diff options
| author | Aaron Plattner <aplattner@nvidia.com> | 2024-06-06 20:35:16 +0200 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2024-06-06 20:42:40 +0200 |
| commit | 27db485c34392df4fe6fbaf57a43f15bd7bf4a36 (patch) | |
| tree | e34f435ed0910a546c30d338f00e744dba0897de /alloc.h | |
| parent | credential: add method for querying capabilities (diff) | |
| download | git-27db485c34392df4fe6fbaf57a43f15bd7bf4a36.tar.xz git-27db485c34392df4fe6fbaf57a43f15bd7bf4a36.zip | |
credential: clear expired c->credential, unify secret clearing
When a struct credential expires, credential_fill() clears c->password
so that clients don't try to use it later. However, a struct cred that
uses an alternate authtype won't have a password, but might have a
credential stored in c->credential.
This is a problem, for example, when an OAuth2 bearer token is used. In
the system I'm using, the OAuth2 configuration generates and caches a
bearer token that is valid for an hour. After the token expires, git
needs to call back into the credential helper to use a stored refresh
token to get a new bearer token. But if c->credential is still non-NULL,
git will instead try to use the expired token and fail with an error:
fatal: Authentication failed for 'https://<oauth2-enabled-server>/repository'
And on the server:
[auth_openidc:error] [client <ip>:34012] oidc_proto_validate_exp: "exp" validation failure (1717522989): JWT expired 224 seconds ago
Fix this by clearing both c->password and c->credential for an expired
struct credential. While we're at it, use credential_clear_secrets()
wherever both c->password and c->credential are being cleared.
Update comments in credential.h to mention the new struct fields.
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'alloc.h')
0 files changed, 0 insertions, 0 deletions