search

libgit2 / objective-git

Objective-C bindings to libgit2
MIT License
1.16k stars 280 forks source link

Wrong username and password credential to clone a GitHub private repository (https protocol) will not report error #612

Closed mssun closed 7 years ago

mssun commented 7 years ago

I found that when providing a wrong username and password credential to clone a GitHub private repository (https protocol), it will not report an error. Instead, the clone function will loop and continue calling GTCredentialProvider block for credential. Is this normal? Then, how can I know if it failed to clone a repository because of wrong password?

pietbrauer commented 7 years ago

Can you share the code you are using? I didn't see this behavior before.

mssun commented 7 years ago

Here is a minimal code snippet (I am using Swift with bridging header).

let credential = GTCredentialProvider { (allowedTypes, url, username) -> GTCredential in
    print("get credential")
    var cred = GTCredential()
    do {
        cred = try GTCredential(userName: "wrong name", password: "wrong password")
    } catch {
        print(error)
    }
    return cred
}
do {
    print("start cloning...")
    let credentialProvider = credential
    let options: [String: Any] = [
        GTRepositoryCloneOptionsCredentialProvider: credentialProvider
    ]
    try GTRepository.clone(from: URL(string: "https://github.com/mssun/password-store.git")!, toWorkingDirectory: URL(fileURLWithPath: "\(Globals.shared.documentPath)/password-store-test"), options: options, transferProgressBlock:nil, checkoutProgressBlock: nil)
    print("clone finish")
} catch {
    print(error)
}

The output are

start cloning...
get credential
get credential
get credential
get credential
get credential
get credential
get credential
get credential
get credential
pietbrauer commented 7 years ago

Seems to be exactly like what I am doing. Have you tried stepping through the ObjectiveGit code?

mssun commented 7 years ago

I haven't stepping into the ObjectiveGit code yet. Did you reproduce my issue?

mssun commented 7 years ago

This is a feature by design. Not an issue. I'm closing it. Thanks.

olarivain commented 6 years ago

I'm running into the same issue on fetches, and having a bit of a hard time understanding why this is a feature? How is one supposed to report invalid credentials (say user fat fingered the password)?

tiennou commented 6 years ago

Because this allows to try multiple credentials without starting over the whole connection on each attempt. Think automatically trying a SSH key first, another SSH key 2nd, and finally ask the user a password.

IOW, you have to keep track yourself of the # of GIT_EAUTH failures for each "credential" object, in order to report "fat-fingering".