]>
Commit | Line | Data |
---|---|---|
abca927d JK |
1 | #!/bin/sh |
2 | ||
3 | test_description='basic credential helper tests' | |
4 | . ./test-lib.sh | |
5 | . "$TEST_DIRECTORY"/lib-credential.sh | |
6 | ||
7 | test_expect_success 'setup helper scripts' ' | |
8 | cat >dump <<-\EOF && | |
dd64267f | 9 | whoami=$(echo $0 | sed s/.*git-credential-//) |
abca927d | 10 | echo >&2 "$whoami: $*" |
78ed1d2d MG |
11 | OIFS=$IFS |
12 | IFS== | |
13 | while read key value; do | |
abca927d JK |
14 | echo >&2 "$whoami: $key=$value" |
15 | eval "$key=$value" | |
16 | done | |
78ed1d2d | 17 | IFS=$OIFS |
abca927d JK |
18 | EOF |
19 | ||
3d9f5b67 | 20 | write_script git-credential-useless <<-\EOF && |
abca927d JK |
21 | . ./dump |
22 | exit 0 | |
23 | EOF | |
abca927d | 24 | |
a88dbd2f JK |
25 | write_script git-credential-quit <<-\EOF && |
26 | . ./dump | |
27 | echo quit=1 | |
28 | EOF | |
29 | ||
3d9f5b67 | 30 | write_script git-credential-verbatim <<-\EOF && |
abca927d JK |
31 | user=$1; shift |
32 | pass=$1; shift | |
33 | . ./dump | |
34 | test -z "$user" || echo username=$user | |
35 | test -z "$pass" || echo password=$pass | |
36 | EOF | |
abca927d | 37 | |
d208bfdf H |
38 | write_script git-credential-verbatim-with-expiry <<-\EOF && |
39 | user=$1; shift | |
40 | pass=$1; shift | |
41 | pexpiry=$1; shift | |
42 | . ./dump | |
43 | test -z "$user" || echo username=$user | |
44 | test -z "$pass" || echo password=$pass | |
45 | test -z "$pexpiry" || echo password_expiry_utc=$pexpiry | |
46 | EOF | |
47 | ||
abca927d JK |
48 | PATH="$PWD:$PATH" |
49 | ' | |
50 | ||
51 | test_expect_success 'credential_fill invokes helper' ' | |
52 | check fill "verbatim foo bar" <<-\EOF | |
73aafe9b JK |
53 | protocol=http |
54 | host=example.com | |
abca927d | 55 | -- |
73aafe9b JK |
56 | protocol=http |
57 | host=example.com | |
abca927d JK |
58 | username=foo |
59 | password=bar | |
60 | -- | |
61 | verbatim: get | |
73aafe9b JK |
62 | verbatim: protocol=http |
63 | verbatim: host=example.com | |
abca927d JK |
64 | EOF |
65 | ' | |
66 | ||
67 | test_expect_success 'credential_fill invokes multiple helpers' ' | |
68 | check fill useless "verbatim foo bar" <<-\EOF | |
73aafe9b JK |
69 | protocol=http |
70 | host=example.com | |
abca927d | 71 | -- |
73aafe9b JK |
72 | protocol=http |
73 | host=example.com | |
abca927d JK |
74 | username=foo |
75 | password=bar | |
76 | -- | |
77 | useless: get | |
73aafe9b JK |
78 | useless: protocol=http |
79 | useless: host=example.com | |
abca927d | 80 | verbatim: get |
73aafe9b JK |
81 | verbatim: protocol=http |
82 | verbatim: host=example.com | |
abca927d JK |
83 | EOF |
84 | ' | |
85 | ||
86 | test_expect_success 'credential_fill stops when we get a full response' ' | |
87 | check fill "verbatim one two" "verbatim three four" <<-\EOF | |
73aafe9b JK |
88 | protocol=http |
89 | host=example.com | |
abca927d | 90 | -- |
73aafe9b JK |
91 | protocol=http |
92 | host=example.com | |
abca927d JK |
93 | username=one |
94 | password=two | |
95 | -- | |
96 | verbatim: get | |
73aafe9b JK |
97 | verbatim: protocol=http |
98 | verbatim: host=example.com | |
abca927d JK |
99 | EOF |
100 | ' | |
101 | ||
102 | test_expect_success 'credential_fill continues through partial response' ' | |
103 | check fill "verbatim one \"\"" "verbatim two three" <<-\EOF | |
73aafe9b JK |
104 | protocol=http |
105 | host=example.com | |
abca927d | 106 | -- |
73aafe9b JK |
107 | protocol=http |
108 | host=example.com | |
abca927d JK |
109 | username=two |
110 | password=three | |
111 | -- | |
112 | verbatim: get | |
73aafe9b JK |
113 | verbatim: protocol=http |
114 | verbatim: host=example.com | |
abca927d | 115 | verbatim: get |
73aafe9b JK |
116 | verbatim: protocol=http |
117 | verbatim: host=example.com | |
abca927d JK |
118 | verbatim: username=one |
119 | EOF | |
120 | ' | |
121 | ||
d208bfdf H |
122 | test_expect_success 'credential_fill populates password_expiry_utc' ' |
123 | check fill "verbatim-with-expiry one two 9999999999" <<-\EOF | |
124 | protocol=http | |
125 | host=example.com | |
126 | -- | |
127 | protocol=http | |
128 | host=example.com | |
129 | username=one | |
130 | password=two | |
131 | password_expiry_utc=9999999999 | |
132 | -- | |
133 | verbatim-with-expiry: get | |
134 | verbatim-with-expiry: protocol=http | |
135 | verbatim-with-expiry: host=example.com | |
136 | EOF | |
137 | ' | |
138 | ||
139 | test_expect_success 'credential_fill ignores expired password' ' | |
140 | check fill "verbatim-with-expiry one two 5" "verbatim three four" <<-\EOF | |
141 | protocol=http | |
142 | host=example.com | |
143 | -- | |
144 | protocol=http | |
145 | host=example.com | |
146 | username=three | |
147 | password=four | |
148 | -- | |
149 | verbatim-with-expiry: get | |
150 | verbatim-with-expiry: protocol=http | |
151 | verbatim-with-expiry: host=example.com | |
152 | verbatim: get | |
153 | verbatim: protocol=http | |
154 | verbatim: host=example.com | |
155 | verbatim: username=one | |
156 | EOF | |
157 | ' | |
158 | ||
abca927d JK |
159 | test_expect_success 'credential_fill passes along metadata' ' |
160 | check fill "verbatim one two" <<-\EOF | |
161 | protocol=ftp | |
162 | host=example.com | |
163 | path=foo.git | |
164 | -- | |
2d6dc182 MM |
165 | protocol=ftp |
166 | host=example.com | |
167 | path=foo.git | |
abca927d JK |
168 | username=one |
169 | password=two | |
170 | -- | |
171 | verbatim: get | |
172 | verbatim: protocol=ftp | |
173 | verbatim: host=example.com | |
174 | verbatim: path=foo.git | |
175 | EOF | |
176 | ' | |
177 | ||
178 | test_expect_success 'credential_approve calls all helpers' ' | |
179 | check approve useless "verbatim one two" <<-\EOF | |
73aafe9b JK |
180 | protocol=http |
181 | host=example.com | |
abca927d JK |
182 | username=foo |
183 | password=bar | |
184 | -- | |
185 | -- | |
186 | useless: store | |
73aafe9b JK |
187 | useless: protocol=http |
188 | useless: host=example.com | |
abca927d JK |
189 | useless: username=foo |
190 | useless: password=bar | |
191 | verbatim: store | |
73aafe9b JK |
192 | verbatim: protocol=http |
193 | verbatim: host=example.com | |
abca927d JK |
194 | verbatim: username=foo |
195 | verbatim: password=bar | |
196 | EOF | |
197 | ' | |
198 | ||
d208bfdf H |
199 | test_expect_success 'credential_approve stores password expiry' ' |
200 | check approve useless <<-\EOF | |
201 | protocol=http | |
202 | host=example.com | |
203 | username=foo | |
204 | password=bar | |
205 | password_expiry_utc=9999999999 | |
206 | -- | |
207 | -- | |
208 | useless: store | |
209 | useless: protocol=http | |
210 | useless: host=example.com | |
211 | useless: username=foo | |
212 | useless: password=bar | |
213 | useless: password_expiry_utc=9999999999 | |
214 | EOF | |
215 | ' | |
216 | ||
a5c76569 H |
217 | test_expect_success 'credential_approve stores oauth refresh token' ' |
218 | check approve useless <<-\EOF | |
219 | protocol=http | |
220 | host=example.com | |
221 | username=foo | |
222 | password=bar | |
223 | oauth_refresh_token=xyzzy | |
224 | -- | |
225 | -- | |
226 | useless: store | |
227 | useless: protocol=http | |
228 | useless: host=example.com | |
229 | useless: username=foo | |
230 | useless: password=bar | |
231 | useless: oauth_refresh_token=xyzzy | |
232 | EOF | |
233 | ' | |
234 | ||
abca927d JK |
235 | test_expect_success 'do not bother storing password-less credential' ' |
236 | check approve useless <<-\EOF | |
73aafe9b JK |
237 | protocol=http |
238 | host=example.com | |
abca927d JK |
239 | username=foo |
240 | -- | |
241 | -- | |
242 | EOF | |
243 | ' | |
244 | ||
d208bfdf H |
245 | test_expect_success 'credential_approve does not store expired password' ' |
246 | check approve useless <<-\EOF | |
247 | protocol=http | |
248 | host=example.com | |
249 | username=foo | |
250 | password=bar | |
251 | password_expiry_utc=5 | |
252 | -- | |
253 | -- | |
254 | EOF | |
255 | ' | |
abca927d JK |
256 | |
257 | test_expect_success 'credential_reject calls all helpers' ' | |
258 | check reject useless "verbatim one two" <<-\EOF | |
73aafe9b JK |
259 | protocol=http |
260 | host=example.com | |
abca927d JK |
261 | username=foo |
262 | password=bar | |
263 | -- | |
264 | -- | |
265 | useless: erase | |
73aafe9b JK |
266 | useless: protocol=http |
267 | useless: host=example.com | |
abca927d JK |
268 | useless: username=foo |
269 | useless: password=bar | |
270 | verbatim: erase | |
73aafe9b JK |
271 | verbatim: protocol=http |
272 | verbatim: host=example.com | |
abca927d JK |
273 | verbatim: username=foo |
274 | verbatim: password=bar | |
275 | EOF | |
276 | ' | |
277 | ||
d208bfdf H |
278 | test_expect_success 'credential_reject erases credential regardless of expiry' ' |
279 | check reject useless <<-\EOF | |
280 | protocol=http | |
281 | host=example.com | |
282 | username=foo | |
283 | password=bar | |
284 | password_expiry_utc=5 | |
285 | -- | |
286 | -- | |
287 | useless: erase | |
288 | useless: protocol=http | |
289 | useless: host=example.com | |
290 | useless: username=foo | |
291 | useless: password=bar | |
292 | useless: password_expiry_utc=5 | |
293 | EOF | |
294 | ' | |
295 | ||
abca927d JK |
296 | test_expect_success 'usernames can be preserved' ' |
297 | check fill "verbatim \"\" three" <<-\EOF | |
73aafe9b JK |
298 | protocol=http |
299 | host=example.com | |
abca927d JK |
300 | username=one |
301 | -- | |
73aafe9b JK |
302 | protocol=http |
303 | host=example.com | |
abca927d JK |
304 | username=one |
305 | password=three | |
306 | -- | |
307 | verbatim: get | |
73aafe9b JK |
308 | verbatim: protocol=http |
309 | verbatim: host=example.com | |
abca927d JK |
310 | verbatim: username=one |
311 | EOF | |
312 | ' | |
313 | ||
314 | test_expect_success 'usernames can be overridden' ' | |
315 | check fill "verbatim two three" <<-\EOF | |
73aafe9b JK |
316 | protocol=http |
317 | host=example.com | |
abca927d JK |
318 | username=one |
319 | -- | |
73aafe9b JK |
320 | protocol=http |
321 | host=example.com | |
abca927d JK |
322 | username=two |
323 | password=three | |
324 | -- | |
325 | verbatim: get | |
73aafe9b JK |
326 | verbatim: protocol=http |
327 | verbatim: host=example.com | |
abca927d JK |
328 | verbatim: username=one |
329 | EOF | |
330 | ' | |
331 | ||
332 | test_expect_success 'do not bother completing already-full credential' ' | |
333 | check fill "verbatim three four" <<-\EOF | |
73aafe9b JK |
334 | protocol=http |
335 | host=example.com | |
abca927d JK |
336 | username=one |
337 | password=two | |
338 | -- | |
73aafe9b JK |
339 | protocol=http |
340 | host=example.com | |
abca927d JK |
341 | username=one |
342 | password=two | |
343 | -- | |
344 | EOF | |
345 | ' | |
346 | ||
347 | # We can't test the basic terminal password prompt here because | |
348 | # getpass() tries too hard to find the real terminal. But if our | |
349 | # askpass helper is run, we know the internal getpass is working. | |
350 | test_expect_success 'empty helper list falls back to internal getpass' ' | |
351 | check fill <<-\EOF | |
73aafe9b JK |
352 | protocol=http |
353 | host=example.com | |
abca927d | 354 | -- |
73aafe9b JK |
355 | protocol=http |
356 | host=example.com | |
abca927d JK |
357 | username=askpass-username |
358 | password=askpass-password | |
359 | -- | |
73aafe9b JK |
360 | askpass: Username for '\''http://example.com'\'': |
361 | askpass: Password for '\''http://askpass-username@example.com'\'': | |
abca927d JK |
362 | EOF |
363 | ' | |
364 | ||
365 | test_expect_success 'internal getpass does not ask for known username' ' | |
366 | check fill <<-\EOF | |
73aafe9b JK |
367 | protocol=http |
368 | host=example.com | |
abca927d JK |
369 | username=foo |
370 | -- | |
73aafe9b JK |
371 | protocol=http |
372 | host=example.com | |
abca927d JK |
373 | username=foo |
374 | password=askpass-password | |
375 | -- | |
73aafe9b | 376 | askpass: Password for '\''http://foo@example.com'\'': |
abca927d JK |
377 | EOF |
378 | ' | |
379 | ||
567ad2c0 TK |
380 | test_expect_success 'git-credential respects core.askPass' ' |
381 | write_script alternate-askpass <<-\EOF && | |
382 | echo >&2 "alternate askpass invoked" | |
383 | echo alternate-value | |
384 | EOF | |
385 | test_config core.askpass "$PWD/alternate-askpass" && | |
386 | ( | |
387 | # unset GIT_ASKPASS set by lib-credential.sh which would | |
388 | # override our config, but do so in a subshell so that we do | |
389 | # not interfere with other tests | |
390 | sane_unset GIT_ASKPASS && | |
391 | check fill <<-\EOF | |
392 | protocol=http | |
393 | host=example.com | |
394 | -- | |
395 | protocol=http | |
396 | host=example.com | |
397 | username=alternate-value | |
398 | password=alternate-value | |
399 | -- | |
400 | alternate askpass invoked | |
401 | alternate askpass invoked | |
402 | EOF | |
403 | ) | |
404 | ' | |
405 | ||
11825072 JK |
406 | HELPER="!f() { |
407 | cat >/dev/null | |
408 | echo username=foo | |
409 | echo password=bar | |
410 | }; f" | |
411 | test_expect_success 'respect configured credentials' ' | |
412 | test_config credential.helper "$HELPER" && | |
413 | check fill <<-\EOF | |
73aafe9b JK |
414 | protocol=http |
415 | host=example.com | |
11825072 | 416 | -- |
73aafe9b JK |
417 | protocol=http |
418 | host=example.com | |
11825072 JK |
419 | username=foo |
420 | password=bar | |
421 | -- | |
422 | EOF | |
423 | ' | |
424 | ||
425 | test_expect_success 'match configured credential' ' | |
426 | test_config credential.https://example.com.helper "$HELPER" && | |
427 | check fill <<-\EOF | |
428 | protocol=https | |
429 | host=example.com | |
430 | path=repo.git | |
431 | -- | |
2d6dc182 MM |
432 | protocol=https |
433 | host=example.com | |
11825072 JK |
434 | username=foo |
435 | password=bar | |
436 | -- | |
437 | EOF | |
438 | ' | |
439 | ||
440 | test_expect_success 'do not match configured credential' ' | |
441 | test_config credential.https://foo.helper "$HELPER" && | |
442 | check fill <<-\EOF | |
443 | protocol=https | |
444 | host=bar | |
445 | -- | |
2d6dc182 MM |
446 | protocol=https |
447 | host=bar | |
11825072 JK |
448 | username=askpass-username |
449 | password=askpass-password | |
450 | -- | |
451 | askpass: Username for '\''https://bar'\'': | |
452 | askpass: Password for '\''https://askpass-username@bar'\'': | |
453 | EOF | |
454 | ' | |
455 | ||
588c70e1 | 456 | test_expect_success 'match multiple configured helpers' ' |
457 | test_config credential.helper "verbatim \"\" \"\"" && | |
458 | test_config credential.https://example.com.helper "$HELPER" && | |
459 | check fill <<-\EOF | |
460 | protocol=https | |
461 | host=example.com | |
462 | path=repo.git | |
463 | -- | |
464 | protocol=https | |
465 | host=example.com | |
466 | username=foo | |
467 | password=bar | |
468 | -- | |
469 | verbatim: get | |
470 | verbatim: protocol=https | |
471 | verbatim: host=example.com | |
472 | EOF | |
473 | ' | |
474 | ||
475 | test_expect_success 'match multiple configured helpers with URLs' ' | |
476 | test_config credential.https://example.com/repo.git.helper "verbatim \"\" \"\"" && | |
477 | test_config credential.https://example.com.helper "$HELPER" && | |
478 | check fill <<-\EOF | |
479 | protocol=https | |
480 | host=example.com | |
481 | path=repo.git | |
482 | -- | |
483 | protocol=https | |
484 | host=example.com | |
485 | username=foo | |
486 | password=bar | |
487 | -- | |
488 | verbatim: get | |
489 | verbatim: protocol=https | |
490 | verbatim: host=example.com | |
491 | EOF | |
492 | ' | |
493 | ||
494 | test_expect_success 'match percent-encoded values' ' | |
495 | test_config credential.https://example.com/%2566.git.helper "$HELPER" && | |
496 | check fill <<-\EOF | |
497 | url=https://example.com/%2566.git | |
498 | -- | |
499 | protocol=https | |
500 | host=example.com | |
501 | username=foo | |
502 | password=bar | |
503 | -- | |
504 | EOF | |
505 | ' | |
506 | ||
b44d0118 | 507 | test_expect_success 'match percent-encoded UTF-8 values in path' ' |
508 | test_config credential.https://example.com.useHttpPath true && | |
509 | test_config credential.https://example.com/perú.git.helper "$HELPER" && | |
510 | check fill <<-\EOF | |
511 | url=https://example.com/per%C3%BA.git | |
512 | -- | |
513 | protocol=https | |
514 | host=example.com | |
515 | path=perú.git | |
516 | username=foo | |
517 | password=bar | |
518 | -- | |
519 | EOF | |
520 | ' | |
521 | ||
522 | test_expect_success 'match percent-encoded values in username' ' | |
523 | test_config credential.https://user%2fname@example.com/foo/bar.git.helper "$HELPER" && | |
524 | check fill <<-\EOF | |
525 | url=https://user%2fname@example.com/foo/bar.git | |
526 | -- | |
527 | protocol=https | |
528 | host=example.com | |
529 | username=foo | |
530 | password=bar | |
531 | -- | |
532 | EOF | |
533 | ' | |
534 | ||
535 | test_expect_success 'fetch with multiple path components' ' | |
536 | test_unconfig credential.helper && | |
537 | test_config credential.https://example.com/foo/repo.git.helper "verbatim foo bar" && | |
538 | check fill <<-\EOF | |
539 | url=https://example.com/foo/repo.git | |
540 | -- | |
541 | protocol=https | |
542 | host=example.com | |
543 | username=foo | |
544 | password=bar | |
545 | -- | |
546 | verbatim: get | |
547 | verbatim: protocol=https | |
548 | verbatim: host=example.com | |
549 | EOF | |
550 | ' | |
551 | ||
d5742425 JK |
552 | test_expect_success 'pull username from config' ' |
553 | test_config credential.https://example.com.username foo && | |
554 | check fill <<-\EOF | |
555 | protocol=https | |
556 | host=example.com | |
557 | -- | |
2d6dc182 MM |
558 | protocol=https |
559 | host=example.com | |
d5742425 JK |
560 | username=foo |
561 | password=askpass-password | |
562 | -- | |
563 | askpass: Password for '\''https://foo@example.com'\'': | |
564 | EOF | |
565 | ' | |
566 | ||
588c70e1 | 567 | test_expect_success 'honors username from URL over helper (URL)' ' |
568 | test_config credential.https://example.com.username bob && | |
569 | test_config credential.https://example.com.helper "verbatim \"\" bar" && | |
570 | check fill <<-\EOF | |
571 | url=https://alice@example.com | |
572 | -- | |
573 | protocol=https | |
574 | host=example.com | |
575 | username=alice | |
576 | password=bar | |
577 | -- | |
578 | verbatim: get | |
579 | verbatim: protocol=https | |
580 | verbatim: host=example.com | |
581 | verbatim: username=alice | |
582 | EOF | |
583 | ' | |
584 | ||
585 | test_expect_success 'honors username from URL over helper (components)' ' | |
586 | test_config credential.https://example.com.username bob && | |
587 | test_config credential.https://example.com.helper "verbatim \"\" bar" && | |
588 | check fill <<-\EOF | |
589 | protocol=https | |
590 | host=example.com | |
591 | username=alice | |
592 | -- | |
593 | protocol=https | |
594 | host=example.com | |
595 | username=alice | |
596 | password=bar | |
597 | -- | |
598 | verbatim: get | |
599 | verbatim: protocol=https | |
600 | verbatim: host=example.com | |
601 | verbatim: username=alice | |
602 | EOF | |
603 | ' | |
604 | ||
82eb2498 | 605 | test_expect_success 'last matching username wins' ' |
588c70e1 | 606 | test_config credential.https://example.com/path.git.username bob && |
607 | test_config credential.https://example.com.username alice && | |
608 | test_config credential.https://example.com.helper "verbatim \"\" bar" && | |
609 | check fill <<-\EOF | |
610 | url=https://example.com/path.git | |
611 | -- | |
612 | protocol=https | |
613 | host=example.com | |
614 | username=alice | |
615 | password=bar | |
616 | -- | |
617 | verbatim: get | |
618 | verbatim: protocol=https | |
619 | verbatim: host=example.com | |
620 | verbatim: username=alice | |
621 | EOF | |
622 | ' | |
623 | ||
a78fbb4f JK |
624 | test_expect_success 'http paths can be part of context' ' |
625 | check fill "verbatim foo bar" <<-\EOF && | |
626 | protocol=https | |
627 | host=example.com | |
628 | path=foo.git | |
629 | -- | |
2d6dc182 MM |
630 | protocol=https |
631 | host=example.com | |
a78fbb4f JK |
632 | username=foo |
633 | password=bar | |
634 | -- | |
635 | verbatim: get | |
636 | verbatim: protocol=https | |
637 | verbatim: host=example.com | |
638 | EOF | |
639 | test_config credential.https://example.com.useHttpPath true && | |
640 | check fill "verbatim foo bar" <<-\EOF | |
641 | protocol=https | |
642 | host=example.com | |
643 | path=foo.git | |
644 | -- | |
2d6dc182 MM |
645 | protocol=https |
646 | host=example.com | |
647 | path=foo.git | |
a78fbb4f JK |
648 | username=foo |
649 | password=bar | |
650 | -- | |
651 | verbatim: get | |
652 | verbatim: protocol=https | |
653 | verbatim: host=example.com | |
654 | verbatim: path=foo.git | |
655 | EOF | |
656 | ' | |
657 | ||
46fd7b39 | 658 | test_expect_success 'context uses urlmatch' ' |
659 | test_config "credential.https://*.org.useHttpPath" true && | |
660 | check fill "verbatim foo bar" <<-\EOF | |
661 | protocol=https | |
662 | host=example.org | |
663 | path=foo.git | |
664 | -- | |
665 | protocol=https | |
666 | host=example.org | |
667 | path=foo.git | |
668 | username=foo | |
669 | password=bar | |
670 | -- | |
671 | verbatim: get | |
672 | verbatim: protocol=https | |
673 | verbatim: host=example.org | |
674 | verbatim: path=foo.git | |
675 | EOF | |
676 | ' | |
677 | ||
59b38652 JK |
678 | test_expect_success 'helpers can abort the process' ' |
679 | test_must_fail git \ | |
a88dbd2f | 680 | -c credential.helper=quit \ |
59b38652 | 681 | -c credential.helper="verbatim foo bar" \ |
73aafe9b JK |
682 | credential fill >stdout 2>stderr <<-\EOF && |
683 | protocol=http | |
684 | host=example.com | |
685 | EOF | |
76b54ee9 | 686 | test_must_be_empty stdout && |
a88dbd2f JK |
687 | cat >expect <<-\EOF && |
688 | quit: get | |
73aafe9b JK |
689 | quit: protocol=http |
690 | quit: host=example.com | |
a88dbd2f JK |
691 | fatal: credential helper '\''quit'\'' told us to quit |
692 | EOF | |
1108cea7 | 693 | test_cmp expect stderr |
59b38652 JK |
694 | ' |
695 | ||
24321375 JK |
696 | test_expect_success 'empty helper spec resets helper list' ' |
697 | test_config credential.helper "verbatim file file" && | |
698 | check fill "" "verbatim cmdline cmdline" <<-\EOF | |
73aafe9b JK |
699 | protocol=http |
700 | host=example.com | |
24321375 | 701 | -- |
73aafe9b JK |
702 | protocol=http |
703 | host=example.com | |
24321375 JK |
704 | username=cmdline |
705 | password=cmdline | |
706 | -- | |
707 | verbatim: get | |
73aafe9b JK |
708 | verbatim: protocol=http |
709 | verbatim: host=example.com | |
24321375 JK |
710 | EOF |
711 | ' | |
712 | ||
8ba8ed56 JK |
713 | test_expect_success 'url parser rejects embedded newlines' ' |
714 | test_must_fail git credential fill 2>stderr <<-\EOF && | |
9a6bbee8 | 715 | url=https://one.example.com?%0ahost=two.example.com/ |
8ba8ed56 JK |
716 | EOF |
717 | cat >expect <<-\EOF && | |
a397e9c2 | 718 | warning: url contains a newline in its path component: https://one.example.com?%0ahost=two.example.com/ |
fe29a9b7 | 719 | fatal: credential url cannot be parsed: https://one.example.com?%0ahost=two.example.com/ |
9a6bbee8 | 720 | EOF |
1108cea7 | 721 | test_cmp expect stderr |
9a6bbee8 JK |
722 | ' |
723 | ||
24036686 JK |
724 | test_expect_success 'host-less URLs are parsed as empty host' ' |
725 | check fill "verbatim foo bar" <<-\EOF | |
726 | url=cert:///path/to/cert.pem | |
c716fe4b | 727 | -- |
24036686 JK |
728 | protocol=cert |
729 | host= | |
730 | path=path/to/cert.pem | |
731 | username=foo | |
732 | password=bar | |
c716fe4b | 733 | -- |
24036686 JK |
734 | verbatim: get |
735 | verbatim: protocol=cert | |
736 | verbatim: host= | |
737 | verbatim: path=path/to/cert.pem | |
738 | EOF | |
739 | ' | |
740 | ||
8ba8ed56 JK |
741 | test_expect_success 'credential system refuses to work with missing host' ' |
742 | test_must_fail git credential fill 2>stderr <<-\EOF && | |
743 | protocol=http | |
744 | EOF | |
745 | cat >expect <<-\EOF && | |
746 | fatal: refusing to work with credential missing host field | |
747 | EOF | |
1108cea7 | 748 | test_cmp expect stderr |
8ba8ed56 JK |
749 | ' |
750 | ||
751 | test_expect_success 'credential system refuses to work with missing protocol' ' | |
752 | test_must_fail git credential fill 2>stderr <<-\EOF && | |
753 | host=example.com | |
754 | EOF | |
755 | cat >expect <<-\EOF && | |
756 | fatal: refusing to work with credential missing protocol field | |
9a6bbee8 | 757 | EOF |
1108cea7 | 758 | test_cmp expect stderr |
9a6bbee8 JK |
759 | ' |
760 | ||
4c5971e1 JK |
761 | # usage: check_host_and_path <url> <expected-host> <expected-path> |
762 | check_host_and_path () { | |
763 | # we always parse the path component, but we need this to make sure it | |
764 | # is passed to the helper | |
765 | test_config credential.useHTTPPath true && | |
766 | check fill "verbatim user pass" <<-EOF | |
767 | url=$1 | |
768 | -- | |
769 | protocol=https | |
770 | host=$2 | |
771 | path=$3 | |
772 | username=user | |
773 | password=pass | |
774 | -- | |
775 | verbatim: get | |
776 | verbatim: protocol=https | |
777 | verbatim: host=$2 | |
778 | verbatim: path=$3 | |
779 | EOF | |
780 | } | |
781 | ||
782 | test_expect_success 'url parser handles bare query marker' ' | |
783 | check_host_and_path https://example.com?foo.git example.com ?foo.git | |
784 | ' | |
785 | ||
786 | test_expect_success 'url parser handles bare fragment marker' ' | |
787 | check_host_and_path https://example.com#foo.git example.com "#foo.git" | |
788 | ' | |
789 | ||
790 | test_expect_success 'url parser not confused by encoded markers' ' | |
791 | check_host_and_path https://example.com%23%3f%2f/foo.git \ | |
792 | "example.com#?/" foo.git | |
793 | ' | |
794 | ||
9a121b0d JS |
795 | test_expect_success 'credential config with partial URLs' ' |
796 | echo "echo password=yep" | write_script git-credential-yep && | |
797 | test_write_lines url=https://user@example.com/repo.git >stdin && | |
798 | for partial in \ | |
799 | example.com \ | |
800 | user@example.com \ | |
801 | https:// \ | |
802 | https://example.com \ | |
803 | https://example.com/ \ | |
804 | https://user@example.com \ | |
805 | https://user@example.com/ \ | |
806 | https://example.com/repo.git \ | |
807 | https://user@example.com/repo.git \ | |
808 | /repo.git | |
809 | do | |
810 | git -c credential.$partial.helper=yep \ | |
811 | credential fill <stdin >stdout && | |
812 | grep yep stdout || | |
813 | return 1 | |
814 | done && | |
815 | ||
816 | for partial in \ | |
817 | dont.use.this \ | |
818 | http:// \ | |
819 | /repo | |
820 | do | |
821 | git -c credential.$partial.helper=yep \ | |
822 | credential fill <stdin >stdout && | |
823 | ! grep yep stdout || | |
824 | return 1 | |
825 | done && | |
826 | ||
827 | git -c credential.$partial.helper=yep \ | |
828 | -c credential.with%0anewline.username=uh-oh \ | |
ed5288cf | 829 | credential fill <stdin 2>stderr && |
6789275d | 830 | test_grep "skipping credential lookup for key" stderr |
9a121b0d JS |
831 | ' |
832 | ||
abca927d | 833 | test_done |