Support redis:// URI scheme and ignore username for AUTH

[daneren2005]

In the Factories parseUrl method, you are generating the auth param by combining the username and password. Redis as far as I am aware has no concept of users. A lot of connection strings just specify one because otherwise the password won't be parsed correctly by most tools. Ex: redis://anything:password@host:port.

It is an easy fix:

$auth = null;
if (isset($parts['user'])) {
    $auth = $parts['user'];
}
if (isset($parts['pass'])) {
    $auth .= ':' . $parts['pass'];
}
if ($auth !== null) {
    $parts['auth'] = $auth;
}

change to

if (isset($parts['pass'])) {
    $parts['auth'] = $parts['pass'];
}

I also am going to mention that redis:// is also a valid schema:

if ($parts === false || !isset($parts['host']) || $parts['scheme'] !== 'tcp') {
    throw new InvalidArgumentException('Given URL can not be parsed');
}

changes to

$validSchemes = array('redis', 'tcp');
if ($parts === false || !isset($parts['host']) || !in_array($parts['scheme'], $validSchemes)) {
    throw new InvalidArgumentException('Given URL can not be parsed');
}

[clue]

You are correct in that Redis does not actually know "users", it merely expects a single string value in the AUTH command.

Because URIs are composed like "[userinfo@]hostname[:port]", for ease of use this library accepts the whole "userinfo" part as a parameter that will be passed to the AUTH command:

pass@host => pass

This also has the effect that the following slightly less obvious examples work like this:

one:two@host => one:two
:three@host => :three

This is also what's been documented in the README and what's being tested by our test suite, see also https://github.com/clue/php-redis-react/blob/c1c69dc6cb376758e058aa4674a22659759042d0/tests/FactoryTest.php#L64

Note that I'm not saying this can't or won't be changed, but I'm not considering this a "bug" or "fix" at the moment.

I understand that this may be confusing with regards to other libraries and I'm not opposed to changing this. This would likely end up in the next major version though, as this is technically a BC break.
Out of curiosity, what other tools / projects do you have in mind?

[daneren2005]

Once I was debugging the issue I got caught up on the fact that internally it was called the username. I didn't consider that you could just pass password@host and it would work since all Redis cares about is that it gets the password there. You're right that my fix would break the existing usage of the library. A better solution would be something like (not tested):

if (isset($parts['pass'])) {
    $parts['auth'] = $parts['pass'];
} else if (isset($parts['user'])) {
    $parts['auth'] = $parts['user'];
}

This seems to me like it handles both the existing implementation and people who want to use the username:password format. There does not seem to exist any case where passing username:password to the auth is valid though (unless someone actually made their Redis password bla1:bla2).

PS I am using this to try get Ratchet to synchronize connections/messages between multiple servers (for deployment on Heroku). I liked this project because you are using the same event loop as Ratchet so I was able to just hook this into the same loop and be good to go. The reason I want the url to be of this form is that this is how Redis Cloud on Heroku formats the connection string.

[clue]

Nowadays there's also this: https://www.iana.org/assignments/uri-schemes/prov/redis

I'm currently undecided on using just either the "username" or "password" part. The above reference also mentions future changes to Redis, that could introduce user support etc.

unless someone actually made their Redis password bla1:bla2

This could in fact be the case, but I'm playing with the thought that this should have used percent encoding anyway…

I'm open to this and would love to hear some more thoughts. Also, PRs would be much appreciated 👍

[clue]

ping @daneren2005, what's the status here? Do you feel like filing a PR to add the redis URI scheme? 🎉