Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting of Authorization header in Get-WebFile cmdlet does not work #2374

Closed
gep13 opened this issue Sep 21, 2021 · 1 comment · Fixed by #2352
Closed

Setting of Authorization header in Get-WebFile cmdlet does not work #2374

gep13 opened this issue Sep 21, 2021 · 1 comment · Fixed by #2352
Labels
5 - Released Bug Priority_HIGH
Milestone
0.11.2

Comments

@gep13
Copy link
Member

gep13 commented Sep 21, 2021
edited
Loading

In the v0.11.0 version of Chocolatey, we attempted to ship a new piece of functionality (#1998) which would allow the setting of the Authorization header in the Get-WebFile cmdlet. This should have allowed downloading of files that are located behind a secure location, by passing in the necessary credentials to authenticate the request, however, it turns out that this change was not actually required. More details follow...

Unfortunately, a mistake was made where the wrong variable name was used when setting the header, and as a result, it was believed that this was why the setting of the Authroization header wasn't working, however, there was more to it than that!

When attempting to run set the Authorization Header in v0.11.1, you are met with the following error:

2021-09-21_13-56-38

Even with the fix that was provided in this PR things still don't work.

This is due to the fact that the HttpWebRequest object in .Net doesn't actually have an Authorization property 😢

https://docs.microsoft.com/en-us/dotnet/api/system.net.httpwebrequest?view=netframework-4.0#properties

The fix that was merged into this v0.11.0 in this PR was invalid.

On further testing, the Authorization header, when set, was actually working as expected in v0.10.15, as per this comment. As such, the corrective action here will actually be to back out the change that was done in that PR, as it was actually working as expected.
@gep13 gep13 added this to the 0.11.2 milestone Sep 21, 2021
@gep13 gep13 linked a pull request Sep 21, 2021 that will close this issue
(#2374) Fix typo in setting Authorization header #2352
Merged
@gep13 gep13 mentioned this issue Sep 21, 2021
Merged
@gep13 gep13 added 4 - Done and removed 1 - Ready labels Sep 21, 2021
@gep13 gep13 closed this as completed Sep 21, 2021
@gep13
Copy link
Member Author

gep13 commented Sep 21, 2021
edited
Loading

The code that was used to valid this was the following, placed into a chocolateyInstall.ps1 file:

$options =
@{
  Headers = @{
    Accept = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
    Cookie = 'requiredinfo=info';
    Referer = 'https://this-is-a-test';
   Authorization = 'super-secret-password';
  }
}

Install-ChocolateyPackage `
	-PackageName 'package' `
	-FileType 'msi' `
	-Url 'https://github.com/chocolatey/ChocolateyGUI/releases/download/0.19.0/ChocolateyGUI.msi' `
	-Options $options

Under the hood, Install-ChocolateyPackage calls Get-ChocolateyWebFile, which in turn calls Get-WebFile.

gep13 added a commit that referenced this issue Sep 23, 2021
@gep13
(#2374) Remove setting of Authorization property
05ff7c3 
This property does not actually exist on the HttpWebRequest object:

https://docs.microsoft.com/en-us/dotnet/api/system.net.httpwebrequest?view=netframework-4.0#properties

As such, it can't be used. Based on testing that was completed, the
Authorization header was correctly being set in v0.10.15 of Chocolatey,
and no work was required to be done here.

This commit, essentially puts this file back to how it was in v0.10.15.
gep13 added a commit that referenced this issue Sep 23, 2021
@gep13
Merge branch 'hotfix/0.11.2'
b288cd1 
* hotfix/0.11.2:
  (version) v0.11.2
  (#2374) Remove setting of Authorization property
  (version) v0.11.2-beta
  (#2374) Fix variable name when setting header
gep13 added a commit that referenced this issue Sep 23, 2021
@gep13
Merge branch 'master' into develop
19d7dd1 
* master: (21 commits)
  (version) v0.11.2
  (#2374) Remove setting of Authorization property
  (version) v0.11.2-beta
  (#2374) Fix variable name when setting header
  Revert "(maint) Added missing link to milestone"
  Revert "Merge branch 'stable'"
  Revert "(version) v0.12.0-alpha"
  Revert "Merge branch 'stable'"
  Revert "Merge branch 'stable'"
  Revert "Merge branch 'stable'"
  Revert "Merge branch 'stable'"
  (doc) Remove Travis build badge
  (#2356) Remove .travis.yml file
  (doc) Fix typo in community feed URL
  (test) Add unit tests for ArgumentsUtility class
  (#2266) Update nuspec to what is being used
  (doc) Update changelogs to point to release notes
  (version) v0.12.0-alpha
  (maint) Update generation script for new commands
  (maint) Added missing link to milestone
  ...

# Conflicts:
#	.uppercut
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
5 - Released Bug Priority_HIGH
Projects
None yet
Milestone
0.11.2
Development

Successfully merging a pull request may close this issue.

(#2374) Fix typo in setting Authorization header
1 participant
@gep13