From 7f4507ecb8113213f9761cd2c659f193cc2f57af Mon Sep 17 00:00:00 2001
From: Beth Skurrie <beth@bethesque.com>
Date: Tue, 18 Feb 2020 09:29:48 +1100
Subject: [PATCH] feat(cli): raise an error when basic auth credentials and
 bearer token are set at the same time

---
 lib/pact/provider_verifier/cli/verify.rb        |  8 ++++++++
 .../pact/provider_verifier/cli/verify_spec.rb   | 17 +++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/lib/pact/provider_verifier/cli/verify.rb b/lib/pact/provider_verifier/cli/verify.rb
index e511c84..ac20c0f 100644
--- a/lib/pact/provider_verifier/cli/verify.rb
+++ b/lib/pact/provider_verifier/cli/verify.rb
@@ -15,6 +15,7 @@ module CLI
       class Verify < CustomThor
 
         class InvalidArgumentsError < ::Thor::Error; end
+        class AuthError < ::Thor::Error; end
 
         SELECTOR_DOCS = "Selectors: These are specified using JSON strings. The keys are 'tag' (the name of the consumer version tag) and 'latest' (true|false). " +
           "For example '{\"tag\": \"master\", \"latest\": true}'. For a detailed explanation of selectors, see https://pact.io/selectors"
@@ -49,6 +50,7 @@ class InvalidArgumentsError < ::Thor::Error; end
         method_option :wait, banner: "SECONDS", required: false, type: :numeric, desc: "The number of seconds to poll for the provider to become available before running the verification", default: 0
 
         def verify(*pact_urls)
+          validate_credentials
           validate_verify
           print_deprecation_warnings
           success = Pact::ProviderVerifier::App.call(merged_urls(pact_urls), options)
@@ -75,6 +77,12 @@ def print_deprecation_warnings
             end
           end
 
+          def validate_credentials
+            if (options.broker_username || ENV['PACT_BROKER_USERNAME']) && (options.broker_token || ENV['PACT_BROKER_TOKEN'])
+              raise AuthError, "You cannot provide both a username/password and a bearer token. If your Pact Broker uses a bearer token, please remove the username and password configuration."
+            end
+          end
+
           def validate_verify
             if options.pact_broker_base_url && (options.provider.nil? || options.provider == "")
               raise InvalidArgumentsError, "No value provided for required option '--provider'"
diff --git a/spec/lib/pact/provider_verifier/cli/verify_spec.rb b/spec/lib/pact/provider_verifier/cli/verify_spec.rb
index 797bc49..a04f126 100644
--- a/spec/lib/pact/provider_verifier/cli/verify_spec.rb
+++ b/spec/lib/pact/provider_verifier/cli/verify_spec.rb
@@ -77,6 +77,23 @@ module CLI
           end
         end
 
+        context "when both basic auth credentials and bearer token are set" do
+          before do
+            subject.options = OpenStruct.new(options)
+          end
+
+          let(:options) do
+            minimum_valid_options.merge(
+              broker_username: "username",
+              broker_token: "token"
+            )
+          end
+
+          it "raises an error" do
+            expect { invoke_verify }.to raise_error Verify::AuthError, /both/
+          end
+        end
+
         context "when the deprecated pact-urls option is used" do
           before do
             allow($stderr).to receive(:puts)