aio-libs · Dreamsorcerer · Aug 28, 2024 · Aug 28, 2024
@@ -0,0 +1 @@
+Added support for URL credentials with empty (zero-length) username, e.g. ``https://:password@host`` -- by :user:`shuckc`
@@ -74,6 +74,7 @@ Chih-Yuan Chen
 Chris AtLee
 Chris Laws
 Chris Moore
+Chris Shucksmith
 Christopher Schmitt
 Claudiu Popa
 Colin Dunklau

@@ -408,8 +408,8 @@ def update_host(self, url: URL) -> None:
 
         # basic auth info
         username, password = url.user, url.password
-        if username:
-            self.auth = helpers.BasicAuth(username, password or "")
+        if username or password:
+            self.auth = helpers.BasicAuth(username or "", password or "")
 
     def update_version(self, version: Union[http.HttpVersion, str]) -> None:
         """Convert request version to two elements tuple.

@@ -164,9 +164,9 @@ def from_url(cls, url: URL, *, encoding: str = "latin1") -> Optional["BasicAuth"
         """Create BasicAuth from url."""
         if not isinstance(url, URL):
             raise TypeError("url should be yarl.URL instance")
-        if url.user is None:
+        if url.user is None and url.password is None:
             return None
-        return cls(url.user, url.password or "", encoding=encoding)
+        return cls(url.user or "", url.password or "", encoding=encoding)
 
     def encode(self) -> str:
         """Encode credentials."""

@@ -453,6 +453,13 @@ def test_basic_auth_from_url(make_request) -> None:
     assert "python.org" == req.host
 
 
+def test_basic_auth_no_user_from_url(make_request) -> None:
+    req = make_request("get", "http://:[email protected]")
+    assert "AUTHORIZATION" in req.headers
+    assert "Basic OjEyMzQ=" == req.headers["AUTHORIZATION"]
+    assert "python.org" == req.host
+
+
 def test_basic_auth_from_url_overridden(make_request) -> None:
     req = make_request(
         "get", "http://[email protected]", auth=aiohttp.BasicAuth("nkim", "1234")

@@ -189,6 +189,14 @@ def test_basic_auth_from_url() -> None:
     assert auth.password == "pass"
 
 
+def test_basic_auth_no_user_from_url() -> None:
+    url = URL("http://:[email protected]")
+    auth = helpers.BasicAuth.from_url(url)
+    assert auth is not None
+    assert auth.login == ""
+    assert auth.password == "pass"
+
+
 def test_basic_auth_from_not_url() -> None:
     with pytest.raises(TypeError):
         helpers.BasicAuth.from_url("http://user:[email protected]")
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Added support for URL credentials with empty (zero-length) username, e.g. ``https://:password@host`` -- by :user:`shuckc`