Merge pull request #1359 from ybiquitous/issue-1357

Fix deprecation warning since Faraday 1.7.1
octokit · Jan 11, 2022 · 0e29f8c · 0e29f8c
2 parents c03e168 + 44045ef
commit 0e29f8c
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 12 deletions.
diff --git a/lib/octokit/client.rb b/lib/octokit/client.rb
@@ -238,11 +238,11 @@ def client_without_redirects(options = {})
       conn_opts[:ssl] = { :verify_mode => @ssl_verify_mode } if @ssl_verify_mode
       conn = Faraday.new(conn_opts) do |http|
         if basic_authenticated?
-          http.basic_auth(@login, @password)
+          http.request :basic_auth, @login, @password
         elsif token_authenticated?
-          http.authorization 'token', @access_token
+          http.request :authorization, 'token', @access_token
         elsif bearer_authenticated?
-          http.authorization 'Bearer', @bearer_token
+          http.request :authorization, 'Bearer', @bearer_token
         end
         http.headers['accept'] = options[:accept] if options.key?(:accept)
       end

diff --git a/lib/octokit/client/pub_sub_hubbub.rb b/lib/octokit/client/pub_sub_hubbub.rb
@@ -91,9 +91,9 @@ def pub_sub_hubbub_request(options = {})
         conn = Faraday.new(:url => @api_endpoint) do |http|
           http.headers[:user_agent] = user_agent
           if basic_authenticated?
-            http.basic_auth(@login, @password)
+            http.request :basic_auth, @login, @password
           elsif token_authenticated?
-            http.authorization 'token', @access_token
+            http.request :authorization, 'token', @access_token
           end
           http.request  :url_encoded
           http.use Octokit::Response::RaiseError

diff --git a/lib/octokit/connection.rb b/lib/octokit/connection.rb
@@ -107,13 +107,13 @@ def agent
         http.headers[:content_type] = "application/json"
         http.headers[:user_agent] = user_agent
         if basic_authenticated?
-          http.basic_auth(@login, @password)
+          http.request :basic_auth, @login, @password
         elsif token_authenticated?
-          http.authorization 'token', @access_token
+          http.request :authorization, 'token', @access_token
         elsif bearer_authenticated?
-          http.authorization 'Bearer', @bearer_token
+          http.request :authorization, 'Bearer', @bearer_token
         elsif application_authenticated?
-          http.basic_auth(@client_id, @client_secret)
+          http.request :basic_auth, @client_id, @client_secret
         end
       end
     end
@@ -176,7 +176,7 @@ def sawyer_options
         :links_parser => Sawyer::LinkParsers::Simple.new
       }
       conn_opts = @connection_options
-      conn_opts[:builder] = @middleware if @middleware
+      conn_opts[:builder] = @middleware.dup if @middleware
       conn_opts[:proxy] = @proxy if @proxy
       if conn_opts[:ssl].nil?
         conn_opts[:ssl] = { :verify_mode => @ssl_verify_mode } if @ssl_verify_mode

diff --git a/lib/octokit/middleware/follow_redirects.rb b/lib/octokit/middleware/follow_redirects.rb
@@ -86,7 +86,10 @@ def update_env(env, request_body, response)
         original_url = env[:url]
         env[:url] += safe_escape(response["location"])
         unless same_host?(original_url, env[:url])
-          env[:request_headers].delete("Authorization")
+          # HACK: Faraday’s Authorization middlewares don’t touch the request if the `Authorization` header is set.
+          #       This is a workaround to drop authentication info.
+          #       See https://github.com/octokit/octokit.rb/pull/1359#issuecomment-925609697
+          env[:request_headers]["Authorization"] = "dummy"
         end
 
         if convert_to_get?(response)

diff --git a/spec/octokit/client_spec.rb b/spec/octokit/client_spec.rb
@@ -599,7 +599,7 @@
 
       assert_requested original_request
       assert_requested(:get, "https://example.com/bar") { |req|
-        req.headers["Authorization"].nil?
+        req.headers["Authorization"] == "dummy"
       }
     end