From 8c5cd0b7e51ef1e2508e31ded45d616939f35045 Mon Sep 17 00:00:00 2001
From: Fabian Henneke <FabianHenneke@users.noreply.github.com>
Date: Thu, 27 Aug 2020 12:13:55 +0200
Subject: Remember HTTPS password throughout a sync operation (#1062)

* Remember HTTPS password throughout a sync operation

* Add CHANGELOG.md entry

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
(cherry picked from commit cba0bc2b29c0f30f6d55c0a43010d7557c89bed9)
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
---
 CHANGELOG.md                                            |  4 ++++
 .../com/zeapo/pwdstore/git/operation/GitOperation.kt    | 17 ++++++++++++++---
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6a8ad43b..461f7fb8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Fixed
+
+-   Delete stored HTTPS password on connection errors (such as failed authentication)
+
 ## [1.11.2] - 2020-08-24
 
 ### Fixed
diff --git a/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt b/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
index 62d6879c..dc768a6e 100644
--- a/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt
@@ -51,7 +51,9 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
     protected val git = Git(repository)
     protected val remoteBranch = GitSettings.branch
 
-    private class PasswordFinderCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+    private class HttpsCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+
+        private var cachedPassword: CharArray? = null
 
         override fun isInteractive() = true
 
@@ -59,7 +61,11 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
             for (item in items) {
                 when (item) {
                     is CredentialItem.Username -> item.value = uri?.user
-                    is CredentialItem.Password -> item.value = passwordFinder.reqPassword(null)
+                    is CredentialItem.Password -> {
+                        item.value = cachedPassword?.clone() ?: passwordFinder.reqPassword(null).also {
+                            cachedPassword = it.clone()
+                        }
+                    }
                     else -> UnsupportedCredentialItem(uri, item.javaClass.name)
                 }
             }
@@ -69,12 +75,17 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
         override fun supports(vararg items: CredentialItem) = items.all {
             it is CredentialItem.Username || it is CredentialItem.Password
         }
+
+        override fun reset(uri: URIish?) {
+            cachedPassword?.fill(0.toChar())
+            cachedPassword = null
+        }
     }
 
     private fun withPasswordAuthentication(passwordFinder: InteractivePasswordFinder): GitOperation {
         val sessionFactory = SshjSessionFactory(SshAuthData.Password(passwordFinder), hostKeyFile)
         SshSessionFactory.setInstance(sessionFactory)
-        this.provider = PasswordFinderCredentialsProvider(passwordFinder)
+        this.provider = HttpsCredentialsProvider(passwordFinder)
         return this
     }
 
-- 
cgit v1.2.3