Add a GTCred wrapper. #254
Conversation
|
Heh, looks like it's in fact |
|
I'm looking for a way to clone a git repo with authentication ( ssh or https would work ). I'm assuming that is your goal here. How are you planning to implement the authenticated call? Will you be able to add username and password params to the clone call? |
ghost
assigned 
| // A typedef block for the various methods that require authentication | ||
| typedef GTCred *(^GTCredBlock)(GTCredentialType allowedTypes, NSString *URL, NSString *username); | ||
|
|
||
| @interface GTCred : NSObject |
There was a problem hiding this comment.
How about GTCredential? That's more consistent with NSURLCredential and Cocoa's verbosity.
There was a problem hiding this comment.
Agreed, will change it to GTCredential. I just got thrown of by libgit2's name for it ;-).
|
What's the issue with using libssh? It can be installed via Homebrew, and #250 is adding it for iOS. |
|
I'm sure I'm missing something, but I added "support" for libssh2 in #200, which was reverted because it broke CI. True, I never asked if the breakage was due to the iOS build or the OS X. But if libssh2 is now expected to be a "hard" dependency, then there's no issue anymore, and I just need to find some time to understand the 3rd auth type and why it's passing LIBSSH2_SESSION around (there's a reason for that, but right now it's out of my reach). |
Conflicts: External/Configuration External/libgit2 External/openssl
|
@tiennou I think I've fixed all the libssh2 build issues on master, if you wanna merge it in and give that a shot. |
|
🍯 I added a GTCredentialProvider, in fact I like the idea ;-). I just made the default "implementation" wrap the old block API I had (for easy I-don't-want-to-subclass uses). I won't say more, I expect the documentation to do it for me ;-). Feel free to point out discrepancies, missing/unclear information. Also I asked on SO about the |
This takes paths to key files, not actual key data.
That `GIT_SSH` define is needed in the project to make both `LIBSSH_SESSION` and the correct typedef for `git_cred_sign_callback` visible. I do think it's a quirk of libgit2 though...
|
This more or less depends on libgit2/libgit2#1851 and libgit2/libgit2#1853 now (less on 1851, more on 1853 ;-)). I also made sufficient (I hope) research to implement the 3rd method, so it's now documented. I've built a basic clone app for that, so if there's interest in that, maybe I can put in in some |
| __unsafe_unretained GTCredentialProvider *credProvider; | ||
| } GTCredentialAcquireCallbackInfo; | ||
|
|
||
| int GTCredentialAcquireCallback(git_cred **cred, const char *url, const char *username_from_url, unsigned int allowed_types, void *payload); |
There was a problem hiding this comment.
This can be done with a method on GTCredentialProvider now.
There was a problem hiding this comment.
Huh ? That's the C trampoline that calls GTCredentialProvider, so no, I can't do that. You're supposed to pass it to libgit2 APIs that take a git_cred_aquire_cb (as in the fetch example I've given above).
There was a problem hiding this comment.
Ah, sorry, you're right.
| NSParameterAssert(privateKeyURL != nil); | ||
| NSString *publicKeyPath = publicKeyURL.filePathURL.path; | ||
| NSString *privateKeyPath = privateKeyURL.filePathURL.path; | ||
| NSAssert(privateKeyPath != nil, @"Invalid file URL passed: %@", privateKeyURL); |
There was a problem hiding this comment.
This should probably be an NSError, not an assertion (e.g., in case the path/URL is user-provided).
There was a problem hiding this comment.
I see two problems ;-). Maybe it's better to assert because it forces the developer to validate the path before blindly giving it to us (it's gonna get used while the operation is in progress, which means a network operation that is doomed to fail if you don't check before. The other problem is that our current NSError machinery isn't really adapted to non-libgit2 errors (yet ;-)).
Also, this assert merely checks that the user isn't passing anything else than a file:// URL in there (I'm asserting for nil just above, but we require a local path in there).
There was a problem hiding this comment.
About the "yet" part, would you prefer me to rename the category and make it our own GTError ? I don't plan on having any instance methods in there, just the current class methods less the git_ prefix. It's just that I find the category to be a bother, and git_errorForGitError: sounds a little too much git ;-).
There was a problem hiding this comment.
This is fine for now, I guess. Your points about validation are good.
|
🍊 |
Conflicts: Classes/Categories/NSError+Git.m
Else test building fails on the <libssh2.h> include.
|
📗 |
| typedef GTCredential *(^GTCredentialProviderBlock)(GTCredentialType allowedTypes, NSString *URL, NSString *userName); | ||
|
|
||
| @interface GTCredentialProvider () | ||
| @property (nonatomic, readonly) GTCredentialProviderBlock credBlock; |
There was a problem hiding this comment.
This should still be copy to indicate its implemented semantics.
|
📘 |
|
🚗 |
|
|
Add a GTCred wrapper.
This adds support to
libgit2cred.hAPI in advance of #224 and #252 (and push when the time comes). I'll obviously massage #224 to use it, and @isaac if you have the will (and time) to do the same with #252, that's cool, otherwise it can wait for another PR.It feels more or less ready except for :
LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNCinlibssh2, I just, like, shivered in fear when I saw the LIBSSH2_SESSION parameter. That parameter means that iflibgit2ever asks for aGIT_CREDTYPE_SSH_PUBLICKEYauth type, we have to traverse layers of C-code to get to the SSH layer and back again. As my experience with thelibgit2code is minimal, it will take some time for me to see if there's a general solution.