undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d208bfdfef
git-commit-vandalism/builtin
History
M Hickford d208bfdfef credential: new attribute password_expiry_utc 
Some passwords have an expiry date known at generation. This may be
years away for a personal access token or hours for an OAuth access
token.

When multiple credential helpers are configured, `credential fill` tries
each helper in turn until it has a username and password, returning
early. If Git authentication succeeds, `credential approve`
stores the successful credential in all helpers. If authentication
fails, `credential reject` erases matching credentials in all helpers.
Helpers implement corresponding operations: get, store, erase.

The credential protocol has no expiry attribute, so helpers cannot
store expiry information. Even if a helper returned an improvised
expiry attribute, git credential discards unrecognised attributes
between operations and between helpers.

This is a particular issue when a storage helper and a
credential-generating helper are configured together:

	[credential]
		helper = storage  # eg. cache or osxkeychain
		helper = generate  # eg. oauth

`credential approve` stores the generated credential in both helpers
without expiry information. Later `credential fill` may return an
expired credential from storage. There is no workaround, no matter how
clever the second helper. The user sees authentication fail (a retry
will succeed).

Introduce a password expiry attribute. In `credential fill`, ignore
expired passwords and continue to query subsequent helpers.

In the example above, `credential fill` ignores the expired password
and a fresh credential is generated. If authentication succeeds,
`credential approve` replaces the expired password in storage.
If authentication fails, the expired credential is erased by
`credential reject`. It is unnecessary but harmless for storage
helpers to self prune expired credentials.

Add support for the new attribute to credential-cache.
Eventually, I hope to see support in other popular storage helpers.

Example usage in a credential-generating helper
https://github.com/hickford/git-credential-oauth/pull/16

Signed-off-by: M Hickford <mirth.hickford@gmail.com>
Reviewed-by: Calvin Wan <calvinwan@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2023-02-22 15:18:58 -08:00
..
add.c Merge branch 'jk/unused-post-2.39' 2022-12-26 11:42:05 +09:00
am.c Merge branch 'rs/dup-array' 2023-01-21 17:21:58 -08:00
annotate.c
apply.c
archive.c parse-options: PARSE_OPT_KEEP_UNKNOWN only applies to --options 2022-08-19 11:13:14 -07:00
bisect.c bisect: remove Cogito-related code 2023-01-13 14:17:14 -08:00
blame.c doc txt & -h consistency: make "annotate" consistent 2022-10-13 09:32:57 -07:00
branch.c Merge branch 'rj/branch-copy-and-rename' 2022-12-19 11:46:18 +09:00
bugreport.c built-ins: use free() not UNLEAK() if trivial, rm dead code 2022-11-21 12:32:48 +09:00
bundle.c Merge branch 'ab/bundle-wo-args' 2023-01-05 15:07:22 +09:00
cat-file.c Merge branch 'sa/cat-file-mailmap--batch-check' 2023-01-05 15:07:17 +09:00
check-attr.c attr: add flag --source to work with tree-ish 2023-01-14 08:49:55 -08:00
check-ignore.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
check-mailmap.c
check-ref-format.c
checkout--worker.c
checkout-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
checkout.c *: fix typos which duplicate a word 2023-01-08 10:28:34 +09:00
clean.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
clone.c Merge branch 'ds/bundle-uri-4' 2023-01-02 21:37:18 +09:00
column.c
commit-graph.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
commit-tree.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
commit.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
config.c built-ins: use free() not UNLEAK() if trivial, rm dead code 2022-11-21 12:32:48 +09:00
count-objects.c
credential-cache--daemon.c credential: new attribute password_expiry_utc 2023-02-22 15:18:58 -08:00
credential-cache.c
credential-store.c
credential.c
describe.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diagnose.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
diff-files.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff-tree.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
diff.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
difftool.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
fast-export.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
fast-import.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
fetch-pack.c list-objects-filter: add and use initializers 2022-09-12 08:38:59 -07:00
fetch.c fetch: fix duplicate remote parallel fetch bug 2023-01-19 14:41:48 -08:00
fmt-merge-msg.c
for-each-ref.c
for-each-repo.c for-each-repo: interpolate repo path arguments 2022-11-14 22:39:25 -05:00
fsck.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
fsmonitor--daemon.c Merge branch 'sx/pthread-error-check-fix' 2022-12-19 11:46:17 +09:00
gc.c Merge branch 'rp/maintenance-qol' 2022-11-23 11:22:24 +09:00
get-tar-commit-id.c
grep.c builtin/{grep,log}.: don't define "USE_THE_INDEX_COMPATIBILITY_MACROS" 2022-11-21 12:06:14 +09:00
hash-object.c Merge branch 'jk/hash-object-literally-fd-leak' 2023-01-27 08:51:41 -08:00
help.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
hook.c builtin/hook.c: let parse-options parse subcommands 2022-08-19 11:13:15 -07:00
index-pack.c
init-db.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
interpret-trailers.c doc txt & -h consistency: add missing options 2022-10-13 09:32:57 -07:00
log.c Merge branch 'jc/format-patch-v-unleak' 2023-01-23 13:39:52 -08:00
ls-files.c ls-files: fix a --with-tree memory leak 2022-11-21 12:32:48 +09:00
ls-remote.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
ls-tree.c Merge branch 'rs/ls-tree-path-expansion-fix' 2023-01-23 13:39:50 -08:00
mailinfo.c
mailsplit.c
merge-base.c doc txt & -h consistency: make output order consistent 2022-10-13 09:32:56 -07:00
merge-file.c
merge-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-ours.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
merge-recursive.c
merge-tree.c Merge branch 'jk/unused-post-2.39' 2022-12-26 11:42:05 +09:00
merge.c merge: break out of all_strategy loop when strategy is found 2023-01-13 10:24:57 -08:00
mktag.c
mktree.c
multi-pack-index.c multi-pack-index: avoid writing to global in option callback 2022-10-06 09:56:51 -07:00
mv.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
name-rev.c git-compat-util.h: use "UNUSED", not "UNUSED(var)" 2022-09-01 10:49:48 -07:00
notes.c notes: avoid empty line in template 2022-11-16 14:57:32 -05:00
pack-objects.c Merge branch 'ew/free-island-marks' 2023-02-09 14:40:47 -08:00
pack-redundant.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
pack-refs.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
patch-id.c builtin: patch-id: remove unused diff-tree prefix 2022-10-24 15:44:20 -07:00
prune-packed.c
prune.c prune: quiet ENOENT on missing directories 2022-11-21 15:58:54 +09:00
pull.c {builtin/*,repository}.c: add & use "USE_THE_INDEX_VARIABLE" 2022-11-21 12:06:15 +09:00
push.c Doc: document push.recurseSubmodules=only 2022-11-14 16:55:50 -05:00
range-diff.c diff: factor out add_diff_options() 2022-12-02 08:25:29 +09:00
read-tree.c read-tree: add "--super-prefix" option, eliminate global 2022-12-26 10:21:44 +09:00
rebase.c rebase: provide better error message for apply options vs. merge config 2023-01-25 09:20:53 -08:00
receive-pack.c receive-pack: only use visible refs for connectivity check 2022-11-17 16:22:52 -05:00
reflog.c refs: unify parse_worktree_ref() and ref_type() 2022-09-19 11:11:11 -07:00
remote-ext.c convert trivial uses of strncmp() to skip_prefix() 2023-01-08 10:34:37 +09:00
remote-fd.c convert trivial uses of strncmp() to starts_with() 2023-01-08 10:34:35 +09:00
remote.c Merge branch 'rs/no-more-run-command-v' 2022-11-08 17:15:12 -05:00
repack.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
replace.c
rerere.c diff: mark unused parameters in callbacks 2022-12-13 22:16:23 +09:00
reset.c Merge branch 'jk/unused-post-2.39' 2022-12-26 11:42:05 +09:00
rev-list.c Merge branch 'ps/receive-use-only-advertised' 2022-11-23 11:22:25 +09:00
rev-parse.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
revert.c Merge branch 'ab/various-leak-fixes' 2022-12-14 15:55:46 +09:00
rm.c submodule.c & submodule--helper: pass along "super_prefix" param 2022-12-26 10:21:43 +09:00
send-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
shortlog.c shortlog: implement --group=committer in terms of --group=<format> 2022-10-24 14:48:05 -07:00
show-branch.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
show-index.c
show-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
sparse-checkout.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
stash.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
stripspace.c
submodule--helper.c *: fix typos which duplicate a word 2023-01-08 10:28:34 +09:00
symbolic-ref.c Merge branch 'ab/doc-synopsis-and-cmd-usage' 2022-10-28 11:26:54 -07:00
tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
unpack-file.c unpack-file: fix ancient leak in create_temp_file() 2022-11-21 12:32:48 +09:00
unpack-objects.c
update-index.c cocci: apply "pending" index-compatibility to some "builtin/*.c" 2022-11-21 12:06:15 +09:00
update-ref.c
update-server-info.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
upload-archive.c doc txt & -h consistency: fix mismatching labels 2022-10-13 09:32:56 -07:00
upload-pack.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
var.c var: add GIT_SEQUENCE_EDITOR variable 2022-12-18 11:48:26 +09:00
verify-commit.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
verify-pack.c doc txt & -h consistency: add or fix optional "--" syntax 2022-10-13 09:32:56 -07:00
verify-tag.c doc txt & -h consistency: add missing options and labels 2022-10-13 09:32:56 -07:00
worktree.c treewide: always have a valid "index_state.repo" member 2023-01-17 14:32:06 -08:00
write-tree.c