GitHub.php
Namespace
Composer\UtilFile
-
vendor/
composer/ composer/ src/ Composer/ Util/ GitHub.php
View source
<?php
declare (strict_types=1);
/*
* This file is part of Composer.
*
* (c) Nils Adermann <naderman@naderman.de>
* Jordi Boggiano <j.boggiano@seld.be>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Composer\Util;
use Composer\Factory;
use Composer\IO\IOInterface;
use Composer\Config;
use Composer\Downloader\TransportException;
use Composer\Pcre\Preg;
/**
* @author Jordi Boggiano <j.boggiano@seld.be>
*/
class GitHub {
/** @var IOInterface */
protected $io;
/** @var Config */
protected $config;
/** @var ProcessExecutor */
protected $process;
/** @var HttpDownloader */
protected $httpDownloader;
/**
* Constructor.
*
* @param IOInterface $io The IO instance
* @param Config $config The composer configuration
* @param ProcessExecutor $process Process instance, injectable for mocking
* @param HttpDownloader $httpDownloader Remote Filesystem, injectable for mocking
*/
public function __construct(IOInterface $io, Config $config, ?ProcessExecutor $process = null, ?HttpDownloader $httpDownloader = null) {
$this->io = $io;
$this->config = $config;
$this->process = $process ?: new ProcessExecutor($io);
$this->httpDownloader = $httpDownloader ?: Factory::createHttpDownloader($this->io, $config);
}
/**
* Attempts to authorize a GitHub domain via OAuth
*
* @param string $originUrl The host this GitHub instance is located at
* @return bool true on success
*/
public function authorizeOAuth(string $originUrl) : bool {
if (!in_array($originUrl, $this->config
->get('github-domains'))) {
return false;
}
// if available use token from git config
if (0 === $this->process
->execute([
'git',
'config',
'github.accesstoken',
], $output)) {
$this->io
->setAuthentication($originUrl, trim($output), 'x-oauth-basic');
return true;
}
return false;
}
/**
* Authorizes a GitHub domain interactively via OAuth
*
* @param string $originUrl The host this GitHub instance is located at
* @param string $message The reason this authorization is required
* @throws \RuntimeException
* @throws TransportException|\Exception
* @return bool true on success
*/
public function authorizeOAuthInteractively(string $originUrl, ?string $message = null) : bool {
if ($message) {
$this->io
->writeError($message);
}
$note = 'Composer';
if ($this->config
->get('github-expose-hostname') === true && 0 === $this->process
->execute([
'hostname',
], $output)) {
$note .= ' on ' . trim($output);
}
$note .= ' ' . date('Y-m-d Hi');
$url = 'https://' . $originUrl . '/settings/tokens/new?scopes=&description=' . str_replace('%20', '+', rawurlencode($note));
$this->io
->writeError('When working with _public_ GitHub repositories only, head here to retrieve a token:');
$this->io
->writeError($url);
$this->io
->writeError('This token will have read-only permission for public information only.');
$localAuthConfig = $this->config
->getLocalAuthConfigSource();
$url = 'https://' . $originUrl . '/settings/tokens/new?scopes=repo&description=' . str_replace('%20', '+', rawurlencode($note));
$this->io
->writeError('When you need to access _private_ GitHub repositories as well, go to:');
$this->io
->writeError($url);
$this->io
->writeError('Note that such tokens have broad read/write permissions on your behalf, even if not needed by Composer.');
$this->io
->writeError(sprintf('Tokens will be stored in plain text in "%s" for future use by Composer.', ($localAuthConfig !== null ? $localAuthConfig->getName() . ' OR ' : '') . $this->config
->getAuthConfigSource()
->getName()));
$this->io
->writeError('For additional information, check https://getcomposer.org/doc/articles/authentication-for-private-packages.md#github-oauth');
$storeInLocalAuthConfig = false;
if ($localAuthConfig !== null) {
$storeInLocalAuthConfig = $this->io
->askConfirmation('A local auth config source was found, do you want to store the token there?', true);
}
$token = trim((string) $this->io
->askAndHideAnswer('Token (hidden): '));
if ($token === '') {
$this->io
->writeError('<warning>No token given, aborting.</warning>');
$this->io
->writeError('You can also add it manually later by using "composer config --global --auth github-oauth.github.com <token>"');
return false;
}
$this->io
->setAuthentication($originUrl, $token, 'x-oauth-basic');
try {
$apiUrl = 'github.com' === $originUrl ? 'api.github.com/' : $originUrl . '/api/v3/';
$this->httpDownloader
->get('https://' . $apiUrl, [
'retry-auth-failure' => false,
]);
} catch (TransportException $e) {
if (in_array($e->getCode(), [
403,
401,
])) {
$this->io
->writeError('<error>Invalid token provided.</error>');
$this->io
->writeError('You can also add it manually later by using "composer config --global --auth github-oauth.github.com <token>"');
return false;
}
throw $e;
}
// store value in local/user config
$authConfigSource = $storeInLocalAuthConfig && $localAuthConfig !== null ? $localAuthConfig : $this->config
->getAuthConfigSource();
$this->config
->getConfigSource()
->removeConfigSetting('github-oauth.' . $originUrl);
$authConfigSource->addConfigSetting('github-oauth.' . $originUrl, $token);
$this->io
->writeError('<info>Token stored successfully.</info>');
return true;
}
/**
* Extract rate limit from response.
*
* @param string[] $headers Headers from Composer\Downloader\TransportException.
*
* @return array{limit: int|'?', reset: string}
*/
public function getRateLimit(array $headers) : array {
$rateLimit = [
'limit' => '?',
'reset' => '?',
];
foreach ($headers as $header) {
$header = trim($header);
if (false === stripos($header, 'x-ratelimit-')) {
continue;
}
[
$type,
$value,
] = explode(':', $header, 2);
switch (strtolower($type)) {
case 'x-ratelimit-limit':
$rateLimit['limit'] = (int) trim($value);
break;
case 'x-ratelimit-reset':
$rateLimit['reset'] = date('Y-m-d H:i:s', (int) trim($value));
break;
}
}
return $rateLimit;
}
/**
* Extract SSO URL from response.
*
* @param string[] $headers Headers from Composer\Downloader\TransportException.
*/
public function getSsoUrl(array $headers) : ?string {
foreach ($headers as $header) {
$header = trim($header);
if (false === stripos($header, 'x-github-sso: required')) {
continue;
}
if (Preg::isMatch('{\\burl=(?P<url>[^\\s;]+)}', $header, $match)) {
return $match['url'];
}
}
return null;
}
/**
* Finds whether a request failed due to rate limiting
*
* @param string[] $headers Headers from Composer\Downloader\TransportException.
*/
public function isRateLimited(array $headers) : bool {
foreach ($headers as $header) {
if (Preg::isMatch('{^x-ratelimit-remaining: *0$}i', trim($header))) {
return true;
}
}
return false;
}
/**
* Finds whether a request failed due to lacking SSO authorization
*
* @see https://docs.github.com/en/rest/overview/other-authentication-methods#authenticating-for-saml-sso
*
* @param string[] $headers Headers from Composer\Downloader\TransportException.
*/
public function requiresSso(array $headers) : bool {
foreach ($headers as $header) {
if (Preg::isMatch('{^x-github-sso: required}i', trim($header))) {
return true;
}
}
return false;
}
}Classes
| Title | Deprecated | Summary |
|---|---|---|
| GitHub | @author Jordi Boggiano <j.boggiano@seld.be> |