Removed user and password creds from URL property

Author: emlaver

CHANGES.md

@@ -5,6 +5,7 @@
 - [NEW] Support IAM authentication in replication documents.
 - [IMPROVED] Added support for IAM API key in `cloudant_bluemix` method.
 - [IMPROVED] Updated Travis CI and unit tests to run against CouchDB 2.1.1.
+- [IMPROVED] Shortened length of client URLs by removing username and password.
 
 # 2.8.1 (2018-02-16)
 

src/cloudant/client.py

@@ -17,6 +17,7 @@
 instance.
 """
 import json
+from ._2to3 import url_parse
 
 from ._client_session import (
     BasicSession,
@@ -93,6 +94,20 @@ def __init__(self, user, auth_token, admin_party=False, **kwargs):
         self._auto_renew = kwargs.get('auto_renew', False)
         self._use_basic_auth = kwargs.get('use_basic_auth', False)
         self._use_iam = kwargs.get('use_iam', False)
+        # If user/pass exist in URL, remove and set variables
+        if not self._use_basic_auth and self.server_url:
+            parsed_url = url_parse(kwargs.get('url'))
+            # Note: To prevent conflicts with field names, the method
+            # and attribute names of `url_parse` start with an underscore
+            if parsed_url.port is None:
+                self.server_url = parsed_url._replace(
+                    netloc="{}".format(parsed_url.hostname)).geturl()
+            else:
+                self.server_url = parsed_url._replace(
+                    netloc="{}:{}".format(parsed_url.hostname, parsed_url.port)).geturl()
+            if (not user and not auth_token) and (parsed_url.username and parsed_url.password):
+                self._user = parsed_url.username
+                self._auth_token = parsed_url.password
 
         connect_to_couch = kwargs.get('connect', False)
         if connect_to_couch and self._DATABASE_CLASS == CouchDatabase:
@@ -450,14 +465,10 @@ def __init__(self, cloudant_user, auth_token, **kwargs):
         super(Cloudant, self).__init__(cloudant_user, auth_token, **kwargs)
         self._client_user_header = {'User-Agent': USER_AGENT}
         account = kwargs.get('account')
-        url = kwargs.get('url')
-        x_cloudant_user = kwargs.get('x_cloudant_user')
         if account is not None:
             self.server_url = 'https://{0}.cloudant.com'.format(account)
-        elif kwargs.get('url') is not None:
-            self.server_url = url
-            if x_cloudant_user is not None:
-                self._client_user_header['X-Cloudant-User'] = x_cloudant_user
+        if kwargs.get('x_cloudant_user') is not None:
+            self._client_user_header['X-Cloudant-User'] = kwargs.get('x_cloudant_user')
 
         if self.server_url is None:
             raise CloudantClientException(102)

tests/unit/client_tests.py

@@ -128,6 +128,20 @@ def test_constructor_with_url(self):
         self.assertEqual(self.client.encoder, json.JSONEncoder)
         self.assertIsNone(self.client.r_session)
 
+    def test_constructor_with_creds_removed_from_url(self):
+        """
+        Test instantiating a client object using a URL
+        """
+        client = CouchDB(None, None, url='http://a9a9a9a9-a9a9-a9a9-a9a9-a9a9a9a9a9a9-bluemix'
+                                          ':a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9'
+                                          'a9a9a9a9a9a9@d8a01891-e4d2-4102-b5f8-751fb735ce31-'
+                                          'bluemix.couchdb.local:5984')
+        self.assertEqual(client.server_url, 'http://d8a01891-e4d2-4102-b5f8-751fb735ce31-'
+                                            'bluemix.couchdb.local:5984')
+        self.assertEqual(client._user, 'a9a9a9a9-a9a9-a9a9-a9a9-a9a9a9a9a9a9-bluemix')
+        self.assertEqual(client._auth_token, 'a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a'
+                                             '9a9a9a9a9a9a9a9a9a9a9a9a9')
+
     def test_connect(self):
         """
         Test connect and disconnect functionality.
@@ -594,6 +608,19 @@ class CloudantClientTests(UnitTestDbBase):
     Cloudant specific client unit tests
     """
 
+    def test_constructor_with_creds_removed_from_url(self):
+        """
+        Test instantiating a client object using a URL
+        """
+        client = Cloudant(None, None, url='https://a9a9a9a9-a9a9-a9a9-a9a9-a9a9a9a9a9a9-bluemix'
+                                          ':a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9'
+                                          'a9a9a9a9a9a9@d8a01891-e4d2-4102-b5f8-751fb735ce31-'
+                                          'bluemix.cloudant.com')
+        self.assertEqual(client.server_url, 'https://d8a01891-e4d2-4102-b5f8-751fb735ce31-'
+                                            'bluemix.cloudant.com')
+        self.assertEqual(client._user, 'a9a9a9a9-a9a9-a9a9-a9a9-a9a9a9a9a9a9-bluemix')
+        self.assertEqual(client._auth_token, 'a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a9a'
+                                             '9a9a9a9a9a9a9a9a9a9a9a9a9')
     @skip_if_not_cookie_auth
     def test_cloudant_session_login(self):
         """