Clone fetch auth

[andrewromanenco]

Extension:

• Password based authentication when clone http(s) repository
• Fetch changes from remote
• Fetch changes from remote with password based authentication

These extensions were developed for this app:
https://github.com/AndrewRomanenco/git.ios

[tiennou]

Use BOOL.

[tiennou]

Since I was working (a little) on this, I was wondering how to handle credentials gracefully (given that SSH adds keys and stuff instead of user/password). I was thinking that having a delegate-based call would be nice (because it would allow us to drop the arguments to the -clone... and - fetch... methods (and -push... when we come around to support it). Also, maybe the low-level fetch machinery would better sit in GTRemote directly (and have GTRepository have a -fetchAllRemotes...call) ?

[andrewromanenco]

Etienne,

Both notes are good.

I'll move fetch code to GTRemote - this makes way more sense.

Will try to implement delegate based approach - which should not be a problem for password based authentication; will check for ssh...

[joshaber]

We've been working hard to make objective-git thread safe and unfortunately this is not. Could you fix that up please?

[andrewromanenco]

actually, my implementation is also not thread safe :(
as for now - I am using it in ios app which is single threaded by design (I mean app allows only one git operation at a time)

after this particular commit will be done, I'll give a try...

[joshaber]

I'll go ahead and stop here as a lot of the notes I made about style apply throughout. You can find a semi-thorough list of conventions at https://github.com/github/objective-c-conventions/blob/master/README.md.

[joshaber]

From how these APIs are used currently, it seems like a block-based API would be more foolproof.

[GTRepository cacheCredentials... withBlock:^{
    // do stuff with them
}];

[andrewromanenco]

agree, will check this out

[tiennou]

I published my branch "for reference" here if you want to take a look (that's obviously unfinished because I needed to go look at libssh2 docs to know what to do with the GIT_CREDTYPE_SSH_PUBLICKEY cred type — that's the point where I stopped working on it actually ;-)).

Please keep in mind the user/pass API won't fit with SSH so it should be general enough.

[andrewromanenco]

Hi

To authenticate our handler has to return git_cred

My understanding is that authentication is build around these helpers:

GIT_EXTERN(int) git_cred_userpass_plaintext_new(
git_cred **out,
const char *username,
const char *password);

GIT_EXTERN(int) git_cred_ssh_keyfile_passphrase_new(
git_cred **out,
const char *publickey,
const char *privatekey,
const char *passphrase);

So we can go this way:
add authentication block handler to pass to clone/fetch
add two (static?) helper function around plaintext and keyfile

When a developer wants to implement authentication: new block handler is created with three options:

1. implement new call back
2. use helper method with username and password
3. use helper method with keyfiles

For the beginning I would leave git_cred type as is (without creating corresponding GTCred class)

[tiennou]

Yes, looks like this would work. I'm not sure about adding more helper functions though, because there are many places where those passwords/keys would be found (Keychain seems an obvious place for both, but there's also GitHub tokens in the config files). Let's say the application knows better and move along ;-).

[andrewromanenco]

ok

[tiennou]

@andrewromanenco Any update on this ? I'm more-or-less waiting on the auth part for push support...

[andrewromanenco]

Hi

will try to finish in next couple of days...

[tiennou]

Then forget about it ;-). I'm actually working on it.

[andrewromanenco]

ok

[jspahrsummers]

@andrewromanenco Thank you for the pull request! Feel free to comment on any part of #224 if there's anything you think was missed there.