From 5a04496dedca259c7dd04278511cce3ecf6730b0 Mon Sep 17 00:00:00 2001
From: Igor Vinokur <ivinokur@redhat.com>
Date: Fri, 17 Mar 2023 13:24:14 +0200
Subject: [PATCH] Return empty credentials from bitbucket URL with username
 (#466)

Override the getCredentials() method in the BitbucketUrl class to intercept bitbucket URL with username e.g. https://user@bitbucket.org/eclipse/che. Return empty credentials for such urls.
---
 .../server/azure/devops/AzureDevOpsURLParser.java     |  1 +
 .../api/factory/server/bitbucket/BitbucketUrl.java    | 11 +++++++++++
 .../factory/server/bitbucket/BitbucketUrlTest.java    |  9 +++++++++
 .../factory/server/urlfactory/DefaultFactoryUrl.java  |  4 ++++
 4 files changed, 25 insertions(+)

diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsURLParser.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsURLParser.java
index d9c798667c..a35987378c 100644
--- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsURLParser.java
+++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsURLParser.java
@@ -87,6 +87,7 @@ public class AzureDevOpsURLParser {
     // - https://<credentials>@<host>/<organization>/<project>/_git/<repoName>
     // For the first case we need to remove the `organization` from the url to distinguish it from
     // `credentials`
+    // TODO: return empty credentials like the BitBucketUrl
     String organizationCanIgnore = matcher.group("organizationCanIgnore");
     if (!isNullOrEmpty(organization) && organization.equals(organizationCanIgnore)) {
       url = url.replace(organizationCanIgnore + "@", "");
diff --git a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrl.java b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrl.java
index 3c669b6f45..08f18c3335 100644
--- a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrl.java
+++ b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrl.java
@@ -147,6 +147,17 @@ public class BitbucketUrl extends DefaultFactoryUrl {
     return "https://" + HOSTNAME;
   }
 
+  @Override
+  public Optional<String> getCredentials() {
+    // Bitbucket repository URL may contain username e.g.
+    // https://<username>@bitbucket.org/<workspace_ID>/<repo_name>.git. If username is present, it
+    // can not be used as credentials. Moreover, we skip credentials for Bitbucket repository URl at
+    // all, because we do not support credentials in a repository URL. We only support credentials
+    // in a devfile URL, which is handled by the DefaultFactoryUrl class.
+    // Todo: add a new abstraction for divfile URL to be able to retrieve credentials separately.
+    return Optional.empty();
+  }
+
   /**
    * Provides location to the repository part of the full bitbucket URL.
    *
diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrlTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrlTest.java
index d822135515..8b589d2030 100644
--- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrlTest.java
+++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUrlTest.java
@@ -15,6 +15,7 @@ import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.when;
 import static org.testng.Assert.assertEquals;
 import static org.testng.Assert.assertNotNull;
+import static org.testng.Assert.assertTrue;
 
 import java.util.Arrays;
 import java.util.Iterator;
@@ -63,6 +64,14 @@ public class BitbucketUrlTest {
     assertEquals(iterator.next().location(), "https://bitbucket.org/eclipse/che/raw/HEAD/foo.bar");
   }
 
+  @Test
+  public void shouldReturnEmptyCredentials() {
+    // when
+    BitbucketUrl url = this.bitbucketURLParser.parse("https://user@bitbucket.org/eclipse/che");
+    // then
+    assertTrue(url.getCredentials().isEmpty());
+  }
+
   /** Check the original repository */
   @Test
   public void checkRepositoryLocation() {
diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/urlfactory/DefaultFactoryUrl.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/urlfactory/DefaultFactoryUrl.java
index 86b3674c88..16078985ff 100644
--- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/urlfactory/DefaultFactoryUrl.java
+++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/urlfactory/DefaultFactoryUrl.java
@@ -66,6 +66,10 @@ public class DefaultFactoryUrl implements RemoteFactoryUrl {
     return null;
   }
 
+  public URL getUrl() {
+    return url;
+  }
+
   @Override
   public Optional<String> getCredentials() {
     if (url == null || isNullOrEmpty(url.getUserInfo())) {