rename getCreds() to getCredsForAPI() to describe it's LFS-API-specific behavior

2015-08-28 11:02:17 -06:00 · 2015-08-28 11:02:17 -06:00 · 55b1fdf8c5
commit 55b1fdf8c5
parent ed376b42ff
3 changed files with 71 additions and 58 deletions
--- a/lfs/client.go
+++ b/lfs/client.go
@ -381,7 +381,7 @@ func doHttpRequest(req *http.Request) (*http.Response, *WrappedError) {
 func doApiRequestWithRedirects(req *http.Request, via []*http.Request, useCreds bool) (*http.Response, *WrappedError) {
 	var creds Creds
 	if useCreds {
-		c, err := getCreds(req)
+		c, err := getCredsForAPI(req)
 		if err != nil {
 			return nil, Error(err)
 		}
@ -537,10 +537,13 @@ func saveCredentials(creds Creds, res *http.Response) {
 		return
 	}

-	if res.StatusCode < 300 {
-		execCreds(creds, "approve")
-	} else if res.StatusCode == 401 {
+	switch res.StatusCode {
+	case 401, 403:
 		execCreds(creds, "reject")
+	default:
+		if res.StatusCode < 300 {
+			execCreds(creds, "approve")
+		}
 	}
 }

@ -640,54 +643,6 @@ func newBatchClientRequest(method, rawurl string) (*http.Request, error) {
 	return req, nil
 }

-func getCreds(req *http.Request) (Creds, error) {
-	if len(req.Header.Get("Authorization")) > 0 {
-		return nil, nil
-	}
-
-	apiUrl, err := Config.ObjectUrl("")
-	if err != nil {
-		return nil, err
-	}
-
-	if req.URL.Scheme != apiUrl.Scheme ||
-		req.URL.Host != apiUrl.Host {
-		return nil, nil
-	}
-
-	if setRequestAuthFromUrl(req, apiUrl) {
-		return nil, nil
-	}
-
-	credsUrl := apiUrl
-	if len(Config.CurrentRemote) > 0 {
-		if u, ok := Config.GitConfig("remote." + Config.CurrentRemote + ".url"); ok {
-			gitRemoteUrl, err := url.Parse(u)
-			if err != nil {
-				return nil, err
-			}
-
-			if gitRemoteUrl.Scheme == apiUrl.Scheme &&
-				gitRemoteUrl.Host == apiUrl.Host {
-
-				if setRequestAuthFromUrl(req, gitRemoteUrl) {
-					return nil, nil
-				}
-
-				credsUrl = gitRemoteUrl
-			}
-		}
-	}
-
-	creds, err := credentials(credsUrl)
-	if err != nil {
-		return nil, err
-	}
-
-	setRequestAuth(req, creds["username"], creds["password"])
-	return creds, nil
-}
-
 func setRequestAuthFromUrl(req *http.Request, u *url.URL) bool {
 	if u.User != nil {
 		if pass, ok := u.User.Password(); ok {
@ -701,6 +656,10 @@ func setRequestAuthFromUrl(req *http.Request, u *url.URL) bool {
 }

 func setRequestAuth(req *http.Request, user, pass string) {
+	if len(user) == 0 && len(pass) == 0 {
+		return
+	}
+
 	token := fmt.Sprintf("%s:%s", user, pass)
 	auth := "Basic " + base64.URLEncoding.EncodeToString([]byte(token))
 	req.Header.Set("Authorization", auth)
--- a/lfs/credentials.go
+++ b/lfs/credentials.go
@ -3,11 +3,65 @@ package lfs
 import (
 	"bytes"
 	"fmt"
+	"net/http"
 	"net/url"
 	"os/exec"
 	"strings"
 )

+// getCredsForAPI gets the credentials for LFS API requests:
+// 1. Check the LFS URL for authentication. Ex: http://user:pass@example.com
+// 2. Check the Git remote URL for authentication IF it's the same scheme and
+//    host of the LFS URL.
+// 3. Ask 'git credential' to fill in the password from one of the above URLs.
+func getCredsForAPI(req *http.Request) (Creds, error) {
+	if len(req.Header.Get("Authorization")) > 0 {
+		return nil, nil
+	}
+
+	apiUrl, err := Config.ObjectUrl("")
+	if err != nil {
+		return nil, err
+	}
+
+	if req.URL.Scheme != apiUrl.Scheme ||
+		req.URL.Host != apiUrl.Host {
+		return nil, nil
+	}
+
+	if setRequestAuthFromUrl(req, apiUrl) {
+		return nil, nil
+	}
+
+	credsUrl := apiUrl
+	if len(Config.CurrentRemote) > 0 {
+		if u, ok := Config.GitConfig("remote." + Config.CurrentRemote + ".url"); ok {
+			gitRemoteUrl, err := url.Parse(u)
+			if err != nil {
+				return nil, err
+			}
+
+			if gitRemoteUrl.Scheme == apiUrl.Scheme &&
+				gitRemoteUrl.Host == apiUrl.Host {
+
+				if setRequestAuthFromUrl(req, gitRemoteUrl) {
+					return nil, nil
+				}
+
+				credsUrl = gitRemoteUrl
+			}
+		}
+	}
+
+	creds, err := credentials(credsUrl)
+	if err != nil {
+		return nil, err
+	}
+
+	setRequestAuth(req, creds["username"], creds["password"])
+	return creds, nil
+}
+
 type credentialFetcher interface {
 	Credentials() Creds
 }
--- a/lfs/credentials_test.go
+++ b/lfs/credentials_test.go
@ -13,7 +13,7 @@ func TestGetCredentials(t *testing.T) {
 		t.Fatal(err)
 	}

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -41,7 +41,7 @@ func TestGetCredentialsWithExistingAuthorization(t *testing.T) {

 	req.Header.Set("Authorization", "Test monkey")

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -62,7 +62,7 @@ func TestGetCredentialsWithSchemeMismatch(t *testing.T) {
 		t.Fatal(err)
 	}

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -83,7 +83,7 @@ func TestGetCredentialsWithHostMismatch(t *testing.T) {
 		t.Fatal(err)
 	}

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -104,7 +104,7 @@ func TestGetCredentialsWithPortMismatch(t *testing.T) {
 		t.Fatal(err)
 	}

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -125,7 +125,7 @@ func TestGetCredentialsWithRfc1738UsernameAndPassword(t *testing.T) {
 		t.Fatal(err)
 	}

-	creds, err := getCreds(req)
+	creds, err := getCredsForAPI(req)
 	if err != nil {
 		t.Fatal(err)
 	}