microsoft / Git-Credential-Manager-for-Windows

Secure Git credential storage for Windows with support for Visual Studio Team Services, GitHub, and Bitbucket multi-factor authentication.
Other
2.87k stars 591 forks source link

GCM frequently erases credentials when computer is asleep #875

Closed DanPristupov closed 4 years ago

DanPristupov commented 5 years ago

Which Version of GCM are you using ? Git Credential Manager for Windows version 1.19.0

Which service are you trying to connect to

Expected behavior GCM should not erase credentials when computer sleeps

Actual behavior

Hi, I use GCM with Fork git client (https://fork.dev) which performs automatic background fetch for open repos. I use GCM v1.19.0 but as I see, there's no related changes in 1.20.

GCM quite often loses credentials when computer wakes up during night. It seems that this problem also occurs when I use public WIFI, but I don't have logs (upd: I do now, see the next comment). I'm aware that a lot of people also experience this problem, but I couldn't find an existing open issue here. Please point me if I'm wrong.

I configured the application to log every fetch with enabled GCM_TRACE and GIT_TRACE. The problems occurs with both BitBucket and GitHub, however now I only have logs only for BitBucket.

Looks like during the night the computer woke up and could not connect to the server:

fetch-637098933268489760.log (01:35AM)

01:35:13.516562 ...uthentication.cs:313 trace: [GetAuthentication] authentication for Bitbucket created
01:35:13.516562 ...\Common.cs:192       trace: [CreateAuthentication] authority for 'https://username@bitbucket.org/'  is Bitbucket.
01:35:13.517559 ...\Common.cs:765       trace: [QueryCredentials] querying 'Bitbucket' for credentials.
01:35:13.527560 ...uthentication.cs:178 trace: [GetCredentials] successfully retrieved stored credentials, updating credential cache
01:35:13.535557 ...\Authority.cs:214    trace: [ValidateCredentials] authentication type = 'Credential'.
01:35:13.657561 ...\Program.cs:601      trace: [Run] ! error: 'An error occurred while sending the request.'.
01:35:13.657561 ...\Program.cs:601      trace: [Run]        > 'The remote name could not be resolved: 'api.bitbucket.org''.
01:35:13.733561 ...\Common.cs:709       trace: [LogEvent] System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The remote name could not be resolved: 'api.bitbucket.org'
...
...
01:35:26.095976 run-command.c:663       trace: run_command: 'git credential-manager erase'
01:35:26.188977 exec-cmd.c:237          trace: resolved executable dir: C:/Users/tanya/AppData/Local/Fork/gitInstance/2.23.0/mingw64/libexec/git-core
01:35:26.199975 git.c:703               trace: exec: git-credential-manager erase

Here is the full log: fetch-637098933268489760.log

Can I help somehow to get this problem investigated and (hopefully) fixed?

I'm able to reproduce the problem once in a 2-3 days. I have the GCM source code and I can build a more verbose version if needed.

DanPristupov commented 4 years ago

A similar problem has happened with GitHub. While from user point of view the problem is the same, it looks like it was caused by a different exception.

Here are two logs: fetch-637108120293905932-good.log fetch-637108142279384933-bad.log

Good log (1 Dec 2019 at 16:47)

16:47:04.384593 ...\Common.cs:176       trace: [CreateAuthentication] authority for 'https://github.com/' is GitHub.
16:47:04.384593 ...\Common.cs:765       trace: [QueryCredentials] querying 'GitHub' for credentials.
16:47:04.411592 ...uthentication.cs:175 trace: [GetCredentials] credentials for 'https://github.com/' found.
16:47:05.194614 ...\Authority.cs:200    trace: [ValidateCredentials] credential validation for 'https://github.com/' succeeded.
16:47:05.194614 ...\Common.cs:873       trace: [QueryCredentials] credentials for 'https://github.com/' found.
16:47:05.195592 ...\Common.cs:709       trace: [LogEvent] GitHub credentials for 'https://github.com/' successfully retrieved.

Bad log (1 Dec 2019 at 17:23, 30 minutes later)

17:23:31.586955 ...\Common.cs:176       trace: [CreateAuthentication] authority for 'https://github.com/' is GitHub.
17:23:31.586955 ...\Common.cs:765       trace: [QueryCredentials] querying 'GitHub' for credentials.
17:23:31.630957 ...uthentication.cs:175 trace: [GetCredentials] credentials for 'https://github.com/' found.
17:23:46.734942 ...\Program.cs:601      trace: [Run] ! error: 'A task was canceled.'.
17:23:46.735942 ...\Common.cs:709       trace: [LogEvent] System.Threading.Tasks.TaskCanceledException: A task was canceled.
17:23:46.738949 ...\Program.cs:601      trace: [Run] fatal: TaskCanceledException encountered.
   A task was canceled.
fatal: TaskCanceledException encountered.
   A task was canceled.
17:23:46.766939 run-command.c:663       trace: run_command: 'C:\Users\tanya\AppData\Local\Fork\app-1.42.4\Fork.AskPass.exe' 'Username for '\''https://github.com'\'': '
17:23:46.853498 run-command.c:663       trace: run_command: 'C:\Users\tanya\AppData\Local\Fork\app-1.42.4\Fork.AskPass.exe' 'Password for '\''https://github.com'\'': '
17:23:47.366499 run-command.c:663       trace: run_command: 'git credential-manager erase'
17:23:47.447498 exec-cmd.c:237          trace: resolved executable dir: C:/Users/tanya/AppData/Local/Fork/gitInstance/2.23.0/mingw64/libexec/git-core
17:23:47.460502 git.c:703               trace: exec: git-credential-manager erase
17:23:47.460502 run-command.c:663       trace: run_command: git-credential-manager erase
17:23:47.585496 ...\Common.cs:744       trace: [Main] git-credential-manager (v1.19.0) 'erase'
17:23:47.715495 ...\Git\Where.cs:348    trace: [FindGitInstallations] found 1 Git installation(s).
17:23:47.738494 ...Configuration.cs:222 trace: [LoadGitConfiguration] git All config read, 43 entries.
17:23:47.790492 ...\Common.cs:85        trace: [CreateAuthentication] detecting authority type for 'https://github.com/'.
17:23:47.813497 ...uthentication.cs:151 trace: [GetAuthentication] created GitHub authentication for 'https://github.com/'.
17:23:47.813497 ...\Common.cs:176       trace: [CreateAuthentication] authority for 'https://github.com/' is GitHub.
17:23:47.813497 ...\Common.cs:266       trace: [DeleteCredentials] deleting GitHub credentials for 'https://github.com/'.
remote: Repository not found.
fatal: Authentication failed for 'https://github.com/username/testrepo11/'

Is it a good idea to erase credentials on every exception? Shouldn't some of them (e.g. TaskCanceledException) be handled less harsh may be?