When scrubbing box urls of access token parameters, only return
the processed URL if the access token was removed. If it was not
removed, return the original URL string. This prevents issues with
local file URLs being parsed and replaced with invalid paths.
Fixes: #12340#12350#12320
Replace the `VAGRANT_ALLOW_PARAM_AUTH_TOKEN` environment variable
with `VAGRANT_SERVER_ACCESS_TOKEN_BY_URL` and update the behavior
when the environment variable is set to add the access token as
a query parameter and disable the addition of the authentication
header.
Fixes#12080
When uploading box file, check if the size is greater than
5GB. If the size is larger and the direct to storage option
is enabled, disable the option due to current 5GB restriction
on direct uploads.
Some client setup locations where not using the custom helper
method for the vagrant server URL value so they have been
updated. The api path is also appended if it is not set for
custom server URLs
This sets the `authenticate_box_url` hook as deprecated and also
disables the cloud auth middleware from adding an access token
as a URL parameter by default. An environment variable has been
added which can be used for re-enabling the access token URL
parameter behavior if required for some legacy system which does
not support the authorization header.
This PR is dependent on the 2.1.0 release of the vagrant_cloud
library. It updates the `cloud` command to use the new interface
for interacting with the Vagrant Cloud API. It also adds support
for direct to backend storage uploads, and defaults to this
method.
Also included is a bit of cleanup refactoring, addition of method
documentation, and fixing up some small issues around custom username
usage within the internal client for authentication.
Prior to this commit, if a user didn't supply a box file on disk or a
box url, Vagrant would crash and display a stacktrace with an invalid
file. This commit fixes that by adding some extra handling around the
arguments supplied to the publish command.
Prior to this commit, the AddAuthentication hooks still existed in a
deprecated class LoginCommand. This commit fixes that by moving it over
to the vagrant cloud cli namespace instead.
This commit adds a new rescue to the `publish` command for when the
client detects an invalid version prior to making the API request to
create that version.
Prior to this commit, Vagrant would attempt to path expand a file that
didn't exist if it was left out of the passed in arguments and no
`--url` was used for external box uploading. This commit fixes that by
adding some additional validation for the passed in box file.
This commit introduces a new uploader class for uploading files and
splits up some commonly used functionality between it and the downloader
class into a curl helper library.
