Gitweb: can't retrieve changesets when protected by HTTP basic auth

[agilare]

I installed source-integration plugin in my Mantis BT 2.1

I have a gitweb working correctly and a repo configured for this in Mantis > reposity.

When my gitweb directory is not protected and I import it in Mantis, the importation is successfull.

However, when I add htaccess protection to my gitweb directory and configure in this way the related repo in Mantis, the import fails with this message :

Retrieving master ... failed. 'https://gitweb.interijob.ch?p=dev.git;a=commit;h=master' did not return any data.

For information, when I access my gitweb with this URL in a browser https://my_htaccess_username:my_htaccess_password@gitweb.interijob.ch access is successful.

Maybe my protection of gitweb directory method is not correct for Mantis source-integration ?

AuthType Basic
AuthName "git repository"
AuthUserFile /home/clients/123456/.htpasswd
require valid-user

[dregad]

I'm not so familiar with the Gitweb integration as I don't use it myself, but I don't think the plugin can handle HTTP basic authentication.

Comparing the URL generated by the plugin vs the one you use to access manually, you have added the user authentication my_htaccess_username:my_htaccess_password@, so I guess that for this to work in your context, the plugin would have to somehow collect the credentials, and use them to generate the correct URL.

[agilare]

Thank you for your answer. In SourceGitweb.php, method import_full calls method url_get_auth which contains :

$this->url_get_auth( $t_heads_url, $p_repo->info['gitweb_user'], $p_repo->info['gitweb_pass'] );

and url_get_auth imports with

$urlParts = preg_split("/:\\/\\//", $url);
$urlWithCredentials = $urlParts[0] . "://" . $user . ":" . $pass . "@" .$urlParts[1];
return file_get_contents($urlWithCredentials);

and I checked the url actually build by url_get_auth, it's : https://my_htaccess_password:my_htaccess_password@gitweb.interijob.ch?p=dev.git;a=commit;h=master I put this URL in my browser and I could access my gitweb.

The error message seems comming from import_commits as if file_get_contents returned false. I checked my hosting configuration, file_get_contents is enabled.

[dregad]

Kind of hard to reproduce this since I don't have a GitWeb setup...

Does it work with import_full() but not with import_commits() ? Do you see any errors in your server logs following the file_get_contents() call ?

I'm also not sure why url_get_auth() calls file_get_contents() directly with basic auth instead of using url_get(). Maybe you can try like that and see if it works better ?

[agilare]

Both import_full and import_commits give the same error.

After a try, I don't see errors in server log (I don't have checked if php errors are enabled in Mantis config)

As you proposed, I replaced in url_get_auth function file_get_contents with url_get :

public function url_get_auth($url, $user, $pass) {
    if (strlen($user) > 0 && strlen($pass) > 0) {
        $urlParts = preg_split("/:\\/\\//", $url);
        $urlWithCredentials = $urlParts[0] . "://" . $user . ":" . $pass . "@" .$urlParts[1];
        return url_get($urlWithCredentials);
    } else {
        return url_get($url);
    }
}

and then both import_full and import_commits work now correctly.

[dregad]

So the URL was probably retrieved using cURL which implies some kind of problem with file_get_contents() on your system that you might want to investigate.

In any case, it does not make any sense not to use url_get() in this context, since it provides a fail-over (using curl).

[dregad]

This code was introduced in #144.

[agilare]

Actually, my server configuration was (by default) with allow_url_fopen disabled. I enabled it and then url_get_auth() works now well with file_get_contents().