chocolatey\\', '\chocolatey\'
$fileDirectory = [System.IO.Path]::GetDirectoryName($fileFullPath)
$originalFileName = [System.IO.Path]::GetFileName($fileFullPath)
- $fileFullPath = Get-WebFileName -Url $url -DefaultName $originalFileName
+ $fileFullPath = Get-WebFileName -Url $url -DefaultName $originalFileName -Credential $credential
$fileFullPath = Join-Path $fileDirectory $fileFullPath
$fileFullPath = [System.IO.Path]::GetFullPath($fileFullPath)
} catch {
@@ -295,7 +296,7 @@ param(
$headers = @{}
if ($url.StartsWith('http')) {
try {
- $headers = Get-WebHeaders -Url $url -ErrorAction "Stop"
+ $headers = Get-WebHeaders -Url $url -ErrorAction "Stop" -Credential $credential
} catch {
if ($host.Version -lt (New-Object 'Version' 3,0)) {
Write-Debug "Converting Security Protocol to SSL3 only for Powershell v2"
@@ -303,7 +304,7 @@ param(
$originalProtocol = [System.Net.ServicePointManager]::SecurityProtocol
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Ssl3
try {
- $headers = Get-WebHeaders -Url $url -ErrorAction "Stop"
+ $headers = Get-WebHeaders -Url $url -ErrorAction "Stop" -Credential $credential
} catch {
Write-Host "Attempt to get headers for $url failed.`n $($_.Exception.Message)"
[System.Net.ServicePointManager]::SecurityProtocol = $originalProtocol
@@ -334,7 +335,7 @@ param(
if ($needsDownload) {
Write-Host "Downloading $packageName $bitPackage
from `'$url`'"
- Get-WebFile -Url $url -FileName $fileFullPath -Options $options
+ Get-WebFile -Url $url -FileName $fileFullPath -Credential $credential -Options $options
} else {
Write-Debug "$($packageName)'s requested file has already been downloaded. Using cached copy at
'$fileFullPath'."
diff --git a/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1 b/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1
index 47e1c6c..249efdd 100644
--- a/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1
+++ b/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1
@@ -85,6 +85,7 @@ param(
[parameter(Mandatory=$false, Position=0)][string] $url = '', #(Read-Host "The URL to download"),
[parameter(Mandatory=$false, Position=1)][string] $fileName = $null,
[parameter(Mandatory=$false, Position=2)][string] $userAgent = 'chocolatey command line',
+ [parameter(Mandatory=$false)][Object] $credential = $null,
[parameter(Mandatory=$false)][switch] $Passthru,
[parameter(Mandatory=$false)][switch] $quiet,
[parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
@@ -109,7 +110,9 @@ param(
$req = [System.Net.HttpWebRequest]::Create($url);
$defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
- if ($defaultCreds -ne $null) {
+ if ($credential -ne $null) {
+ $req.Credentials = $credential
+ } elseif ($defaultCreds -ne $null) {
$req.Credentials = $defaultCreds
}
diff --git a/src/chocolatey.resources/helpers/functions/Get-WebFileName.ps1 b/src/chocolatey.resources/helpers/functions/Get-WebFileName.ps1
index 74b943a..610e6d5 100644
--- a/src/chocolatey.resources/helpers/functions/Get-WebFileName.ps1
+++ b/src/chocolatey.resources/helpers/functions/Get-WebFileName.ps1
@@ -69,6 +69,7 @@ param(
[parameter(Mandatory=$false, Position=0)][string] $url = '',
[parameter(Mandatory=$true, Position=1)][string] $defaultName,
[parameter(Mandatory=$false)][string] $userAgent = 'chocolatey command line',
+ [parameter(Mandatory=$false)][Object] $credential = $null,
[parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
)
@@ -106,7 +107,9 @@ param(
}
$defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
- if ($defaultCreds -ne $null) {
+ if ($credential -ne $null) {
+ $req.Credentials = $credential
+ } elseif ($defaultCreds -ne $null) {
$request.Credentials = $defaultCreds
}
diff --git a/src/chocolatey.resources/helpers/functions/Get-WebHeaders.ps1 b/src/chocolatey.resources/helpers/functions/Get-WebHeaders.ps1
index 7d699ca..b52a0c5 100644
--- a/src/chocolatey.resources/helpers/functions/Get-WebHeaders.ps1
+++ b/src/chocolatey.resources/helpers/functions/Get-WebHeaders.ps1
@@ -53,6 +53,7 @@ Get-WebFile
param(
[parameter(Mandatory=$false, Position=0)][string] $url = '',
[parameter(Mandatory=$false, Position=1)][string] $userAgent = 'chocolatey command line',
+ [parameter(Mandatory=$false, Position=2)][Object] $credential = $null,
[parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
)
@@ -62,7 +63,10 @@ param(
$request = [System.Net.HttpWebRequest]::Create($url);
$defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
- if ($defaultCreds -ne $null) {
+ if ($credential -ne $null) {
+ Write-Host "Using credential."
+ $request.Credentials = $credential
+ } elseif ($defaultCreds -ne $null) {
$request.Credentials = $defaultCreds
}
diff --git a/src/chocolatey.resources/helpers/functions/Install-ChocolateyPackage.ps1 b/src/chocolatey.resources/helpers/functions/Install-ChocolateyPackage.ps1
index ffa7659..58f41e4 100644
--- a/src/chocolatey.resources/helpers/functions/Install-ChocolateyPackage.ps1
+++ b/src/chocolatey.resources/helpers/functions/Install-ChocolateyPackage.ps1
@@ -267,6 +267,7 @@ param(
[parameter(Mandatory=$false)][string] $checksumType = '',
[parameter(Mandatory=$false)][string] $checksum64 = '',
[parameter(Mandatory=$false)][string] $checksumType64 = '',
+ [parameter(Mandatory=$false)][object] $credential = $null,
[parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
[parameter(Mandatory=$false)]
[alias("useOnlyPackageSilentArgs")][switch] $useOnlyPackageSilentArguments = $false,
@@ -307,6 +308,7 @@ param(
-ChecksumType $checksumType `
-Checksum64 $checksum64 `
-ChecksumType64 $checksumType64 `
+ -Credential $credential `
-Options $options `
-GetOriginalFileName
}
This is the conversation I had about it some time ago with Rob:
In-Reply-To: <[email protected]>
References: <[email protected]>
From: Rob Reynolds <[email protected]>
Date: Thu, 21 Jul 2016 13:45:29 -0500
Message-ID: <CANJN1a7XXQt3UHu4ixfhyFZbfWCLjknCrN6KqSF6Qerr_VNSdw@mail.gmail.com>
Subject: Re: [chocolatey] Passing credentials to Install-ChocolateyPackage
To: chocolatey <[email protected]>
Reply-To: [email protected]
Let's be sure our terminology matches for "private source". Source is
typically meant for packages only, and all of that is handled completely
outside of PowerShell. So that leaves me to think you are talking about a
resource download "source" (or download location) that you need to pass
auth to for binaries you need to get for the package.
First question - why not just bundle the binaries in the package? I know
once you go over a certain size (ranging from 100MB to 2GB, depending on
the package repository), you start wanting to split out the binaries from
the package, but it's usually recommended to include everything a package
needs in the package, especially when you are not subject to distribution
rights (e.g. private sources).
Could it be a good add? Yes. I would create an issue for it at
https://github.com/chocolatey/choco/issues/new and we can get it triaged so
you can begin work on it. Please ensure you read over the CONTRIBUTING
doc[1] (it's very explicit in expectations so there is not much guessing)
and that you can sign the CLA.
[1] https://github.com/chocolatey/choco/blob/master/CONTRIBUTING.md
Consequently I've forked and committed my changes to https://github.com/Spitzbub/choco/tree/authcred, though I'm still working on them (adding documentation and unit tests)
Actually are there any tests for the helper functions? I thought there was but just looked again and couldn't find any......
@ryanwebjackson It was from last year. Because the PR was already opened the Hacktoberfest tag was not removed.
Hi,
The PR for this issue has been closed due to inactivity over several years. I'm open to create a new PR for this issue so it can be fixed. I just want to know if I shall create a new issue or if I can reference this one in the PR.
Would bei great if someone can answer this.
Thanks!
