lunny/git-lfs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rename getCreds() to getCredsForAPI() to describe it's LFS-API-specific behavior

Browse Source
This commit is contained in:
Rick Olson 2015-08-28 11:02:17 -06:00
parent ed376b42ff
commit 55b1fdf8c5
3 changed files with 71 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
lfs/client.go
View File

@ -381,7 +381,7 @@ func doHttpRequest(req *http.Request) (*http.Response, *WrappedError) {
func doApiRequestWithRedirects(req *http.Request, via []*http.Request, useCreds bool) (*http.Response, *WrappedError) { func doApiRequestWithRedirects(req *http.Request, via []*http.Request, useCreds bool) (*http.Response, *WrappedError) {
var creds Creds var creds Creds
if useCreds { if useCreds {
c, err := getCreds(req) c, err := getCredsForAPI(req)
if err != nil { if err != nil {
return nil, Error(err) return nil, Error(err)
} }
@ -537,10 +537,13 @@ func saveCredentials(creds Creds, res *http.Response) {
return return
} }
if res.StatusCode < 300 { switch res.StatusCode {
execCreds(creds, "approve") case 401, 403:
} else if res.StatusCode == 401 {
execCreds(creds, "reject") execCreds(creds, "reject")
default:
if res.StatusCode < 300 {
execCreds(creds, "approve")
}
} }
} }
@ -640,54 +643,6 @@ func newBatchClientRequest(method, rawurl string) (*http.Request, error) {
return req, nil return req, nil
} }
func getCreds(req *http.Request) (Creds, error) {
if len(req.Header.Get("Authorization")) > 0 {
return nil, nil
}
apiUrl, err := Config.ObjectUrl("")
if err != nil {
return nil, err
}
if req.URL.Scheme != apiUrl.Scheme ||
req.URL.Host != apiUrl.Host {
return nil, nil
}
if setRequestAuthFromUrl(req, apiUrl) {
return nil, nil
}
credsUrl := apiUrl
if len(Config.CurrentRemote) > 0 {
if u, ok := Config.GitConfig("remote." + Config.CurrentRemote + ".url"); ok {
gitRemoteUrl, err := url.Parse(u)
if err != nil {
return nil, err
}
if gitRemoteUrl.Scheme == apiUrl.Scheme &&
gitRemoteUrl.Host == apiUrl.Host {
if setRequestAuthFromUrl(req, gitRemoteUrl) {
return nil, nil
}
credsUrl = gitRemoteUrl
}
}
}
creds, err := credentials(credsUrl)
if err != nil {
return nil, err
}
setRequestAuth(req, creds["username"], creds["password"])
return creds, nil
}
func setRequestAuthFromUrl(req *http.Request, u *url.URL) bool { func setRequestAuthFromUrl(req *http.Request, u *url.URL) bool {
if u.User != nil { if u.User != nil {
if pass, ok := u.User.Password(); ok { if pass, ok := u.User.Password(); ok {
@ -701,6 +656,10 @@ func setRequestAuthFromUrl(req *http.Request, u *url.URL) bool {
} }
func setRequestAuth(req *http.Request, user, pass string) { func setRequestAuth(req *http.Request, user, pass string) {
if len(user) == 0 && len(pass) == 0 {
return
}
token := fmt.Sprintf("%s:%s", user, pass) token := fmt.Sprintf("%s:%s", user, pass)
auth := "Basic " + base64.URLEncoding.EncodeToString([]byte(token)) auth := "Basic " + base64.URLEncoding.EncodeToString([]byte(token))
req.Header.Set("Authorization", auth) req.Header.Set("Authorization", auth)

54
lfs/credentials.go
View File

@ -3,11 +3,65 @@ package lfs
import ( import (
"bytes" "bytes"
"fmt" "fmt"
"net/http"
"net/url" "net/url"
"os/exec" "os/exec"
"strings" "strings"
) )
// getCredsForAPI gets the credentials for LFS API requests:
// 1. Check the LFS URL for authentication. Ex: http://user:pass@example.com
// 2. Check the Git remote URL for authentication IF it's the same scheme and
// host of the LFS URL.
// 3. Ask 'git credential' to fill in the password from one of the above URLs.
func getCredsForAPI(req *http.Request) (Creds, error) {
if len(req.Header.Get("Authorization")) > 0 {
return nil, nil
}
apiUrl, err := Config.ObjectUrl("")
if err != nil {
return nil, err
}
if req.URL.Scheme != apiUrl.Scheme ||
req.URL.Host != apiUrl.Host {
return nil, nil
}
if setRequestAuthFromUrl(req, apiUrl) {
return nil, nil
}
credsUrl := apiUrl
if len(Config.CurrentRemote) > 0 {
if u, ok := Config.GitConfig("remote." + Config.CurrentRemote + ".url"); ok {
gitRemoteUrl, err := url.Parse(u)
if err != nil {
return nil, err
}
if gitRemoteUrl.Scheme == apiUrl.Scheme &&
gitRemoteUrl.Host == apiUrl.Host {
if setRequestAuthFromUrl(req, gitRemoteUrl) {
return nil, nil
}
credsUrl = gitRemoteUrl
}
}
}
creds, err := credentials(credsUrl)
if err != nil {
return nil, err
}
setRequestAuth(req, creds["username"], creds["password"])
return creds, nil
}
type credentialFetcher interface { type credentialFetcher interface {
Credentials() Creds Credentials() Creds
} }

12
lfs/credentials_test.go
View File

@ -13,7 +13,7 @@ func TestGetCredentials(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -41,7 +41,7 @@ func TestGetCredentialsWithExistingAuthorization(t *testing.T) {
req.Header.Set("Authorization", "Test monkey") req.Header.Set("Authorization", "Test monkey")
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -62,7 +62,7 @@ func TestGetCredentialsWithSchemeMismatch(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -83,7 +83,7 @@ func TestGetCredentialsWithHostMismatch(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -104,7 +104,7 @@ func TestGetCredentialsWithPortMismatch(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -125,7 +125,7 @@ func TestGetCredentialsWithRfc1738UsernameAndPassword(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
creds, err := getCreds(req) creds, err := getCredsForAPI(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }