feat: Add support for credential_type override as well

Author: mattkram

src/anaconda_auth/_conda/auth_handler.py

@@ -91,6 +91,9 @@ def _load_channel_settings(channel_name: str) -> dict[str, Any]:
 
 class AnacondaAuthHandlerExtraSettings(BaseModel):
     override_auth_domain: Optional[str] = Field(default=None, alias="auth_domain")
+    override_credential_type: Optional[CredentialType] = Field(
+        default=None, alias="credential_type"
+    )
 
     @classmethod
     def from_channel_name(cls, channel_name: str) -> "AnacondaAuthHandlerExtraSettings":
@@ -135,6 +138,9 @@ def _load_token_domain(self, parsed_url: ParseResult) -> tuple[str, CredentialTy
         if self._extras.override_auth_domain:
             token_domain = self._extras.override_auth_domain
 
+        if self._extras.override_credential_type:
+            credential_type = self._extras.override_credential_type
+
         return token_domain, credential_type
 
     def _load_token_from_keyring(self, url: str) -> Optional[AccessCredential]:

src/anaconda_auth/_conda/condarc.py

@@ -6,6 +6,7 @@
 from ruamel.yaml import YAML
 from ruamel.yaml import YAMLError
 
+from anaconda_auth._conda.config import CredentialType
 from anaconda_cli_base import console
 
 DEFAULT_CONDARC_PATH = Path("~/.condarc").expanduser()
@@ -52,6 +53,7 @@ def update_channel_settings(
         username: str | None = None,
         *,
         auth_domain: str | None = None,
+        credential_type: CredentialType | None = None,
     ) -> None:
         """
         Update the condarc file's "channel_settings" section
@@ -61,6 +63,7 @@ def update_channel_settings(
             "auth": auth_type,
             "username": username,
             "auth_domain": auth_domain,
+            "credential_type": credential_type.value if credential_type else None,
         }
 
         # Filter out any None values

tests/test_conda_plugins.py

@@ -1,3 +1,4 @@
+from enum import Enum
 from urllib.parse import urlparse
 
 import pytest
@@ -380,3 +381,48 @@ def test_load_token_domain_user_provided_auth_domain_override(conda_search_path)
 
     assert token_domain == "auth.some-domain.com"
     assert credential_type == CredentialType.API_KEY
+
+
+@pytest.mark.parametrize(
+    "override_credential_type", [CredentialType.API_KEY, CredentialType.REPO_TOKEN]
+)
+def test_load_token_domain_user_provided_credential_type_override(
+    override_credential_type, conda_search_path
+):
+    channel_url = "https://some-domain.com/repo/some-channel"
+    condarc = CondaRC()
+    condarc.update_channel_settings(
+        channel=channel_url + "/*",
+        auth_type="anaconda-auth",
+        credential_type=override_credential_type,
+    )
+    condarc.save()
+    context.reset_context()
+
+    handler = AnacondaAuthHandler(channel_name=channel_url)
+    url = channel_url + "/noarch/repodata.json"
+    token_domain, credential_type = handler._load_token_domain(parsed_url=urlparse(url))
+
+    assert token_domain == "some-domain.com"
+    assert credential_type == override_credential_type
+
+
+def test_load_token_domain_user_provided_credential_type_override_invalid(
+    conda_search_path,
+):
+    channel_url = "https://some-domain.com/repo/some-channel"
+    condarc = CondaRC()
+
+    class BadCredentialType(Enum):
+        INVALID = "invalid"
+
+    condarc.update_channel_settings(
+        channel=channel_url + "/*",
+        auth_type="anaconda-auth",
+        credential_type=BadCredentialType.INVALID,
+    )
+    condarc.save()
+    context.reset_context()
+
+    with pytest.raises(AnacondaAuthError):
+        AnacondaAuthHandler(channel_name=channel_url)