From 6c9c4ac14ef478ddbeb534e5a2b95c450af12fc7 Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@arkins.net>
Date: Sat, 12 Sep 2020 19:29:59 +0200
Subject: [PATCH] fix(azure): add auth value to sanitized strings

---
 lib/platform/azure/azure-helper.ts | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/lib/platform/azure/azure-helper.ts b/lib/platform/azure/azure-helper.ts
index 2ff0573082..0cf7782396 100644
--- a/lib/platform/azure/azure-helper.ts
+++ b/lib/platform/azure/azure-helper.ts
@@ -4,9 +4,9 @@ import {
   GitRef,
 } from 'azure-devops-node-api/interfaces/GitInterfaces';
 import { logger } from '../../logger';
-
 import { HostRule } from '../../types';
 import { GitOptions } from '../../types/git';
+import { add } from '../../util/sanitize';
 import * as azureApi from './azure-got-wrapper';
 import {
   getBranchNameWithoutRefsPrefix,
@@ -21,18 +21,22 @@ function toBase64(from: string): string {
 }
 
 export function getStorageExtraCloneOpts(config: HostRule): GitOptions {
-  let header: string;
-  const headerName = 'AUTHORIZATION';
+  let authType: string;
+  let authValue: string;
   if (!config.token && config.username && config.password) {
-    header = `${headerName}: basic ${toBase64(
-      `${config.username}:${config.password}`
-    )}`;
+    authType = 'basic';
+    authValue = toBase64(`${config.username}:${config.password}`);
   } else if (config.token.length !== 52) {
-    header = `${headerName}: bearer ${config.token}`;
+    authType = 'bearer';
+    authValue = config.token;
   } else {
-    header = `${headerName}: basic ${toBase64(`:${config.token}`)}`;
+    authType = 'basic';
+    authValue = toBase64(`:${config.token}`);
   }
-  return { '-c': `http.extraheader=${header}` };
+  add(authValue);
+  return {
+    '-c': `http.extraheader=AUTHORIZATION: ${authType} ${authValue}`,
+  };
 }
 
 export async function getRefs(
-- 
GitLab