cache credentials in memory when doing http basic auth to a git remote

When accessing a git remote over http needs a git credential prompt for a password, cache it for the lifetime of the git-annex process, rather than repeatedly prompting. The git-lfs special remote already caches the credential when discovering the endpoint. And presumably commands like git pull do as well, since they may download multiple urls from a remote. The TMVar CredentialCache is read, so two concurrent calls to getBasicAuthFromCredential will both prompt for a credential. There would already be two concurrent password prompts in such a case, and existing uses of `prompt` probably avoid it. Anyway, it's no worse than before.
2022-09-09 13:53:38 -04:00 · 2022-09-09 13:53:38 -04:00 · 9621beabc4
commit 9621beabc4
parent adb2f5cc00
5 changed files with 96 additions and 14 deletions
--- a/Annex/Url.hs
+++ b/Annex/Url.hs
@ -152,9 +152,10 @@ withUrlOptionsPromptingCreds a = do
 	g <- Annex.gitRepo
 	uo <- getUrlOptions
 	prompter <- mkPrompter
+	cc <- Annex.getRead Annex.gitcredentialcache
 	a $ uo
 		{ U.getBasicAuth = \u -> prompter $
-			getBasicAuthFromCredential g u
+			getBasicAuthFromCredential g cc u
 		-- Can't download with curl and handle basic auth,
 		-- so make sure it uses conduit.
 		, U.urlDownloader = case U.urlDownloader uo of