Extract credentials passed in Url

This commit extracts the credentials passed in a Url and
uses them to pass Basic Credentials when constructing
the single node Transport, as well as constructing a client
for elasticsearch integration tests.

Leaving the credentials in the Url and
also configuring credentials through .auth() fn, results
in reqwest sending two Authorization headers.

Author: russcam

elasticsearch/src/http/transport.rs

@@ -329,10 +329,31 @@ impl Transport {
 
     /// Creates a new instance of a [Transport] configured with a
     /// [SingleNodeConnectionPool].
+    /// If the url contains credentials, these are removed and added
+    /// as [Credentials::Basic] to the [Transport]
     pub fn single_node(url: &str) -> Result<Transport, Error> {
-        let u = Url::parse(url)?;
+        let mut u = Url::parse(url)?;
+
+        // if username and password are specified in the url, remove them and use
+        // them to construct basic credentials. Not doing so can lead to a double
+        // Authorization header being sent by reqwest.
+        let credentials = if !u.username().is_empty() && u.password().is_some() {
+            let username = u.username().to_string();
+            let password = u.password().unwrap().to_string();
+            u.set_username("").unwrap();
+            u.set_password(None).unwrap();
+            Some(Credentials::Basic(username, password))
+        } else {
+            None
+        };
+
         let conn_pool = SingleNodeConnectionPool::new(u);
-        let transport = TransportBuilder::new(conn_pool).build()?;
+        let mut transport_builder = TransportBuilder::new(conn_pool);
+        if let Some(c) = credentials {
+            transport_builder = transport_builder.auth(c);
+        }
+
+        let transport = transport_builder.build()?;
         Ok(transport)
     }
 

elasticsearch/tests/common/client.rs

@@ -53,16 +53,44 @@ pub fn create_default_builder() -> TransportBuilder {
 }
 
 pub fn create_builder(addr: &str) -> TransportBuilder {
-    let url = Url::parse(addr).unwrap();
+    let mut url = Url::parse(addr).unwrap();
+
+    // if the url is https and specifies a username and password, remove from the url and set credentials
+    let credentials = if url.scheme() == "https" {
+        let username = if !url.username().is_empty() {
+            let u = url.username().to_string();
+            url.set_username("").unwrap();
+            u
+        } else {
+            "elastic".into()
+        };
+
+        let password = match url.password() {
+            Some(p) => {
+                let pass = p.to_string();
+                url.set_password(None).unwrap();
+                pass
+            }
+            None => "changeme".into(),
+        };
+
+        Some(Credentials::Basic(username, password))
+    } else {
+        None
+    };
+
     let conn_pool = SingleNodeConnectionPool::new(url.clone());
     let mut builder = TransportBuilder::new(conn_pool);
-    // assume if we're running with HTTPS then authentication is also enabled and disable
-    // certificate validation - we'll change this for tests that need to.
-    if url.scheme() == "https" {
-        builder = builder.auth(Credentials::Basic("elastic".into(), "changeme".into()));
 
-        #[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
-        {
+    if let Some(c) = credentials {
+        builder = builder.auth(c);
+    }
+
+    // assume if we're running with HTTPS then disable
+    // certificate validation - we'll change this for tests that need to.
+    #[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
+    {
+        if url.scheme() == "https" {
             builder = builder.cert_validation(CertificateValidation::None);
         }
     }