3 test_description='basic credential helper tests'
5 . "$TEST_DIRECTORY"/lib-credential.sh
7 test_expect_success 'setup helper scripts' '
9 whoami=$(echo $0 | sed s/.*git-credential-//)
10 echo >&2 "$whoami: $*"
13 while read key value; do
14 echo >&2 "$whoami: $key=$value"
20 write_script git-credential-useless <<-\EOF &&
25 write_script git-credential-quit <<-\EOF &&
30 write_script git-credential-verbatim <<-\EOF &&
34 test -z "$user" || echo username=$user
35 test -z "$pass" || echo password=$pass
41 test_expect_success 'credential_fill invokes helper' '
42 check fill "verbatim foo bar" <<-\EOF
52 verbatim: protocol=http
53 verbatim: host=example.com
57 test_expect_success 'credential_fill invokes multiple helpers' '
58 check fill useless "verbatim foo bar" <<-\EOF
68 useless: protocol=http
69 useless: host=example.com
71 verbatim: protocol=http
72 verbatim: host=example.com
76 test_expect_success 'credential_fill stops when we get a full response' '
77 check fill "verbatim one two" "verbatim three four" <<-\EOF
87 verbatim: protocol=http
88 verbatim: host=example.com
92 test_expect_success 'credential_fill continues through partial response' '
93 check fill "verbatim one \"\"" "verbatim two three" <<-\EOF
103 verbatim: protocol=http
104 verbatim: host=example.com
106 verbatim: protocol=http
107 verbatim: host=example.com
108 verbatim: username=one
112 test_expect_success 'credential_fill passes along metadata' '
113 check fill "verbatim one two" <<-\EOF
125 verbatim: protocol=ftp
126 verbatim: host=example.com
127 verbatim: path=foo.git
131 test_expect_success 'credential_approve calls all helpers' '
132 check approve useless "verbatim one two" <<-\EOF
140 useless: protocol=http
141 useless: host=example.com
142 useless: username=foo
143 useless: password=bar
145 verbatim: protocol=http
146 verbatim: host=example.com
147 verbatim: username=foo
148 verbatim: password=bar
152 test_expect_success 'do not bother storing password-less credential' '
153 check approve useless <<-\EOF
163 test_expect_success 'credential_reject calls all helpers' '
164 check reject useless "verbatim one two" <<-\EOF
172 useless: protocol=http
173 useless: host=example.com
174 useless: username=foo
175 useless: password=bar
177 verbatim: protocol=http
178 verbatim: host=example.com
179 verbatim: username=foo
180 verbatim: password=bar
184 test_expect_success 'usernames can be preserved' '
185 check fill "verbatim \"\" three" <<-\EOF
196 verbatim: protocol=http
197 verbatim: host=example.com
198 verbatim: username=one
202 test_expect_success 'usernames can be overridden' '
203 check fill "verbatim two three" <<-\EOF
214 verbatim: protocol=http
215 verbatim: host=example.com
216 verbatim: username=one
220 test_expect_success 'do not bother completing already-full credential' '
221 check fill "verbatim three four" <<-\EOF
235 # We can't test the basic terminal password prompt here because
236 # getpass() tries too hard to find the real terminal. But if our
237 # askpass helper is run, we know the internal getpass is working.
238 test_expect_success 'empty helper list falls back to internal getpass' '
245 username=askpass-username
246 password=askpass-password
248 askpass: Username for '\''http://example.com'\'':
249 askpass: Password for '\''http://askpass-username@example.com'\'':
253 test_expect_success 'internal getpass does not ask for known username' '
262 password=askpass-password
264 askpass: Password for '\''http://foo@example.com'\'':
273 test_expect_success 'respect configured credentials' '
274 test_config credential.helper "$HELPER" &&
287 test_expect_success 'match configured credential' '
288 test_config credential.https://example.com.helper "$HELPER" &&
302 test_expect_success 'do not match configured credential' '
303 test_config credential.https://foo.helper "$HELPER" &&
310 username=askpass-username
311 password=askpass-password
313 askpass: Username for '\''https://bar'\'':
314 askpass: Password for '\''https://askpass-username@bar'\'':
318 test_expect_success 'match multiple configured helpers' '
319 test_config credential.helper "verbatim \"\" \"\"" &&
320 test_config credential.https://example.com.helper "$HELPER" &&
332 verbatim: protocol=https
333 verbatim: host=example.com
337 test_expect_success 'match multiple configured helpers with URLs' '
338 test_config credential.https://example.com/repo.git.helper "verbatim \"\" \"\"" &&
339 test_config credential.https://example.com.helper "$HELPER" &&
351 verbatim: protocol=https
352 verbatim: host=example.com
356 test_expect_success 'match percent-encoded values' '
357 test_config credential.https://example.com/%2566.git.helper "$HELPER" &&
359 url=https://example.com/%2566.git
369 test_expect_success 'pull username from config' '
370 test_config credential.https://example.com.username foo &&
378 password=askpass-password
380 askpass: Password for '\''https://foo@example.com'\'':
384 test_expect_success 'honors username from URL over helper (URL)' '
385 test_config credential.https://example.com.username bob &&
386 test_config credential.https://example.com.helper "verbatim \"\" bar" &&
388 url=https://alice@example.com
396 verbatim: protocol=https
397 verbatim: host=example.com
398 verbatim: username=alice
402 test_expect_success 'honors username from URL over helper (components)' '
403 test_config credential.https://example.com.username bob &&
404 test_config credential.https://example.com.helper "verbatim \"\" bar" &&
416 verbatim: protocol=https
417 verbatim: host=example.com
418 verbatim: username=alice
422 test_expect_success 'last matching username wins' '
423 test_config credential.https://example.com/path.git.username bob &&
424 test_config credential.https://example.com.username alice &&
425 test_config credential.https://example.com.helper "verbatim \"\" bar" &&
427 url=https://example.com/path.git
435 verbatim: protocol=https
436 verbatim: host=example.com
437 verbatim: username=alice
441 test_expect_success 'http paths can be part of context' '
442 check fill "verbatim foo bar" <<-\EOF &&
453 verbatim: protocol=https
454 verbatim: host=example.com
456 test_config credential.https://example.com.useHttpPath true &&
457 check fill "verbatim foo bar" <<-\EOF
469 verbatim: protocol=https
470 verbatim: host=example.com
471 verbatim: path=foo.git
475 test_expect_success 'context uses urlmatch' '
476 test_config "credential.https://*.org.useHttpPath" true &&
477 check fill "verbatim foo bar" <<-\EOF
489 verbatim: protocol=https
490 verbatim: host=example.org
491 verbatim: path=foo.git
495 test_expect_success 'helpers can abort the process' '
497 -c credential.helper=quit \
498 -c credential.helper="verbatim foo bar" \
499 credential fill >stdout 2>stderr <<-\EOF &&
503 test_must_be_empty stdout &&
504 cat >expect <<-\EOF &&
507 quit: host=example.com
508 fatal: credential helper '\''quit'\'' told us to quit
510 test_i18ncmp expect stderr
513 test_expect_success 'empty helper spec resets helper list' '
514 test_config credential.helper "verbatim file file" &&
515 check fill "" "verbatim cmdline cmdline" <<-\EOF
525 verbatim: protocol=http
526 verbatim: host=example.com
530 test_expect_success 'url parser rejects embedded newlines' '
531 test_must_fail git credential fill 2>stderr <<-\EOF &&
532 url=https://one.example.com?%0ahost=two.example.com/
534 cat >expect <<-\EOF &&
535 warning: url contains a newline in its path component: https://one.example.com?%0ahost=two.example.com/
536 fatal: credential url cannot be parsed: https://one.example.com?%0ahost=two.example.com/
538 test_i18ncmp expect stderr
541 test_expect_success 'host-less URLs are parsed as empty host' '
542 check fill "verbatim foo bar" <<-\EOF
543 url=cert:///path/to/cert.pem
547 path=path/to/cert.pem
552 verbatim: protocol=cert
554 verbatim: path=path/to/cert.pem
558 test_expect_success 'credential system refuses to work with missing host' '
559 test_must_fail git credential fill 2>stderr <<-\EOF &&
562 cat >expect <<-\EOF &&
563 fatal: refusing to work with credential missing host field
565 test_i18ncmp expect stderr
568 test_expect_success 'credential system refuses to work with missing protocol' '
569 test_must_fail git credential fill 2>stderr <<-\EOF &&
572 cat >expect <<-\EOF &&
573 fatal: refusing to work with credential missing protocol field
575 test_i18ncmp expect stderr
578 # usage: check_host_and_path <url> <expected-host> <expected-path>
579 check_host_and_path () {
580 # we always parse the path component, but we need this to make sure it
581 # is passed to the helper
582 test_config credential.useHTTPPath true &&
583 check fill "verbatim user pass" <<-EOF
593 verbatim: protocol=https
599 test_expect_success 'url parser handles bare query marker' '
600 check_host_and_path https://example.com?foo.git example.com ?foo.git
603 test_expect_success 'url parser handles bare fragment marker' '
604 check_host_and_path https://example.com#foo.git example.com "#foo.git"
607 test_expect_success 'url parser not confused by encoded markers' '
608 check_host_and_path https://example.com%23%3f%2f/foo.git \
609 "example.com#?/" foo.git
projects / git / blob