[rubygems/rubygems] Bad auth should not fallback either

https://github.com/rubygems/rubygems/commit/ba3ea27869
2023-08-10 17:23:32 +02:00 · 2023-08-10 17:23:32 +02:00 · e678affe70
commit e678affe70
parent c076ac8a5f
2 changed files with 10 additions and 1 deletions
--- a/lib/bundler/fetcher/compact_index.rb
+++ b/lib/bundler/fetcher/compact_index.rb
@ -15,7 +15,7 @@ module Bundler
          method.bind(self).call(*args, &blk)
        rescue NetworkDownError, CompactIndexClient::Updater::MisMatchedChecksumError => e
          raise HTTPError, e.message
-        rescue AuthenticationRequiredError
+        rescue AuthenticationRequiredError, BadAuthenticationError
          # Fail since we got a 401 from the server.
          raise
        rescue HTTPError => e
--- a/spec/bundler/install/gems/compact_index_spec.rb
+++ b/spec/bundler/install/gems/compact_index_spec.rb
@ -683,6 +683,15 @@ The checksum of /versions does not match the checksum provided by the server! So
        bundle :install, :artifice => "compact_index_strict_basic_authentication", :raise_on_error => false
        expect(err).to include("Bad username or password")
      end
+
+      it "does not fallback to old dependency API if bad authentication is provided" do
+        bundle "config set #{source_hostname} #{user}:wrong"
+
+        bundle :install, :artifice => "compact_index_strict_basic_authentication", :raise_on_error => false, :verbose => true
+        expect(err).to include("Bad username or password")
+        expect(out).to include("HTTP 401 Unauthorized http://user@localgemserver.test/versions")
+        expect(out).not_to include("HTTP 401 Unauthorized http://user@localgemserver.test/api/v1/dependencies")
+      end
    end

    describe "with no password" do