Remember HTTPS password throughout a sync operation (#1062)

* Remember HTTPS password throughout a sync operation * Add CHANGELOG.md entry Co-authored-by: Harsh Shandilya <me@msfjarvis.dev> (cherry picked from commit cba0bc2b29) Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
2020-08-27 12:13:55 +02:00 · 2020-08-27 12:13:55 +02:00 · 8c5cd0b7e5
commit 8c5cd0b7e5
parent 4a4e48dc34
2 changed files with 18 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.

 ## [Unreleased]

+### Fixed
+
+-   Delete stored HTTPS password on connection errors (such as failed authentication)
+
 ## [1.11.2] - 2020-08-24

 ### Fixed
--- a/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
@ -51,7 +51,9 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
    protected val git = Git(repository)
    protected val remoteBranch = GitSettings.branch

-    private class PasswordFinderCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+    private class HttpsCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+
+        private var cachedPassword: CharArray? = null

        override fun isInteractive() = true

@ -59,7 +61,11 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
            for (item in items) {
                when (item) {
                    is CredentialItem.Username -> item.value = uri?.user
-                    is CredentialItem.Password -> item.value = passwordFinder.reqPassword(null)
+                    is CredentialItem.Password -> {
+                        item.value = cachedPassword?.clone() ?: passwordFinder.reqPassword(null).also {
+                            cachedPassword = it.clone()
+                        }
+                    }
                    else -> UnsupportedCredentialItem(uri, item.javaClass.name)
                }
            }
@ -69,12 +75,17 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
        override fun supports(vararg items: CredentialItem) = items.all {
            it is CredentialItem.Username || it is CredentialItem.Password
        }
+
+        override fun reset(uri: URIish?) {
+            cachedPassword?.fill(0.toChar())
+            cachedPassword = null
+        }
    }

    private fun withPasswordAuthentication(passwordFinder: InteractivePasswordFinder): GitOperation {
        val sessionFactory = SshjSessionFactory(SshAuthData.Password(passwordFinder), hostKeyFile)
        SshSessionFactory.setInstance(sessionFactory)
-        this.provider = PasswordFinderCredentialsProvider(passwordFinder)
+        this.provider = HttpsCredentialsProvider(passwordFinder)
        return this
    }