From 6ced7fbbe70bfd45691b453853d424e686d5c774 Mon Sep 17 00:00:00 2001
From: Yu <yu.yang@anz.com>
Date: Wed, 31 Jul 2024 17:09:13 +1000
Subject: [PATCH 1/3] uri-decode-fix

Signed-off-by: Yu <yu.yang@anz.com>
---
 packages/http-client/src/proxy.ts | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/packages/http-client/src/proxy.ts b/packages/http-client/src/proxy.ts
index 32afce6a21..3a3b1b560a 100644
--- a/packages/http-client/src/proxy.ts
+++ b/packages/http-client/src/proxy.ts
@@ -15,10 +15,15 @@ export function getProxyUrl(reqUrl: URL): URL | undefined {
 
   if (proxyVar) {
     try {
-      return new URL(proxyVar)
+      const decodedProxyVar = decodeURIComponent(proxyVar)
+      return new URL(decodedProxyVar)
     } catch {
-      if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://'))
-        return new URL(`http://${proxyVar}`)
+      const decodedProxyVar = decodeURIComponent(proxyVar)
+      if (
+        !decodedProxyVar.startsWith('http://') &&
+        !decodedProxyVar.startsWith('https://')
+      )
+        return new URL(`http://${decodedProxyVar}`)
     }
   } else {
     return undefined

From c6b7cc1a698c0ae0e97a625f39b9838e65d2573f Mon Sep 17 00:00:00 2001
From: Yu <yu.yang@anz.com>
Date: Thu, 1 Aug 2024 00:18:38 +1000
Subject: [PATCH 2/3] http-client URLdecode fix

Signed-off-by: Yu <yu.yang@anz.com>
---
 packages/http-client/__tests__/proxy.test.ts | 12 ++++++++
 packages/http-client/src/proxy.ts            | 30 ++++++++++++++------
 2 files changed, 34 insertions(+), 8 deletions(-)

diff --git a/packages/http-client/__tests__/proxy.test.ts b/packages/http-client/__tests__/proxy.test.ts
index c921b4bc00..ab70b604c5 100644
--- a/packages/http-client/__tests__/proxy.test.ts
+++ b/packages/http-client/__tests__/proxy.test.ts
@@ -304,6 +304,18 @@ describe('proxy', () => {
     console.log(agent)
     expect(agent instanceof ProxyAgent).toBe(true)
   })
+
+  it('proxyAuth is set in tunnel agent when authentication is provided with URIencoding', async () => {
+    process.env['https_proxy'] =
+      'http://user%40github.com:p@ssword@127.0.0.1:8080'
+    const httpClient = new httpm.HttpClient()
+    const agent: any = httpClient.getAgent('https://some-url')
+    // eslint-disable-next-line no-console
+    console.log(agent)
+    expect(agent.proxyOptions.host).toBe('127.0.0.1')
+    expect(agent.proxyOptions.port).toBe('8080')
+    expect(agent.proxyOptions.proxyAuth).toBe('user@github.com:password')
+  })
 })
 
 function _clearVars(): void {
diff --git a/packages/http-client/src/proxy.ts b/packages/http-client/src/proxy.ts
index 3a3b1b560a..3a9c6834ec 100644
--- a/packages/http-client/src/proxy.ts
+++ b/packages/http-client/src/proxy.ts
@@ -15,15 +15,10 @@ export function getProxyUrl(reqUrl: URL): URL | undefined {
 
   if (proxyVar) {
     try {
-      const decodedProxyVar = decodeURIComponent(proxyVar)
-      return new URL(decodedProxyVar)
+      return new DecodedURL(proxyVar)
     } catch {
-      const decodedProxyVar = decodeURIComponent(proxyVar)
-      if (
-        !decodedProxyVar.startsWith('http://') &&
-        !decodedProxyVar.startsWith('https://')
-      )
-        return new URL(`http://${decodedProxyVar}`)
+      if (!proxyVar.startsWith('http://') && !proxyVar.startsWith('https://'))
+        return new DecodedURL(`http://${proxyVar}`)
     }
   } else {
     return undefined
@@ -92,3 +87,22 @@ function isLoopbackAddress(host: string): boolean {
     hostLower.startsWith('[0:0:0:0:0:0:0:1]')
   )
 }
+
+class DecodedURL extends URL {
+  private _decodedUsername: string
+  private _decodedPassword: string
+
+  constructor(url: string | URL, base?: string | URL) {
+    super(url, base)
+    this._decodedUsername = decodeURIComponent(super.username)
+    this._decodedPassword = decodeURIComponent(super.password)
+  }
+
+  get username(): string {
+    return this._decodedUsername
+  }
+
+  get password(): string {
+    return this._decodedPassword
+  }
+}

From 3c564f760684969a272e5c0ebed71e8d8a0e609b Mon Sep 17 00:00:00 2001
From: Yu <yu.yang@anz.com>
Date: Thu, 1 Aug 2024 00:23:35 +1000
Subject: [PATCH 3/3] http-client URLdecode test typo fix

Signed-off-by: Yu <yu.yang@anz.com>
---
 packages/http-client/__tests__/proxy.test.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/http-client/__tests__/proxy.test.ts b/packages/http-client/__tests__/proxy.test.ts
index ab70b604c5..167396c6cf 100644
--- a/packages/http-client/__tests__/proxy.test.ts
+++ b/packages/http-client/__tests__/proxy.test.ts
@@ -307,14 +307,14 @@ describe('proxy', () => {
 
   it('proxyAuth is set in tunnel agent when authentication is provided with URIencoding', async () => {
     process.env['https_proxy'] =
-      'http://user%40github.com:p@ssword@127.0.0.1:8080'
+      'http://user%40github.com:p%40ssword@127.0.0.1:8080'
     const httpClient = new httpm.HttpClient()
     const agent: any = httpClient.getAgent('https://some-url')
     // eslint-disable-next-line no-console
     console.log(agent)
     expect(agent.proxyOptions.host).toBe('127.0.0.1')
     expect(agent.proxyOptions.port).toBe('8080')
-    expect(agent.proxyOptions.proxyAuth).toBe('user@github.com:password')
+    expect(agent.proxyOptions.proxyAuth).toBe('user@github.com:p@ssword')
   })
 })