GCM OAuth Issue - GCM Erases Expired Token But Does Not Renew - Gitea

[aotongarcia]

Version

2.3.2

Operating system

Windows

OS version or distribution

Windows 11 Enterprise 22H2

Git hosting provider(s)

Other - please describe below

Other hosting provider

Self-hosted Gitea

(Azure DevOps only) What format is your remote URL?

None

Can you access the remote repository directly in the browser?

Yes, I can access the repository

Expected behavior

When I run git push after committing my changes I'd expect the behavior to be as folows:

PS C:\Users\myusername\sysadmin-scripts> git push
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 8 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 906 bytes | 906.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0), pack-reused 0
remote: . Processing 1 references
remote: Processed 1 references in total
To https://mygiteaserver.internaldomain.com:3000/myOrg/sysadmin-scripts.git
   b3d7adc..5a1518c  main -> main

Actual behavior

When running git push after a certain amount of time (I want to say 1-2 hours) I get the following error

remote: Verify
fatal: Authentication failed for 'https://mygiteaserver.internaldomain.com:3000/myOrg/sysadmin-scripts.git/'

The only way I can get around this is removing all these entries from Windows Credential Manager. The current authentication in the internal Gitea server is using Azure AD for whatever that might be worth.

Logs

11:36:03.353003 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
11:36:03.353003 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
11:36:03.353003 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
11:36:03.353003 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
11:36:03.353003 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
11:36:03.353003 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
11:36:03.353003 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
11:36:03.390958 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
11:36:03.398351 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
11:36:03.400369 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
11:36:03.400369 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
11:36:03.400369 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
11:36:03.402886 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
11:36:03.404917 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
11:36:03.406921 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://mygiteaserver.internaldomain.com:3000 account=...
11:36:03.412228 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
11:36:03.412228 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
11:36:03.412228 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
11:36:03.412228 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=mygiteaserver.internaldomain.com:3000
11:36:03.412228 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
11:36:03.412228 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
11:36:03.413233 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
11:36:03.797506 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
11:36:03.797506 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
11:36:03.797506 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
11:36:03.797506 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
11:36:03.797506 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
11:36:03.797506 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
11:36:03.797506 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: erase
11:36:03.832110 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
11:36:03.839165 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
11:36:03.840168 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
11:36:03.840168 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
11:36:03.840168 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
11:36:03.840168 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
11:36:03.843636 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
11:36:03.845657 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
11:36:03.845657 ...\HostProvider.cs:173 trace: [EraseCredentialAsync] Erasing stored credential in store with service=https://mygiteaserver.internaldomain.com:3000 account=OAUTH_USER...
11:36:03.851760 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
11:36:03.851760 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...

[aotongarcia]

Okay so I went to my .gitconfig and removed wincred and that seems to have possibly done it. I'll keep my eye on it.

For what it is worth, I followed https://github.com/hickford/git-credential-oauth to set up my .gitconfig

[mjcheetham]

remote: Verify

Messages prepended with remote: come from the server. Looking at your logs (thanks for including them!) I can see the token that GCM returned to Git was a cached token.

It may be that the stored token had expired, and needed to be refreshed. Reattempting authentication should fix this.

For what it is worth, I followed https://github.com/hickford/git-credential-oauth to set up my .gitconfig

Looking at the screenshot of the Windows Credential Manager, I can see that there are three entries. It may be the case that some misconfiguration has occurred and a stale token has been stored.

Please could you share your Git configuration?

git config --list --show-scope

Also are you using or have you installed git-credential-oauth alongside Git for Windows (that includes GCM)?

[aotongarcia]

It may be that the stored token had expired, and needed to be refreshed. Reattempting authentication should fix this.

That is also what I thought at first, but I can replicate this every time after 1-2 hours (still trying to determine when it occurs so let's use that timeframe loosely).

My Git Configuration is below as requested

system  diff.astextplain.textconv=astextplain
system  filter.lfs.clean=git-lfs clean -- %f
system  filter.lfs.smudge=git-lfs smudge -- %f
system  filter.lfs.process=git-lfs filter-process
system  filter.lfs.required=true
system  http.sslbackend=openssl
system  http.sslcainfo=C:/Program Files/Git/mingw64/etc/ssl/certs/ca-bundle.crt
system  core.autocrlf=true
system  core.fscache=true
system  core.symlinks=false
system  pull.rebase=false
system  credential.helper=manager
system  credential.https://dev.azure.com.usehttppath=true
system  init.defaultbranch=master
global  http.sslcainfo=C:\Users\myUsername\Work Folders\Documents\GitHub Certificates\git-certs.crt
global  http.sslverify=true
global  user.name=myName
global  user.email=myemail@company.com
global  credential.https://mygiteaserver.internaldomain.com:3000.oauthclientid=myClientID
global  credential.https://mygiteaserver.internaldomain.com:3000.oauthredirecturi=http://127.0.0.1/
global  credential.https://mygiteaserver.internaldomain.com:3000.oauthauthorizeendpoint=/login/oauth/authorize
global  credential.https://mygiteaserver.internaldomain.com:3000.oauthtokenendpoint=/login/oauth/access_token
global  credential.https://mygiteaserver.internaldomain.com.oauthscopes=write:repository
global  credential.https://mygiteaserver.internaldomain.com:3000.provider=generic
global  core.editor=code --wait
global  credential.helper=oauth
global  credential.trace=C:\Users\myusername\git.log
local   core.repositoryformatversion=0
local   core.filemode=false
local   core.bare=false
local   core.logallrefupdates=true
local   core.symlinks=false
local   core.ignorecase=true
local   remote.origin.url=https://mygiteaserver.internaldomain.com:3000/myOrg/sysadmin-scripts.git
local   remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
local   branch.main.remote=origin
local   branch.main.merge=refs/heads/main

Also are you using or have you installed git-credential-oauth alongside Git for Windows (that includes GCM)?

I did copy the git-credential-oauth.exe to the same directory where Git is.

I'm not very experience with OAuth applications so assume I am as novice as they come. It might be the simplest issue on my end.

Below you will find my Gitea OAuth application

[mjcheetham]

system  credential.helper=manager
...
global  credential.helper=oauth

I see that you have both GCM and git-credential-oauth configured. I wonder if there may be some interop issues between the two.

Please can you try deleting all of the related credentials from the Windows Credential Manager, enabling both GIT_TRACE=1 and GCM_TRACE=1 tracing, and then reattempt a fetch or push?

I'd like to check what interaction is happening, and which helper is responsible for creating the 3 credentials shown in your screenshot. GCM should only be creating 2.

[aotongarcia]

I'll go ahead and do that - in fact, I'm hitting the 2 hour window since my last commit so I want to see if removing wincred did anything. After I check that I will follow your instructions. Do I need to remove [credential] helper = oauth from my config as well?

EDIT: Removing wincred from the helpers did nothing. I'm following your instructions next.

[aotongarcia]

Okay here's what I did, I removed git-credential-oauth.exe from the Git directory (I also wanted to test your theory of the 3 credentials being created vs 2). From my Powershell terminal I ran SET GIT_TRACE=1 and SET GCM_TRACE=1. I deleted all stored credentials. I created a test filed called "Test.txt", I ran git push. Since no credentials are stored in the system, I got sent to my redirect URL and authorization was successful as seen below (I expected this).

I checked Credential Manager and only see 2 credentials being stored as you said it should be happening.

Maybe I did not need git-credential-oauth after all. I only installed it because it seemed like it was needed for Gitea to work with OAuth. After finding out about it, I read a few issues between you and hickford and noticed you added generic OAuth support to be configured via the config file, so I followed a mix of yours and his instructions. Now that I have two creds saved, I'm going to see if I get that error again in ~2 hours.

Like I said, brand spanking new to this OAuth stuff :)

[aotongarcia]

I decided to give it a try again, roughly an hour and some after posting my last comment. First time I did git push, it failed with the same error. I went to credential manager and only git:https://refresh_token.myGiteaURL.com:3000 was available. Then I ran git push again and it worked and now there are two credentials there.

For some reason when I ran SET GIT_TRACE=1 and SET GCM_TRACE=1 it meant it stopped writing to the log file so I was not able to catch the log entries for when it didn't work but below are the entries for when it did work.

16:21:27.283084 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:21:27.283084 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:21:27.283084 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:21:27.283084 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:21:27.283084 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:21:27.283084 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:21:27.283084 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
16:21:27.327525 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
16:21:27.336622 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:21:27.337613 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:21:27.337613 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
16:21:27.337613 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
16:21:27.340539 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:21:27.343536 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:21:27.345536 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://mygiteaserver.internaldomain.com:3000 account=...
16:21:27.351621 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
16:21:27.351621 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...
16:21:27.353612 ...icHostProvider.cs:68 trace: [GenerateCredentialAsync] Found generic OAuth configuration for 'https://mygiteaserver.internaldomain.com:3000/':
16:21:27.353612 ...icHostProvider.cs:69 trace: [GenerateCredentialAsync]    AuthzEndpoint   = https://mygiteaserver.internaldomain.com:3000/login/oauth/authorize
16:21:27.354618 ...icHostProvider.cs:70 trace: [GenerateCredentialAsync]    TokenEndpoint   = https://mygiteaserver.internaldomain.com:3000/login/oauth/access_token
16:21:27.354618 ...icHostProvider.cs:71 trace: [GenerateCredentialAsync]    DeviceEndpoint  = 
16:21:27.354618 ...icHostProvider.cs:72 trace: [GenerateCredentialAsync]    ClientId        = myClientID
16:21:27.354618 ...icHostProvider.cs:73 trace: [GenerateCredentialAsync]    ClientSecret    = 
16:21:27.354618 ...icHostProvider.cs:74 trace: [GenerateCredentialAsync]    RedirectUri     = http://127.0.0.1/
16:21:27.354618 ...icHostProvider.cs:75 trace: [GenerateCredentialAsync]    Scopes          = [write:repository]
16:21:27.354618 ...icHostProvider.cs:76 trace: [GenerateCredentialAsync]    UseAuthHeader   = True
16:21:27.354618 ...icHostProvider.cs:77 trace: [GenerateCredentialAsync]    DefaultUserName = OAUTH_USER
16:21:27.358613 ...pClientFactory.cs:60 trace: [CreateClient] Creating new HTTP client instance...
16:21:27.386927 ...pClientFactory.cs:80 trace: [CreateClient] Git's SSL/TLS backend is: OpenSsl
16:21:27.903129 ...ClientFactory.cs:113 trace: [CreateClient] Custom certificate verification has been enabled with certificate bundle at C:\Users\myUsername\Work Folders\Documents\GitHub Certificates\git-certs.crt
16:21:28.932944 ...\HostProvider.cs:136 trace: [GetCredentialAsync] Credential created.
16:21:28.932944 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
16:21:28.932944 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
16:21:28.932944 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=mygiteaserver.internaldomain.com:3000
16:21:28.932944 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
16:21:28.932944 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
16:21:28.933960 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
16:21:30.100538 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:21:30.102733 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:21:30.102733 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:21:30.102733 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:21:30.102733 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:21:30.102733 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:21:30.102733 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
16:21:30.211245 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
16:21:30.235954 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:21:30.240942 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:21:30.240942 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
16:21:30.240942 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
16:21:30.240942 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
16:21:30.249855 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:21:30.254924 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:21:30.255926 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=mygiteaserver.internaldomain.com:3000 account=OAUTH_USER...
16:21:30.271792 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
16:21:30.271792 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...

Reading those logs I see two or three lines that caught my eye which I guess matches the behavior I saw when it first failed and I noticed a missing credential.

16:21:27.351621 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
16:21:27.351621 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...

I can't find anything in Gitea's documentation in regards to these two values but these are the other lines that caught my attention.

16:21:27.354618 ...icHostProvider.cs:76 trace: [GenerateCredentialAsync]    UseAuthHeader   = True
16:21:27.354618 ...icHostProvider.cs:77 trace: [GenerateCredentialAsync]    DefaultUserName = OAUTH_USER

[aotongarcia]

I was able to replicate the issue - it looks like it deletes the token but did not attempt to refresh it?

18:00:51.813874 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
18:00:51.813874 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
18:00:51.813874 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
18:00:51.813874 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
18:00:51.813874 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
18:00:51.813874 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
18:00:51.813874 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
18:00:51.848480 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
18:00:51.855865 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
18:00:51.856904 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
18:00:51.856904 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
18:00:51.856904 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
18:00:51.858899 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
18:00:51.860910 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
18:00:51.862824 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://mygiteaserver.internaldomain.com:3000 account=...
18:00:51.867823 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
18:00:51.867823 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
18:00:51.867823 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
18:00:51.867823 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=mygiteaserver.internaldomain.com:3000
18:00:51.867823 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
18:00:51.867823 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
18:00:51.867823 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
18:00:52.245804 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
18:00:52.246808 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
18:00:52.246808 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
18:00:52.246808 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
18:00:52.246808 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
18:00:52.246808 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
18:00:52.246808 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: erase
18:00:52.283355 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
18:00:52.290299 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
18:00:52.291384 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
18:00:52.291384 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=mygiteaserver.internaldomain.com:3000
18:00:52.291384 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
18:00:52.291384 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
18:00:52.293574 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
18:00:52.295751 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
18:00:52.295751 ...\HostProvider.cs:173 trace: [EraseCredentialAsync] Erasing stored credential in store with service=mygiteaserver.internaldomain.com:3000 account=OAUTH_USER...
18:00:52.301361 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
18:00:52.301361 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...

[aotongarcia]

@mjcheetham I can replicate this issue consistently where the credentials gets erased and it re-adds new credentials on git push

[aotongarcia]

I come bearing more logs! I haven't performed a git push for about ~4 hours but this time it erased the expired token and renewed it?

There are about 365 lines but I'll point out the important ones - if you want me to use an external paste service next time just let me know - happy to accommodate since this looks like a bunch of word vomit in a GitHub comment.

Line 30 and 39 we see the credential being erased - this was roughly 40 minutes since my last git push.

12:00:28.579528 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
12:00:28.637569 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.

Line 56 we see GCM not finding the credentials and creating a new one, this was me runing git push after getting a failure from the previous git push

12:00:34.091144 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
12:00:34.091144 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...
12:00:34.097139 ...icHostProvider.cs:68 trace: [GenerateCredentialAsync] Found generic OAuth configuration for 'https://pdc-gitea01.jwllp.com:3000/':

Lines 309-310 we see the credentials being erased roughly 3 hours after my last git push

16:37:16.140283 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
16:37:16.141281 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...

Line 326 we see GCM doing what I'd expect it to do and create the new credential without my git push failing or me having to run it again.

16:37:45.867975 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
16:37:45.867975 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...

Below are the full logs:

12:00:27.196971 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:00:27.197976 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:00:27.197976 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:00:27.197976 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:00:27.197976 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:00:27.197976 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:00:27.197976 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
12:00:27.285190 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
12:00:27.301197 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:00:27.304246 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:00:27.304246 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:00:27.304246 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
12:00:27.308933 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:00:27.314713 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:00:27.316799 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
12:00:27.327197 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
12:00:27.328193 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
12:00:27.328193 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
12:00:27.328193 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
12:00:27.328193 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
12:00:27.328193 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
12:00:27.329191 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
12:00:28.475691 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:00:28.476703 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:00:28.477712 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:00:28.477712 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:00:28.477712 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:00:28.477712 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:00:28.477712 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: erase
12:00:28.579528 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
12:00:28.604250 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:00:28.608287 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:00:28.608287 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:00:28.608287 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
12:00:28.608287 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
12:00:28.615108 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:00:28.620336 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:00:28.621343 ...\HostProvider.cs:173 trace: [EraseCredentialAsync] Erasing stored credential in store with service=https://myGiteaServer:3000 account=OAUTH_USER...
12:00:28.637569 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
12:00:28.637569 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...
12:00:33.949445 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:00:33.950459 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:00:33.950459 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:00:33.950459 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:00:33.950459 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:00:33.950459 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:00:33.950459 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
12:00:34.042321 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
12:00:34.065919 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:00:34.068261 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:00:34.068261 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:00:34.068261 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
12:00:34.073404 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:00:34.079723 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:00:34.082018 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
12:00:34.091144 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
12:00:34.091144 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...
12:00:34.097139 ...icHostProvider.cs:68 trace: [GenerateCredentialAsync] Found generic OAuth configuration for 'https://myGiteaServer:3000/':
12:00:34.097139 ...icHostProvider.cs:69 trace: [GenerateCredentialAsync]    AuthzEndpoint   = https://myGiteaServer:3000/login/oauth/authorize
12:00:34.097139 ...icHostProvider.cs:70 trace: [GenerateCredentialAsync]    TokenEndpoint   = https://myGiteaServer:3000/login/oauth/access_token
12:00:34.097139 ...icHostProvider.cs:71 trace: [GenerateCredentialAsync]    DeviceEndpoint  = 
12:00:34.097139 ...icHostProvider.cs:72 trace: [GenerateCredentialAsync]    ClientId        = 3f998b8d-64ae-48a8-8a3b-f814788b3345
12:00:34.097139 ...icHostProvider.cs:73 trace: [GenerateCredentialAsync]    ClientSecret    = 
12:00:34.097139 ...icHostProvider.cs:74 trace: [GenerateCredentialAsync]    RedirectUri     = http://127.0.0.1/
12:00:34.097139 ...icHostProvider.cs:75 trace: [GenerateCredentialAsync]    Scopes          = [write:repository]
12:00:34.097139 ...icHostProvider.cs:76 trace: [GenerateCredentialAsync]    UseAuthHeader   = True
12:00:34.097139 ...icHostProvider.cs:77 trace: [GenerateCredentialAsync]    DefaultUserName = OAUTH_USER
12:00:34.101746 ...pClientFactory.cs:60 trace: [CreateClient] Creating new HTTP client instance...
12:00:34.150123 ...pClientFactory.cs:80 trace: [CreateClient] Git's SSL/TLS backend is: OpenSsl
12:00:35.620058 ...ClientFactory.cs:113 trace: [CreateClient] Custom certificate verification has been enabled with certificate bundle at C:\Users\myusername\Work Folders\Documents\GitHub Certificates\git-certs.crt
12:00:36.815811 ...\HostProvider.cs:136 trace: [GetCredentialAsync] Credential created.
12:00:36.815811 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
12:00:36.815811 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
12:00:36.815811 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
12:00:36.815811 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
12:00:36.815811 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
12:00:36.815811 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
12:00:37.796008 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:00:37.798024 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:00:37.798024 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:00:37.798024 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:00:37.798024 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:00:37.798024 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:00:37.798024 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
12:00:37.918362 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
12:00:37.956235 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:00:37.961217 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:00:37.962214 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:00:37.962214 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
12:00:37.962214 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
12:00:37.971184 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:00:37.978160 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:00:37.979157 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=https://myGiteaServer:3000 account=OAUTH_USER...
12:00:37.998136 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
12:00:37.998136 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...
12:11:13.662513 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:11:13.663512 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:11:13.663512 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:11:13.663512 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:11:13.663512 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:11:13.663512 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:11:13.663512 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
12:11:13.726730 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
12:11:13.738567 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:11:13.740564 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:11:13.741561 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:11:13.741561 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
12:11:13.745807 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:11:13.749933 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:11:13.752380 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
12:11:13.761600 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
12:11:13.761600 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
12:11:13.761600 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
12:11:13.761600 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
12:11:13.761600 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
12:11:13.761600 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
12:11:13.762596 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
12:11:14.630595 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:11:14.631592 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:11:14.631592 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:11:14.631592 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:11:14.631592 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:11:14.631592 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:11:14.631592 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
12:11:14.706088 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
12:11:14.721171 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:11:14.723164 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:11:14.723164 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:11:14.724161 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
12:11:14.724161 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
12:11:14.729146 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:11:14.734125 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:11:14.734125 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=https://myGiteaServer:3000 account=OAUTH_USER...
12:11:14.741102 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
12:11:14.741102 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...
12:19:16.796157 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:19:16.797501 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:19:16.797501 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:19:16.797501 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:19:16.797501 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:19:16.797501 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:19:16.797501 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
12:19:16.918611 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
12:19:16.961490 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:19:16.967469 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:19:16.968465 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:19:16.968465 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
12:19:16.979429 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:19:16.990003 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:19:16.994036 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
12:19:17.012972 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
12:19:17.013973 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
12:19:17.013973 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
12:19:17.013973 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
12:19:17.013973 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
12:19:17.013973 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
12:19:17.014967 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
12:19:18.256234 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
12:19:18.257249 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
12:19:18.257249 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
12:19:18.257249 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
12:19:18.257249 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
12:19:18.257249 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
12:19:18.257249 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
12:19:18.354121 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
12:19:18.373312 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
12:19:18.376303 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
12:19:18.376303 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
12:19:18.376303 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
12:19:18.376303 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
12:19:18.382294 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
12:19:18.389261 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
12:19:18.391256 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=https://myGiteaServer:3000 account=OAUTH_USER...
12:19:18.402213 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
12:19:18.402213 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...
13:09:30.339352 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
13:09:30.340356 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
13:09:30.340356 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
13:09:30.340356 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
13:09:30.340356 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
13:09:30.340356 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
13:09:30.340356 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
13:09:30.459049 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
13:09:30.481174 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
13:09:30.485566 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
13:09:30.485566 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
13:09:30.485566 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
13:09:30.495646 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
13:09:30.500013 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
13:09:30.503257 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
13:09:30.517304 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
13:09:30.517304 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
13:09:30.518298 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
13:09:30.518298 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
13:09:30.518298 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
13:09:30.518298 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
13:09:30.518298 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
13:09:31.479978 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
13:09:31.480974 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
13:09:31.480974 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
13:09:31.480974 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
13:09:31.480974 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
13:09:31.480974 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
13:09:31.480974 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: erase
13:09:31.580571 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
13:09:31.603179 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
13:09:31.607165 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
13:09:31.607165 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
13:09:31.607165 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
13:09:31.607165 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
13:09:31.615704 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
13:09:31.622681 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
13:09:31.623678 ...\HostProvider.cs:173 trace: [EraseCredentialAsync] Erasing stored credential in store with service=https://myGiteaServer:3000 account=OAUTH_USER...
13:09:31.642395 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
13:09:31.643401 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...
13:09:36.871568 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
13:09:36.872594 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
13:09:36.872594 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
13:09:36.872594 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
13:09:36.872594 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
13:09:36.873617 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
13:09:36.873617 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
13:09:36.991877 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
13:09:37.012795 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
13:09:37.016713 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
13:09:37.016713 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
13:09:37.016713 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
13:09:37.023760 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
13:09:37.028685 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
13:09:37.031662 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
13:09:37.043617 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
13:09:37.043617 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...
13:09:37.050615 ...icHostProvider.cs:68 trace: [GenerateCredentialAsync] Found generic OAuth configuration for 'https://myGiteaServer:3000/':
13:09:37.051612 ...icHostProvider.cs:69 trace: [GenerateCredentialAsync]    AuthzEndpoint   = https://myGiteaServer:3000/login/oauth/authorize
13:09:37.051612 ...icHostProvider.cs:70 trace: [GenerateCredentialAsync]    TokenEndpoint   = https://myGiteaServer:3000/login/oauth/access_token
13:09:37.051612 ...icHostProvider.cs:71 trace: [GenerateCredentialAsync]    DeviceEndpoint  = 
13:09:37.051612 ...icHostProvider.cs:72 trace: [GenerateCredentialAsync]    ClientId        = 3f998b8d-64ae-48a8-8a3b-f814788b3345
13:09:37.051612 ...icHostProvider.cs:73 trace: [GenerateCredentialAsync]    ClientSecret    = 
13:09:37.051612 ...icHostProvider.cs:74 trace: [GenerateCredentialAsync]    RedirectUri     = http://127.0.0.1/
13:09:37.051612 ...icHostProvider.cs:75 trace: [GenerateCredentialAsync]    Scopes          = [write:repository]
13:09:37.051612 ...icHostProvider.cs:76 trace: [GenerateCredentialAsync]    UseAuthHeader   = True
13:09:37.051612 ...icHostProvider.cs:77 trace: [GenerateCredentialAsync]    DefaultUserName = OAUTH_USER
13:09:37.058586 ...pClientFactory.cs:60 trace: [CreateClient] Creating new HTTP client instance...
13:09:37.123889 ...pClientFactory.cs:80 trace: [CreateClient] Git's SSL/TLS backend is: OpenSsl
13:09:38.409708 ...ClientFactory.cs:113 trace: [CreateClient] Custom certificate verification has been enabled with certificate bundle at C:\Users\myusername\Work Folders\Documents\GitHub Certificates\git-certs.crt
13:09:39.429711 ...\HostProvider.cs:136 trace: [GetCredentialAsync] Credential created.
13:09:39.429711 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
13:09:39.429711 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
13:09:39.430708 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
13:09:39.430708 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
13:09:39.430708 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
13:09:39.431710 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
13:09:40.860932 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
13:09:40.862927 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
13:09:40.862927 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
13:09:40.862927 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
13:09:40.862927 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
13:09:40.862927 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
13:09:40.862927 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
13:09:41.037795 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
13:09:41.063563 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
13:09:41.067940 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
13:09:41.067940 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
13:09:41.067940 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
13:09:41.067940 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
13:09:41.076959 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
13:09:41.082987 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
13:09:41.083985 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=https://myGiteaServer:3000 account=OAUTH_USER...
13:09:41.102617 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
13:09:41.103752 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...
16:37:14.315016 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:37:14.317053 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:37:14.317053 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:37:14.317053 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:37:14.317053 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:37:14.317053 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:37:14.317053 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
16:37:14.479085 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
16:37:14.510550 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:37:14.515555 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:37:14.515555 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
16:37:14.515555 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
16:37:14.523895 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:37:14.532190 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:37:14.535234 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
16:37:14.553629 ...\HostProvider.cs:140 trace: [GetCredentialAsync] Existing credential found.
16:37:14.553629 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
16:37:14.553629 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
16:37:14.553629 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
16:37:14.553629 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
16:37:14.553629 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
16:37:14.554639 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
16:37:15.845758 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:37:15.847749 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:37:15.847749 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:37:15.847749 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:37:15.847749 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:37:15.847749 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:37:15.847749 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: erase
16:37:16.040081 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'erase' command...
16:37:16.079488 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:37:16.085470 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:37:16.086463 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
16:37:16.086463 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
16:37:16.086463 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
16:37:16.099421 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:37:16.109387 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:37:16.111381 ...\HostProvider.cs:173 trace: [EraseCredentialAsync] Erasing stored credential in store with service=https://myGiteaServer:3000 account=OAUTH_USER...
16:37:16.140283 ...\HostProvider.cs:176 trace: [EraseCredentialAsync] Credential was successfully erased.
16:37:16.141281 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'erase' command...
16:37:45.679500 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:37:45.680497 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:37:45.680497 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:37:45.680497 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:37:45.680497 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:37:45.680497 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:37:45.680497 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: get
16:37:45.796255 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'get' command...
16:37:45.820885 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:37:45.825866 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:37:45.825866 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
16:37:45.825866 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   wwwauth=Basic realm="."
16:37:45.833839 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:37:45.843298 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:37:45.849277 ...\HostProvider.cs:126 trace: [GetCredentialAsync] Looking for existing credential in store with service=https://myGiteaServer:3000 account=...
16:37:45.867975 ...\HostProvider.cs:131 trace: [GetCredentialAsync] No existing credentials found.
16:37:45.867975 ...\HostProvider.cs:134 trace: [GetCredentialAsync] Creating new credential...
16:37:45.873955 ...icHostProvider.cs:68 trace: [GenerateCredentialAsync] Found generic OAuth configuration for 'https://myGiteaServer:3000/':
16:37:45.873955 ...icHostProvider.cs:69 trace: [GenerateCredentialAsync]    AuthzEndpoint   = https://myGiteaServer:3000/login/oauth/authorize
16:37:45.873955 ...icHostProvider.cs:70 trace: [GenerateCredentialAsync]    TokenEndpoint   = https://myGiteaServer:3000/login/oauth/access_token
16:37:45.873955 ...icHostProvider.cs:71 trace: [GenerateCredentialAsync]    DeviceEndpoint  = 
16:37:45.873955 ...icHostProvider.cs:72 trace: [GenerateCredentialAsync]    ClientId        = 3f998b8d-64ae-48a8-8a3b-f814788b3345
16:37:45.874953 ...icHostProvider.cs:73 trace: [GenerateCredentialAsync]    ClientSecret    = 
16:37:45.874953 ...icHostProvider.cs:74 trace: [GenerateCredentialAsync]    RedirectUri     = http://127.0.0.1/
16:37:45.874953 ...icHostProvider.cs:75 trace: [GenerateCredentialAsync]    Scopes          = [write:repository]
16:37:45.874953 ...icHostProvider.cs:76 trace: [GenerateCredentialAsync]    UseAuthHeader   = True
16:37:45.874953 ...icHostProvider.cs:77 trace: [GenerateCredentialAsync]    DefaultUserName = OAUTH_USER
16:37:45.885756 ...pClientFactory.cs:60 trace: [CreateClient] Creating new HTTP client instance...
16:37:45.976939 ...pClientFactory.cs:80 trace: [CreateClient] Git's SSL/TLS backend is: OpenSsl
16:37:47.152488 ...ClientFactory.cs:113 trace: [CreateClient] Custom certificate verification has been enabled with certificate bundle at C:\Users\myusername\Work Folders\Documents\GitHub Certificates\git-certs.crt
16:37:48.290954 ...\HostProvider.cs:136 trace: [GetCredentialAsync] Credential created.
16:37:48.290954 ...\GetCommand.cs:39    trace: [ExecuteInternalAsync] Writing credentials to output:
16:37:48.290954 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   protocol=https
16:37:48.292028 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   host=myGiteaServer:3000
16:37:48.292028 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   username=OAUTH_USER
16:37:48.292028 ...\GetCommand.cs:40    trace: [ExecuteInternalAsync]   password=********
16:37:48.292028 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'get' command...
16:37:49.069950 ...\Application.cs:106  trace: [RunInternalAsync] Version: 2.3.2.0
16:37:49.070946 ...\Application.cs:107  trace: [RunInternalAsync] Runtime: .NET Framework 4.0.30319.42000
16:37:49.070946 ...\Application.cs:108  trace: [RunInternalAsync] Platform: Windows (x86-64)
16:37:49.070946 ...\Application.cs:109  trace: [RunInternalAsync] OSVersion: 10.0 (build 22621)
16:37:49.070946 ...\Application.cs:110  trace: [RunInternalAsync] AppPath: C:\Program Files\Git\mingw64\bin\git-credential-manager.exe
16:37:49.070946 ...\Application.cs:111  trace: [RunInternalAsync] InstallDir: C:\Program Files\Git\mingw64\bin\
16:37:49.070946 ...\Application.cs:112  trace: [RunInternalAsync] Arguments: store
16:37:49.145352 ...GitCommandBase.cs:32 trace: [ExecuteAsync] Start 'store' command...
16:37:49.159301 ...GitCommandBase.cs:46 trace: [ExecuteAsync] Detecting host provider for input:
16:37:49.161294 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   protocol=https
16:37:49.161294 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   host=myGiteaServer:3000
16:37:49.161294 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   username=OAUTH_USER
16:37:49.161294 ...GitCommandBase.cs:47 trace: [ExecuteAsync]   password=********
16:37:49.166277 ...oviderRegistry.cs:99 trace: [GetProviderAsync] Host provider override was set id='generic'
16:37:49.170496 ...GitCommandBase.cs:49 trace: [ExecuteAsync] Host provider 'Generic' was selected.
16:37:49.171493 ...\HostProvider.cs:160 trace: [StoreCredentialAsync] Storing credential with service=https://myGiteaServer:3000 account=OAUTH_USER...
16:37:49.183098 ...\HostProvider.cs:162 trace: [StoreCredentialAsync] Credential was successfully stored.
16:37:49.183098 ...GitCommandBase.cs:53 trace: [ExecuteAsync] End 'store' command...

[ldennington]

@aotongarcia - thanks so much for including the full logs, that's super helpful! I believe what you're seeing is an expected flow. These docs show that Gitea OAuth access tokens expire after 1 hour. From what I observed in your logs, you were able to authenticate successfully for ~1 hour between erases, so this seems to make sense.

Per the OAuth RFC, longer-lived refresh tokens should be used to "refresh" expired access tokens. According to the docs linked above, Gitea refresh tokens last for 730 hours. From what I can tell, it seems like GCM is using your refresh token to obtain a new access token after old ones are erased. New tokens last an hour and then the process resumes when you next authenticate.

My hunch here is that there was some weirdness going on with GCM/git-credential-oauth. It looks as though this has been sorted out, but it would probably be best to go ahead and remove git-credential-oauth from your config for safety:

git config --global --unset credential.helper

Also, can you verify that you're not being prompted by GCM when the erases occur? The new access tokens should be generated by GCM via the refresh token with no user interaction.

[aotongarcia]

@ldennington thanks for following up! I have removed git-credential-oauth as one of the initial troubleshooting steps but will double check.

The problem I am seeing now is that GCM makes no attempt to fetch a new access token when it erases the expired one. Currently this is whats happening (from what I understand):

git push > GCM checks access token > if expired GCM erases access token and does not fetch a new one > git push fails because no access token exists > git push again, GCM fetches new access token.

I am not being prompted when it fetches the new token, and what I mean by this is that a new window does not open on my browser.

[JVimes]

I think I'm hitting this. Git commands frequently yield "Authentication failed". Deleting two entries from Windows Credential Manager (ones is "refresh_token") works around it, opening the browser page again. I'm logging into self hosted Gitea using "Log in with GitHub".

[JVimes]

Running clone twice in a row also seems to work in my case. I guess it refreshes the token. Confusing for users, though.

[No0Vad]

Running clone twice in a row also seems to work in my case. I guess it refreshes the token. Confusing for users, though.

Same here, I have authenticated once in Gitea, but after a while the token expires and the command fails. But if I run the command again immediate it works and will work for a while again. Until it expires again.

[257er]

Have the same issue. Does anyone have a solution yet?

[eeyrjmr]

I am now regularly hitting this as well. unsure if it is gitea side, git on gitea side or client side...

[jonathanduke]

This seems to be on the GCM side. I can delete the access token from Windows Credential Manager, run a push or pull, and GCM will use the refresh token to get a new access token, and it works fine. After that, the new access token is also stored in Windows Credential Manager, and it works until it is expired.

However, if the access token in Windows Credential Manager is expired (or invalid... ie. edit it manually and just put "zzz" in the password field) it will cause a push/pull to fail. Rather than refreshing the invalid/expired access token, GCM seems to delete it and give up, which is why it works fine the second time.

There is also an issue for this in the Gitea repo: https://github.com/go-gitea/gitea/issues/31470

[Anteru]

Isn't this the same issue as #1705?

[eeyrjmr]

Isn't this the same issue as #1705?

Possibly... This issue has been around alot longer but #1705 does provide some additional insight. I have done git config --global credential.azreposCredentialType oauth but this week I didn't actually do any git interactions to confirm if it does fix it

[Anteru]

I would assume it doesn't help for Gitea, but there's something going on here, in the sense there's at least one more case of very similar symptoms. I'm also curious is this has been always an issue with Gitea or started at some point, given the description in #1705, it should have never worked properly?

[jonathanduke]

I would assume it doesn't help for Gitea, but there's something going on here, in the sense there's at least one more case of very similar symptoms. I'm also curious is this has been always an issue with Gitea or started at some point, given the description in #1705, it should have never worked properly?

I don't think GCM support for Gitea was added until GCM 2.4.1, and that's why it's only showing up now.

EDIT: Based on my old Windows 10 machine's configuration, I was using "manager-core" (version 2.0.394) before, and now I am using "manager" (version 2.5.1) on my Windows 11 machine. I also tried manager-core 2.6.0, which has the same behavior.

EDIT2: The azreposCredentialType (which looks specific to Azure) does not seem to have any effect on Gitea (which seems to already be using OAuth), but it does sound like the same behavior, and probably the same root cause. I thought it might be something in the GetOAuthAccessToken method, but I suspect that it is somewhere higher up, because according to the Windows Credential Manager, my refresh token hasn't been modified in almost a month, even though I've directly cleared out the access token and it has been restored. Shouldn't the refresh token get rotated each time if that's being used to get a new access token?

[dscho]

I was using "manager-core" (version 2.0.394) before, and now I am using "manager" (version 2.5.1)

There used to be a different git-credential-manager before that was Windows-only, and git-credential-manager-core was forked off with cross-platform support. Later, the Windows-only one was retired and manager-core was renamed to manager.