(chocolateyGH-1021) Authcred

Extends the variaboue helper APIs that call Get-ChocolateyWebFile to
take a authentication credential and then pass that credential to the
various web calls. This allows us to download resources from webservers
that require authentication. The credential eventually gets used in a
System.Net.HttpWebRequest object and thus can be either a
NetworkCredential or a CredentialCache object. The previous behaviour
was just to use the default credentials which is generally the windows
user credential, which is often unsuitable.

src/chocolatey.resources/helpers/functions/Get-ChocolateyWebFile.ps1

@@ -121,6 +121,11 @@ https://support.microsoft.com/en-us/kb/811833 for more details.
 
 The recommendation is to use at least SHA256.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.10.4+
+
 .PARAMETER Options
 OPTIONAL - Specify custom headers. Available in 0.9.10+.
 
@@ -195,6 +200,7 @@ param(
   [parameter(Mandatory=$false)][string] $checksumType = '',
   [parameter(Mandatory=$false)][string] $checksum64 = '',
   [parameter(Mandatory=$false)][string] $checksumType64 = $checksumType,
+  [parameter(Mandatory=$false)][Object] $credential = $null,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
   [parameter(Mandatory=$false)][switch] $getOriginalFileName,
   [parameter(Mandatory=$false)][switch] $forceDownload,
@@ -261,7 +267,7 @@ param(
   if ($url.StartsWith('http:')) {
     try {
       $httpsUrl = $url.Replace("http://", "https://")
-      Get-WebHeaders -Url $httpsUrl -ErrorAction "Stop" | Out-Null
+      Get-WebHeaders -Url $httpsUrl -ErrorAction "Stop" -Credential $credential | Out-Null
       $url = $httpsUrl
       Write-Warning "Url has SSL/TLS available, switching to HTTPS for download"
     } catch {
@@ -274,7 +280,7 @@ param(
       $fileFullPath = $fileFullPath -replace '\\chocolatey\\chocolatey\\', '\chocolatey\'
       $fileDirectory = [System.IO.Path]::GetDirectoryName($fileFullPath)
       $originalFileName = [System.IO.Path]::GetFileName($fileFullPath)
-      $fileFullPath = Get-WebFileName -Url $url -DefaultName $originalFileName
+      $fileFullPath = Get-WebFileName -Url $url -DefaultName $originalFileName -Credential $credential
       $fileFullPath = Join-Path $fileDirectory $fileFullPath
       $fileFullPath = [System.IO.Path]::GetFullPath($fileFullPath)
     } catch {
@@ -295,15 +301,15 @@ param(
   $headers = @{}
   if ($url.StartsWith('http')) {
     try {
-      $headers = Get-WebHeaders -Url $url -ErrorAction "Stop"
+      $headers = Get-WebHeaders -Url $url -ErrorAction "Stop" -Credential $credential
     } catch {
       if ($host.Version -lt (New-Object 'Version' 3,0)) {
         Write-Debug "Converting Security Protocol to SSL3 only for Powershell v2"
         # this should last for the entire duration
         $originalProtocol = [System.Net.ServicePointManager]::SecurityProtocol
         [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Ssl3
         try {
-          $headers = Get-WebHeaders -Url $url -ErrorAction "Stop"
+          $headers = Get-WebHeaders -Url $url -ErrorAction "Stop" -Credential $credential
         } catch {
           Write-Host "Attempt to get headers for $url failed.`n  $($_.Exception.Message)"
           [System.Net.ServicePointManager]::SecurityProtocol = $originalProtocol
@@ -334,7 +340,7 @@ param(
     if ($needsDownload) {
       Write-Host "Downloading $packageName $bitPackage
   from `'$url`'"
-      Get-WebFile -Url $url -FileName $fileFullPath -Options $options
+      Get-WebFile -Url $url -FileName $fileFullPath -Credential $credential -Options $options
     } else {
       Write-Debug "$($packageName)'s requested file has already been downloaded. Using cached copy at
  '$fileFullPath'."

src/chocolatey.resources/helpers/functions/Get-WebFile.ps1

@@ -57,6 +57,11 @@ package folder next to the install script, the path will be like
 The user agent to use as part of the request. Defaults to 'chocolatey
 command line'.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.10.4+
+
 .PARAMETER PassThru
 DO NOT USE - holdover from original function.
 
@@ -85,6 +90,7 @@ param(
   [parameter(Mandatory=$false, Position=0)][string] $url = '', #(Read-Host "The URL to download"),
   [parameter(Mandatory=$false, Position=1)][string] $fileName = $null,
   [parameter(Mandatory=$false, Position=2)][string] $userAgent = 'chocolatey command line',
+  [parameter(Mandatory=$false)][Object] $credential = $null,
   [parameter(Mandatory=$false)][switch] $Passthru,
   [parameter(Mandatory=$false)][switch] $quiet,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
@@ -109,7 +115,9 @@ param(
 
   $req = [System.Net.HttpWebRequest]::Create($url);
   $defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
-  if ($defaultCreds -ne $null) {
+  if ($credential -ne $null) {
+    $req.Credentials = $credential
+  } elseif ($defaultCreds -ne $null) {
     $req.Credentials = $defaultCreds
   }
 

src/chocolatey.resources/helpers/functions/Get-WebFileName.ps1

@@ -53,6 +53,11 @@ from the url response.
 The user agent to use as part of the request. Defaults to 'chocolatey
 command line'.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.10.4+
+
 .PARAMETER IgnoredArguments
 Allows splatting with arguments that do not apply. Do not use directly.
 
@@ -69,6 +74,7 @@ param(
   [parameter(Mandatory=$false, Position=0)][string] $url = '',
   [parameter(Mandatory=$true, Position=1)][string] $defaultName,
   [parameter(Mandatory=$false)][string] $userAgent = 'chocolatey command line',
+  [parameter(Mandatory=$false)][Object] $credential = $null,
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
 
@@ -106,7 +112,9 @@ param(
   }
 
   $defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
-  if ($defaultCreds -ne $null) {
+  if ($credential -ne $null) {
+    $req.Credentials = $credential
+  } elseif ($defaultCreds -ne $null) {
     $request.Credentials = $defaultCreds
   }
 

src/chocolatey.resources/helpers/functions/Get-WebHeaders.ps1

@@ -38,6 +38,11 @@ This is the url to get a request/response from.
 The user agent to use as part of the request. Defaults to 'chocolatey
 command line'.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.10.4+
+
 .PARAMETER IgnoredArguments
 Allows splatting with arguments that do not apply. Do not use directly.
 
@@ -53,6 +58,7 @@ Get-WebFile
 param(
   [parameter(Mandatory=$false, Position=0)][string] $url = '',
   [parameter(Mandatory=$false, Position=1)][string] $userAgent = 'chocolatey command line',
+  [parameter(Mandatory=$false)][Object] $credential = $null,
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
 
@@ -62,7 +68,9 @@ param(
 
   $request = [System.Net.HttpWebRequest]::Create($url);
   $defaultCreds = [System.Net.CredentialCache]::DefaultCredentials
-  if ($defaultCreds -ne $null) {
+  if ($credential -ne $null) {
+    $request.Credentials = $credential
+  } elseif ($defaultCreds -ne $null) {
     $request.Credentials = $defaultCreds
   }
 

src/chocolatey.resources/helpers/functions/Install-ChocolateyPackage.ps1

@@ -164,6 +164,11 @@ https://support.microsoft.com/en-us/kb/811833 for more details.
 
 The recommendation is to use at least SHA256.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.9.11+
+
 .PARAMETER Options
 OPTIONAL - Specify custom headers. Available in 0.9.10+.
 
@@ -267,6 +272,7 @@ param(
   [parameter(Mandatory=$false)][string] $checksumType = '',
   [parameter(Mandatory=$false)][string] $checksum64 = '',
   [parameter(Mandatory=$false)][string] $checksumType64 = '',
+  [parameter(Mandatory=$false)][object] $credential = $null,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
   [parameter(Mandatory=$false)]
   [alias("useOnlyPackageSilentArgs")][switch] $useOnlyPackageSilentArguments = $false,
@@ -307,6 +313,7 @@ param(
                                       -ChecksumType $checksumType `
                                       -Checksum64 $checksum64 `
                                       -ChecksumType64 $checksumType64 `
+                                      -Credential $credential `
                                       -Options $options `
                                       -GetOriginalFileName
   }

src/chocolatey.resources/helpers/functions/Install-ChocolateyPowershellCommand.ps1

@@ -129,6 +129,11 @@ https://support.microsoft.com/en-us/kb/811833 for more details.
 
 The recommendation is to use at least SHA256.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.9.11+
+
 .PARAMETER Options
 OPTIONAL - Specify custom headers. Available in 0.9.10+.
 
@@ -182,13 +187,14 @@ param(
   [parameter(Mandatory=$false)][string] $checksumType = '',
   [parameter(Mandatory=$false)][string] $checksum64 = '',
   [parameter(Mandatory=$false)][string] $checksumType64 = '',
+  [parameter(Mandatory=$false)][object] $credential = $null,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
   Write-Debug "Running 'Install-ChocolateyPowershellCommand' for $packageName with psFileFullPath:`'$psFileFullPath`', url: `'$url`', url64bit:`'$url64bit`', checkSum: `'$checksum`', checksumType: `'$checksumType`', checkSum64: `'$checksum64`', checksumType64: `'$checksumType64`' ";
 
   if ($url -ne '') {
-    Get-ChocolateyWebFile $packageName $psFileFullPath $url $url64bit -checksum $checksum -checksumType $checksumType -checksum64 $checksum64 -checksumType64 $checksumType64 -Options $options
+    Get-ChocolateyWebFile $packageName $psFileFullPath $url $url64bit -checksum $checksum -checksumType $checksumType -checksum64 $checksum64 -checksumType64 $checksumType64 -Credential $credential -Options $options
   }
 
   if ($env:chocolateyPackageName -ne $null -and $env:chocolateyPackageName -eq $env:ChocolateyInstallDirectoryPackage) {

src/chocolatey.resources/helpers/functions/Install-ChocolateyVsixPackage.ps1

@@ -87,6 +87,11 @@ https://support.microsoft.com/en-us/kb/811833 for more details.
 
 The recommendation is to use at least SHA256.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.9.11+
+
 .PARAMETER Options
 OPTIONAL - Specify custom headers. Available in 0.9.10+.
 
@@ -125,6 +130,7 @@ param(
   [parameter(Mandatory=$false, Position=2)][int] $vsVersion = 0,
   [parameter(Mandatory=$false)][string] $checksum = '',
   [parameter(Mandatory=$false)][string] $checksumType = '',
+  [parameter(Mandatory=$false)][object] $credential = $null,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
@@ -169,7 +175,7 @@ param(
     if ($installer) {
         $download="$env:TEMP\$($packageName.Replace(' ','')).vsix"
         try{
-            Get-ChocolateyWebFile $packageName $download $vsixUrl -checksum $checksum -checksumType $checksumType -Options $options
+            Get-ChocolateyWebFile $packageName $download $vsixUrl -checksum $checksum -checksumType $checksumType -Credential $credential -Options $options
         }
         catch {
             throw "There were errors attempting to retrieve the vsix from $vsixUrl. The error message was '$_'."

src/chocolatey.resources/helpers/functions/Install-ChocolateyZipPackage.ps1

@@ -130,6 +130,11 @@ https://support.microsoft.com/en-us/kb/811833 for more details.
 
 The recommendation is to use at least SHA256.
 
+.PARAMETER Credential
+OPTIONAL - A System.Net.ICredentials object that contains credentials to
+use to authenticate to the URL server. This is just ultimately passed
+onto System.Net.HttpWebRequest Crentials property. Available in 0.9.11+
+
 .PARAMETER Options
 OPTIONAL - Specify custom headers. Available in 0.9.10+.
 
@@ -170,6 +175,7 @@ param(
   [parameter(Mandatory=$false)][string] $checksumType = '',
   [parameter(Mandatory=$false)][string] $checksum64 = '',
   [parameter(Mandatory=$false)][string] $checksumType64 = '',
+  [parameter(Mandatory=$false)][object] $credential = $null,
   [parameter(Mandatory=$false)][hashtable] $options = @{Headers=@{}},
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
@@ -186,6 +192,6 @@ param(
   if (![System.IO.Directory]::Exists($tempDir)) {[System.IO.Directory]::CreateDirectory($tempDir) | Out-Null}
   $file = Join-Path $tempDir "$($packageName)Install.$fileType"
 
-  $filePath = Get-ChocolateyWebFile $packageName $file $url $url64bit -checkSum $checkSum -checksumType $checksumType -checkSum64 $checkSum64 -checksumType64 $checksumType64 -options $options -getOriginalFileName
+  $filePath = Get-ChocolateyWebFile $packageName $file $url $url64bit -checkSum $checkSum -checksumType $checksumType -checkSum64 $checkSum64 -checksumType64 $checksumType64 -Credential $credential -options $options -getOriginalFileName
   Get-ChocolateyUnzip "$filePath" $unzipLocation $specificFolder $packageName
 }