git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: "M Hickford via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: "Johannes Schindelin [ ]" <Johannes.Schindelin@gmx.de>,
	"Johannes Sixt [ ]" <j6t@kdbg.org>,
	"Harshil Jani [ ]" <harshiljani2002@gmail.com>,
	"Jakub Bereżański" <kuba@berezanscy.pl>,
	"Karsten Blees" <blees@dcon.de>,
	"Erik Faye-Lund" <kusmabite@gmail.com>,
	"Javier Roucher Iglesias"
	<Javier.Roucher-Iglesias@ensimag.imag.fr>,
	"M Hickford" <mirth.hickford@gmail.com>,
	"M Hickford" <mirth.hickford@gmail.com>
Subject: [PATCH v3] credential/wincred: store password_expiry_utc
Date: Mon, 03 Apr 2023 07:47:07 +0000	[thread overview]
Message-ID: <pull.1477.v3.git.git.1680508028077.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1477.v2.git.git.1680200278780.gitgitgadget@gmail.com>

From: M Hickford <mirth.hickford@gmail.com>

This attribute is important when storing OAuth credentials which may
expire after as little as one hour. d208bfdf (credential: new attribute
password_expiry_utc, 2023-02-18) added support for this attribute in
general so that individual credential backend like wincred can use it.

Signed-off-by: M Hickford <mirth.hickford@gmail.com>
---
    credential/wincred: store password_expiry_utc
    
    Windows users can test with the following commands:
    
    cd contrib/credential/wincred/ make printf
    'host=example.com\nprotocol=https\nusername=tim\npassword=xyzzy\npassword_expiry_utc=2000\n'
    | ./git-credential-wincred.exe store printf
    'host=example.com\nprotocol=https\n' | ./git-credential-wincred.exe get

Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1477%2Fhickford%2Fwincred-expiry-v3
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1477/hickford/wincred-expiry-v3
Pull-Request: https://github.com/git/git/pull/1477

Range-diff vs v2:

 1:  51a9039bd15 ! 1:  d2dff063eb4 credential/wincred: store password_expiry_utc
     @@ Commit message
          credential/wincred: store password_expiry_utc
      
          This attribute is important when storing OAuth credentials which may
     -    expire after as little as one hour. See
     -    https://github.com/git/git/commit/d208bfdfef97a1e8fb746763b5057e0ad91e283b
     +    expire after as little as one hour. d208bfdf (credential: new attribute
     +    password_expiry_utc, 2023-02-18) added support for this attribute in
     +    general so that individual credential backend like wincred can use it.
      
          Signed-off-by: M Hickford <mirth.hickford@gmail.com>
      


 .../wincred/git-credential-wincred.c          | 25 +++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/contrib/credential/wincred/git-credential-wincred.c b/contrib/credential/wincred/git-credential-wincred.c
index ead6e267c78..7b4e7fae675 100644
--- a/contrib/credential/wincred/git-credential-wincred.c
+++ b/contrib/credential/wincred/git-credential-wincred.c
@@ -91,7 +91,8 @@ static void load_cred_funcs(void)
 		die("failed to load functions");
 }
 
-static WCHAR *wusername, *password, *protocol, *host, *path, target[1024];
+static WCHAR *wusername, *password, *protocol, *host, *path, target[1024],
+	*password_expiry_utc;
 
 static void write_item(const char *what, LPCWSTR wbuf, int wlen)
 {
@@ -183,6 +184,7 @@ static void get_credential(void)
 	CREDENTIALW **creds;
 	DWORD num_creds;
 	int i;
+	CREDENTIAL_ATTRIBUTEW *attr;
 
 	if (!CredEnumerateW(L"git:*", 0, &num_creds, &creds))
 		return;
@@ -195,6 +197,14 @@ static void get_credential(void)
 			write_item("password",
 				(LPCWSTR)creds[i]->CredentialBlob,
 				creds[i]->CredentialBlobSize / sizeof(WCHAR));
+			for (int j = 0; j < creds[i]->AttributeCount; j++) {
+				attr = creds[i]->Attributes + j;
+				if (!wcscmp(attr->Keyword, L"git_password_expiry_utc")) {
+					write_item("password_expiry_utc", (LPCWSTR)attr->Value,
+					attr->ValueSize / sizeof(WCHAR));
+					break;
+				}
+			}
 			break;
 		}
 
@@ -204,6 +214,7 @@ static void get_credential(void)
 static void store_credential(void)
 {
 	CREDENTIALW cred;
+	CREDENTIAL_ATTRIBUTEW expiry_attr;
 
 	if (!wusername || !password)
 		return;
@@ -217,6 +228,14 @@ static void store_credential(void)
 	cred.Persist = CRED_PERSIST_LOCAL_MACHINE;
 	cred.AttributeCount = 0;
 	cred.Attributes = NULL;
+	if (password_expiry_utc != NULL) {
+		expiry_attr.Keyword = L"git_password_expiry_utc";
+		expiry_attr.Value = (LPVOID)password_expiry_utc;
+		expiry_attr.ValueSize = (wcslen(password_expiry_utc)) * sizeof(WCHAR);
+		expiry_attr.Flags = 0;
+		cred.Attributes = &expiry_attr;
+		cred.AttributeCount = 1;
+	}
 	cred.TargetAlias = NULL;
 	cred.UserName = wusername;
 
@@ -278,6 +297,8 @@ static void read_credential(void)
 			wusername = utf8_to_utf16_dup(v);
 		} else if (!strcmp(buf, "password"))
 			password = utf8_to_utf16_dup(v);
+		else if (!strcmp(buf, "password_expiry_utc"))
+			password_expiry_utc = utf8_to_utf16_dup(v);
 		/*
 		 * Ignore other lines; we don't know what they mean, but
 		 * this future-proofs us when later versions of git do
@@ -292,7 +313,7 @@ int main(int argc, char *argv[])
 	    "usage: git credential-wincred <get|store|erase>\n";
 
 	if (!argv[1])
-		die(usage);
+		die("%s", usage);
 
 	/* git use binary pipes to avoid CRLF-issues */
 	_setmode(_fileno(stdin), _O_BINARY);

base-commit: 8d90352acc5c855620042fdcc6092f23a276af6d
-- 
gitgitgadget

      parent reply	other threads:[~2023-04-03  7:47 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-25  7:39 [PATCH] credential/wincred: store password_expiry_utc M Hickford via GitGitGadget
2023-03-28 12:14 ` Johannes Schindelin
2023-03-30  5:50   ` M Hickford
2023-05-01 22:25     ` Junio C Hamano
2023-05-02  9:38       ` M Hickford
2023-05-02 17:43       ` Johannes Sixt
2023-05-02 18:16         ` Felipe Contreras
2023-03-30 18:17 ` [PATCH v2] " M Hickford via GitGitGadget
2023-03-30 19:19   ` Junio C Hamano
2023-04-03  7:00     ` M Hickford
2023-04-03  7:47   ` M Hickford via GitGitGadget [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=pull.1477.v3.git.git.1680508028077.gitgitgadget@gmail.com \
    --to=gitgitgadget@gmail.com \
    --cc=Javier.Roucher-Iglesias@ensimag.imag.fr \
    --cc=Johannes.Schindelin@gmx.de \
    --cc=blees@dcon.de \
    --cc=git@vger.kernel.org \
    --cc=harshiljani2002@gmail.com \
    --cc=j6t@kdbg.org \
    --cc=kuba@berezanscy.pl \
    --cc=kusmabite@gmail.com \
    --cc=mirth.hickford@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).