Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[electron] Support HTTP based authentication for Git #3397

Closed
kittaakos opened this issue Nov 5, 2018 · 2 comments
Closed

[electron] Support HTTP based authentication for Git #3397

kittaakos opened this issue Nov 5, 2018 · 2 comments
Assignees
@kittaakos
Labels
electron issues related to the electron target enhancement issues that are enhancements to current functionality - nice to haves git issues related to git

Comments

@kittaakos
Copy link
Contributor

This is a sub-task of #1037.

Problem:

  • Git supports two ways of authentication: SSH and HTTP.
  • SSH:
    • It is possible to do it with SSH key pairs for each user but this approach is cumbersome.
  • HTTP:
    • By default, Git always asks for username and password unless the credential.helper is set to store. For instance, on OS X, this will delegate into the Keychain and will reuse the username and password without prompting it for the user.

TODOs and noteworthy notes for the issue:

  • Adjust the backend so if there is a Git authentication, it does not prompt for the username and password on the Theia backend. But throws an error and notifies the client. (Currently, we just silently wait at the backend.)
  • We cannot store username/password on the backend. It is stateless.
  • Instead, we should prompt a login dialog for the user when we are running in electron (similar to VS Code).
  • Store it in the Browser? Probably, not.
@kittaakos kittaakos added enhancement issues that are enhancements to current functionality - nice to haves git issues related to git electron issues related to the electron target labels Nov 5, 2018
@kittaakos kittaakos self-assigned this Nov 5, 2018
@kittaakos
Copy link
Contributor Author

Cases to support:

  • The client has already configured Git, credential.helper is set. (Happy path 🎉)
  • The client does not have the credential.helper set.
    • fatal: could not read Username for 'https:': Device not configured
  • The client has the credential.helper incorrectly configured.
  • TBD...

@kittaakos
Copy link
Contributor Author

  • We have to make sure to set GIT_TERMINAL_PROMPT: '0'. This will disable any interactive prompting for the credentials.
  • We have to set HOME: ''. This ensures we do not accidentally read the content of the credential.helper file under ~/ (created by the current user).

kittaakos pushed a commit that referenced this issue Nov 5, 2018
GH-3397: stub
104f356 
Signed-off-by: Akos Kitta <[email protected]>
@kittaakos kittaakos mentioned this issue Nov 6, 2018
Open
kittaakos pushed a commit that referenced this issue Nov 6, 2018
GH-3397: added custom askpass logic
7f9ee3e 
Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 7, 2018
GH-3397: Stub for the interactive Git prompt.
58c229e 
Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 7, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
ea5b78a 
Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
@kittaakos kittaakos mentioned this issue Nov 7, 2018
Merged
4 tasks
kittaakos pushed a commit that referenced this issue Nov 7, 2018
GH-3397: Added missing binding for the tests.
5b27ab3 
Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 7, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
7cfea0b 
Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 8, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
3cca7ef 
Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 8, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
9eb02aa 
If a git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are not stored, re-used.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior in the
browser.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 9, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
c8f9b04 
If a git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are not stored, re-used.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior in the
browser.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 9, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
47ba0d3 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 9, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
4df451e 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 12, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
97217c7 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 13, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
4fd952c 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 13, 2018
GH-3397: Switched from a named pipes server to an HTTP server.
7b4b2e6 
Named pipes are not supported by `cluster` workers.
So the communicating between the Theia backend
and the `GIT_ASKPASS` process is pure HTTP.

TODO: squash me if this is sufficient on Windows too.
XXX: still prompts to the backend console if **not** in debug mode.
Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 13, 2018
GH-3397: Fixed the prompt issue when runnig in "production" mode.
5c31c51 
Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 13, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
112fd02 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Nov 19, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
67fabac 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Dec 3, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
0c747fb 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Dec 4, 2018
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
84cb36d 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
kittaakos pushed a commit that referenced this issue Dec 4, 2018
@kittaakos
GH-3397: Implemented the HTTP-based authentication for Git in Electron.
d40e3dd 
If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: #3397

Signed-off-by: Akos Kitta <[email protected]>
@kittaakos kittaakos mentioned this issue Dec 5, 2018
Closed
bogthe pushed a commit to ARMmbed/theia that referenced this issue Jan 21, 2019
eclipse-theiaGH-3397: Implemented the HTTP-based authentication for G…
f51f105 
…it in Electron.

If a Git operation (fetch, pull, merge, ...) requires authentication,
the Theia backend will ask the frontend for the username and password.

User credentials are neither stored nor reused.

In electron, if a Git operation fails due to authentication, we
report it back to the user. This PR does not change the behavior of the
browser-based application.

Closes: eclipse-theia#3397

Signed-off-by: Akos Kitta <[email protected]>
Signed-off-by: Bogdan Stolojan <[email protected]>
@kittaakos kittaakos mentioned this issue Jun 6, 2019
Closed
@gorkem gorkem mentioned this issue Sep 3, 2019
Closed
@jeluard jeluard mentioned this issue Mar 15, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kittaakos kittaakos

Labels
electron issues related to the electron target enhancement issues that are enhancements to current functionality - nice to haves git issues related to git
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kittaakos