Remember HTTPS password throughout a sync operation (#1062)

* Remember HTTPS password throughout a sync operation * Add CHANGELOG.md entry Co-authored-by: Harsh Shandilya <me@msfjarvis.dev> (cherry picked from commit cba0bc2b29c0f30f6d55c0a43010d7557c89bed9) Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
author: Fabian Henneke <FabianHenneke@users.noreply.github.com> 2020-08-27 12:13:55 +0200
committer: Harsh Shandilya <me@msfjarvis.dev> 2020-08-27 17:36:13 +0530
commit: 8c5cd0b7e51ef1e2508e31ded45d616939f35045 (patch)
tree: c5aaa99a4eadf106f5a75dfe5de5a4ff740337cf
parent: 4a4e48dc345cd6110313774b15692e1bd8cceae9 (diff)
2 files changed, 18 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6a8ad43b..461f7fb8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Fixed
+
+-   Delete stored HTTPS password on connection errors (such as failed authentication)
+
 ## [1.11.2] - 2020-08-24
 
 ### Fixed
diff --git a/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt b/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
index 62d6879c..dc768a6e 100644
--- a/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
@@ -51,7 +51,9 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
     protected val git = Git(repository)
     protected val remoteBranch = GitSettings.branch
 
-    private class PasswordFinderCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+    private class HttpsCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+
+        private var cachedPassword: CharArray? = null
 
         override fun isInteractive() = true
 
@@ -59,7 +61,11 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
             for (item in items) {
                 when (item) {
                     is CredentialItem.Username -> item.value = uri?.user
-                    is CredentialItem.Password -> item.value = passwordFinder.reqPassword(null)
+                    is CredentialItem.Password -> {
+                        item.value = cachedPassword?.clone() ?: passwordFinder.reqPassword(null).also {
+                            cachedPassword = it.clone()
+                        }
+                    }
                     else -> UnsupportedCredentialItem(uri, item.javaClass.name)
                 }
             }
@@ -69,12 +75,17 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
         override fun supports(vararg items: CredentialItem) = items.all {
             it is CredentialItem.Username || it is CredentialItem.Password
         }
+
+        override fun reset(uri: URIish?) {
+            cachedPassword?.fill(0.toChar())
+            cachedPassword = null
+        }
     }
 
     private fun withPasswordAuthentication(passwordFinder: InteractivePasswordFinder): GitOperation {
         val sessionFactory = SshjSessionFactory(SshAuthData.Password(passwordFinder), hostKeyFile)
         SshSessionFactory.setInstance(sessionFactory)
-        this.provider = PasswordFinderCredentialsProvider(passwordFinder)
+        this.provider = HttpsCredentialsProvider(passwordFinder)
         return this
     }
author	Fabian Henneke <FabianHenneke@users.noreply.github.com>	2020-08-27 12:13:55 +0200
committer	Harsh Shandilya <me@msfjarvis.dev>	2020-08-27 17:36:13 +0530
commit	8c5cd0b7e51ef1e2508e31ded45d616939f35045 (patch)
tree	c5aaa99a4eadf106f5a75dfe5de5a4ff740337cf
parent	4a4e48dc345cd6110313774b15692e1bd8cceae9 (diff)