From 065cffcf9fc5cfe952b8fb48e1ecb70afa55b214 Mon Sep 17 00:00:00 2001
From: Arun Babu Neelicattu <arun.neelicattu@gmail.com>
Date: Thu, 21 Nov 2024 15:23:51 +0100
Subject: [PATCH] vcs: fix parsing of basic auth http(s) credentials

---
 src/poetry/core/vcs/git.py | 16 ++++++++++++++--
 tests/vcs/test_vcs.py      | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 2 deletions(-)

diff --git a/src/poetry/core/vcs/git.py b/src/poetry/core/vcs/git.py
index e71645b35..6a013f5b5 100644
--- a/src/poetry/core/vcs/git.py
+++ b/src/poetry/core/vcs/git.py
@@ -11,7 +11,9 @@
 
 
 PROTOCOL = r"\w+"
-USER = r"[a-zA-Z0-9_.-]+"
+URL_RESTRICTED = r"[^/\?#:@]"
+USER = rf"{URL_RESTRICTED}+"
+USER_AUTH_HTTP = rf"((?P<username>{USER})(:(?P<password>{URL_RESTRICTED}*))?)"
 RESOURCE = r"[a-zA-Z0-9_.-]+"
 PORT = r"\d+"
 PATH = r"[%\w~.\-\+/\\\$]+"
@@ -32,7 +34,7 @@
 PATTERNS = [
     re.compile(
         r"^(git\+)?"
-        r"(?P<protocol>https?|git|ssh|rsync|file)://"
+        r"(?P<protocol>git|ssh|rsync|file)://"
         rf"(?:(?P<user>{USER})@)?"
         rf"(?P<resource>{RESOURCE})?"
         rf"(:(?P<port>{PORT}))?"
@@ -40,6 +42,16 @@
         rf"((?P<name>{NAME}?)(\.git|[/\\])?)?)"
         rf"{PATTERN_SUFFIX}"
     ),
+    re.compile(
+        r"^(git\+)?"
+        r"(?P<protocol>https?)://"
+        rf"(?:(?P<user>{USER_AUTH_HTTP})@)?"
+        rf"(?P<resource>{RESOURCE})?"
+        rf"(:(?P<port>{PORT}))?"
+        rf"(?P<pathname>[:/\\]({PATH}[/\\])?"
+        rf"((?P<name>{NAME}?)(\.git|[/\\])?)?)"
+        rf"{PATTERN_SUFFIX}"
+    ),
     re.compile(
         r"(git\+)?"
         rf"((?P<protocol>{PROTOCOL})://)"
diff --git a/tests/vcs/test_vcs.py b/tests/vcs/test_vcs.py
index 761dcea02..06a6338fb 100644
--- a/tests/vcs/test_vcs.py
+++ b/tests/vcs/test_vcs.py
@@ -272,6 +272,42 @@ def test_normalize_url(url: str, normalized: GitUrl) -> None:
                 None,
             ),
         ),
+        (
+            "git+https://username:@github.com/sdispater/pendulum",
+            ParsedUrl(
+                "https",
+                "github.com",
+                "/sdispater/pendulum",
+                "username:",
+                None,
+                "pendulum",
+                None,
+            ),
+        ),
+        (
+            "git+https://username:password@github.com/sdispater/pendulum",
+            ParsedUrl(
+                "https",
+                "github.com",
+                "/sdispater/pendulum",
+                "username:password",
+                None,
+                "pendulum",
+                None,
+            ),
+        ),
+        (
+            "git+https://username+suffix:password@github.com/sdispater/pendulum",
+            ParsedUrl(
+                "https",
+                "github.com",
+                "/sdispater/pendulum",
+                "username+suffix:password",
+                None,
+                "pendulum",
+                None,
+            ),
+        ),
         (
             "git+https://github.com/sdispater/pendulum#7a018f2d075b03a73409e8356f9b29c9ad4ea2c5",
             ParsedUrl(