using composer with proxy authentication

[stanislavivanovit]

With the following composer.json:

{
    ...
}

When I run this command:

composer diagnose

I get this output:

Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing packagist.org over h ttp which is an insecure protocol.
FAIL
[Composer\Downloader\TransportException] The "http://packagist.org/packages.json " file could not be downloaded (HTTP/1.1 407 Proxy Authentication Required)
Checking https connectivity to packagist: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.jso n" file could not be downloaded: failed to open stream: Cannot connect to HTTPS server through proxy
Checking HTTP proxy: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.jso n" file could not be downloaded: failed to open stream: Cannot connect to HTTPS server through proxy
Checking HTTP proxy support for request_fulluri: FAIL
Unable to assess the situation, maybe packagist.org is down (The 'http://packagi st.org/packages.json' URL could not be accessed: HTTP/1.1 400 Bad Request
)
Checking HTTPS proxy support for request_fulluri: FAIL
Unable to assess the situation, maybe github is down (The "https://api.github.co m/repos/Seldaek/jsonlint/zipball/1.0.0" file could not be downloaded: failed to open stream: Cannot connect to HTTPS server through proxy)
Checking github.com rate limit: FAIL
[Composer\Downloader\TransportException] The "https://api.github.com/rate_limit" file could not be downloaded: failed to open stream: Cannot connect to HTTPS se rver through proxy
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB 723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E32 8C AD90147D AFE50952
OK
Checking composer version:

[Composer\Downloader\TransportException]
The "https://getcomposer.org/versions" file could not be downloaded: failed
to open stream: Cannot connect to HTTPS server through proxy

And I expected this to happen:

We use a proxy which requires authentication, and when we run composer behind that proxy it cannot connect to github.com, packagist.org/.

When we test without authentication everything works, but we wish to use proxy authentication.
Is there a way we can set up composer to use proxy authentication.
and reach the desired outcome: (bellow is the output of the command "composer diagnose" without proxy authentication)

$ composer diagnose
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing packagist.org over http which is an insecure protocol.
OK
Checking https connectivity to packagist: OK
Checking HTTP proxy: OK
Checking HTTP proxy support for request_fulluri: OK
Checking HTTPS proxy support for request_fulluri: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: OK

?

Thank you

[stof]

Well, you should configure the HTTP_PROXY env variable with the proper settings for your proxy

[stanislavivanovit]

Thank you for the quick reply,

I have configured global environmental variables in windows for http_proxy and https_proxy. Should they be set in composer specifically as well?
Please note that I am not a developer using this software, I’m a helpdesk agent helping a developer set this software on his workstation.
Can you give me an example where exactly http_proxy env should be set, what parameters it takes and in what format?

-Stani

From: Christophe Coevoet [mailto:notifications@github.com]
Sent: 07 June 2016 11:25
To: composer/composer
Cc: Stanislav Ivanov IT Department; Author
Subject: Re: [composer/composer] using composer with proxy authentication (#5411)

Well, you should configure the HTTP_PROXY env variable with the proper settings for your proxy

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHubhttps://github.com//issues/5411#issuecomment-224213095, or mute the threadhttps://github.com/notifications/unsubscribe/AS4I0A_w4hWNeUu6lOiEaFKJqE2rkJqGks5qJSrtgaJpZM4IvrFP.

[alcohol]

https://getcomposer.org/doc/03-cli.md#http-proxy-or-http-proxy

It takes a URL (which in turn can contain a username and password also).

[stanislavivanovit]

I have tried
export http_proxy="http://username:password@your_proxy:your_port"
export https_proxy="https://username:password@your_proxy:your_port"
export http_proxy=http://username:password@your_proxy:your_port
export https_proxy=https://username:password@your_proxy:your_port

but the outcome is the same:

$ composer diagnose
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing packagist.org over http which is an insecure protocol.
OK
Checking https connectivity to packagist: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Failed to enable crypto
failed to open stream: operation failed
Checking HTTP proxy: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Failed to enable crypto
failed to open stream: operation failed
Checking HTTP proxy support for request_fulluri: OK
Checking HTTPS proxy support for request_fulluri: FAIL
Unable to assess the situation, maybe github is down (The "https://api.github.com/repos/Seldaek/jsonlint/zipball/1.0.0" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Failed to enable crypto
failed to open stream: operation failed)
Checking github.com rate limit: FAIL
[Composer\Downloader\TransportException] The "https://api.github.com/rate_limit" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version:

[Composer\Downloader\TransportException]
The "https://getcomposer.org/versions" file could not be downloaded: SSL op
eration failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Failed to enable crypto
failed to open stream: operation failed

[alcohol]

What kind of proxy is it?

[stanislavivanovit]

squid

From: Rob [mailto:notifications@github.com]
Sent: 07 June 2016 14:19
To: composer/composer
Cc: Stanislav Ivanov IT Department; Comment
Subject: Re: [composer/composer] using composer with proxy authentication (#5411)

What kind of proxy is it?

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHubhttps://github.com//issues/5411#issuecomment-224251411, or mute the threadhttps://github.com/notifications/unsubscribe/AS4I0Hwthet6l9dc_iSQDnlVNRxHrMYOks5qJVO4gaJpZM4IvrFP.

[stanislavivanovit]

Can anybody help?

I have set global environmental variable for http and https_proxy with value our_proxy_ip:port (this proxy requires authentication)

this is the output when I run composer create-project --prefer-dist laravel/laravel blog

I then tried with
export http_proxy=http://username:password@your_proxy:your_port
export https_proxy=https://username:password@your_proxy:your_port

and then with
export http_proxy="http://username:password@your_proxy:your_port"
export https_proxy="https://username:password@your_proxy:your_port"

this is the output when I set env var http and http_proxy to a proxy with no authentication

both proxies with and without authentication are squid proxies.

Is it possible to get this working with a proxy which requires authentication?

[alcohol]

I would guess that your proxy setup does not support https. You can force composer to default to http in that case, though that goes against all standard/common recommendations.

[faridmovsumov]

I have the same problem :( @stanislavivanovit did you find a solution?

[stanislavivanovit]

@faridmovsumov, not yet.

[mcarbonneaux]

The PHP fopen http wrapper don't support proxy authentification with https url...

They simply avoid to send http proxy-authentication header setted in http context when send CONNECT method to the proxy...

They are only fixed in 5.4.1RC1 :
php/php-src@aa5055b

[7i4g0]

Hello there. Try this:
C:\xampp\htdocs\myproject> SET HTTP_PROXY=http://username:password@proxy.yourdomain.com:8080 && php composer.phar create-project laravel/laravel --prefer-dist

I needed put the composer.phar file into the same folder of the project.

[sasclar]

Hello,
Setting "HTTP_PROXY=http://username:password@proxy.yourdomain.com:port" on windows 7 at user level worked for me

[Seldaek]

Auto-closing this as it's marked as support request and has not received any update in a long time.

[mcarbonneaux]

in composer.php and in Composer/Util/StreamContextFactory.php

when read password they use urldecode before base64 encoding...

            // handle proxy auth if present
            if (isset($proxy['user'])) {
                $auth = urldecode($proxy['user']);
                if (isset($proxy['pass'])) {
                    $auth .= ':' . urldecode($proxy['pass']);
                }
                $auth = base64_encode($auth);

the password with special char like + not work without encoding it in HTTP_PROXY variable not work...

[mcarbonneaux]

the php stream in ssl use by default STREAM_CRYPTO_METHOD_SSLv23_CLIENT in place of STREAM_CRYPTO_METHOD_TLS_CLIENT in :

• ext/standard/http_fopen_wrapper.c
• ext/standard/ftp_fopen_wrapper.c

this depend on version of openssl you use, but old one you cannot abel to connect on ssl server that refuse sslv2 and v3...

on recent version of php (5.6+) you are abel to configure with the context the default protocol but on old one your are not abel to do it...

  'ssl_method' => STREAM_CRYPTO_METHOD_TLS_CLIENT,

and the https://getcomposer.org/ as disabled sslv2 and v3...

her a rfc about that https://wiki.php.net/rfc/improved-tls-constants

in that way you are oblige to use --disable-tls for that...

why not use curl extension in place of php stream ?
or to have the choice of using php stream or curl ?
in that way you are abel to use correctly openssl protocol by configuration... and also the proxy option...

[alcohol]

Using curl means we would have to depend on yet another extension that is not always installed.

[mcarbonneaux]

Make to have the choice to use stream or curl, and eventually use curl or stream by default depending on version of php and presence of the extension.

Curl are more simplier to control all aspect of the http request and socket behind... Than stream.... And work better on old php version....

[alcohol]

This is open source software. We don't have to do anything. But you're welcome to contribute.