Deepak Patankar <patankardeepak04@xxxxxxxxx> writes: > I am writing an application in which we will support git integration. > The user will provide us with his/her git credentials so that we can > push some files on his git. The git credentials which user will supply > can be > > HTTP (Username and Password/ Kerberos) > SSH > > Before saving the user credentials I want to validate that the > credentials entered is valid. It obviously depends on the remote side, but a relatively safe thing to try is to run things like "ls-remote" or "push --dry-run" that will not cause any actual damage against the remote, and see if your authentication fail. But you might be asking a XY question. I would expect that any reasonable application that manages authentication material for the user and drives "git fetch" and "git push" would act as a credential helper and uses the credential protocol to talk to Git, so it will learn an authentication failure upon the first use, at which point it has the chance to drop the authentication material it obtained earlier and ask the user for the corrected one---there is no need for the application to see if the authentication material is correct before the user does anything else. > The user might be using GithHub/BitBucket/GitLab. I am trying to find > some git command which I can use to validate the credentials. Can you > please point me to some command/logic which I can try? > > What I have tried? > I tried git ls-remote command, but it requires the repo name/url. In > one of our use case, the user won't specify the repository name > beforehand. Because of which I am not able to use this command. This assumes there always is a single authentication material regardless of the URL, which is probably not a good security posture to encourage the users to adopt.
